Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/1ajLuoPYgP28RE9_MgUpWRJ42i4.roa
File:                     1ajLuoPYgP28RE9_MgUpWRJ42i4.roa (raw, json)
Hash identifier:          eB6QWYFC3H4XDZaXw5WtXBCgfiDMfQfpkzAll7rIvMA=
Subject key identifier:   D5:A8:CB:BA:83:D8:80:FD:BC:44:4F:7F:32:05:29:59:12:78:DA:2E
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       018CE484F6EC8C89C2D5B79442321CA249F9
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/1ajLuoPYgP28RE9_MgUpWRJ42i4.roa
Signing time:             Sun 07 Jan 2024 15:22:48 +0000
ROA not before:           Sun 07 Jan 2024 15:22:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        94.154.42.0/24 maxlen: 24
                          94.154.41.0/24 maxlen: 24
                          94.154.44.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Jan 2024 15:41:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e4:84:f6:ec:8c:89:c2:d5:b7:94:42:32:1c:a2:49:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Jan  7 15:22:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d5a8cbba83d880fdbc444f7f320529591278da2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:ba:81:30:08:cb:f7:7f:40:01:13:24:9c:9e:
                    02:f4:6b:2d:63:4c:9e:31:6c:8e:52:56:7a:cd:a1:
                    5a:d9:77:e4:3c:07:84:e4:24:62:20:84:e5:0d:d5:
                    74:5d:e1:cb:6d:01:e5:67:42:56:c9:40:d0:a0:58:
                    37:40:36:e2:bc:ac:5a:da:00:76:f8:0e:bb:25:be:
                    33:03:89:5d:c6:ad:ab:73:78:7c:84:d7:ed:f8:e2:
                    b2:a2:ad:e8:1c:63:9d:d2:e1:6a:1a:91:e8:61:3d:
                    d4:d8:ad:27:9c:65:a5:2c:7f:84:ea:7d:35:08:74:
                    db:d3:78:d9:a5:90:91:d1:3e:4d:60:dd:f7:df:78:
                    cf:ba:51:86:c5:ac:e8:4a:85:d6:a7:85:04:4c:5f:
                    6f:b4:98:64:95:50:8f:44:ea:51:c2:9c:f6:bf:4d:
                    42:77:b4:ac:65:24:38:fd:5e:1d:58:7c:30:6b:ac:
                    db:12:06:5b:74:d0:43:1c:d9:f0:24:eb:92:5f:de:
                    33:68:34:30:dd:43:eb:83:a6:39:b2:84:3d:85:78:
                    ca:82:4a:3e:21:61:9d:f1:a5:72:01:c6:3c:1b:f3:
                    3f:d5:1b:95:a3:e7:7f:76:c2:d9:35:e6:36:ca:67:
                    7a:2a:8a:cf:50:de:49:9d:2a:73:5e:62:72:a1:e4:
                    b2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:A8:CB:BA:83:D8:80:FD:BC:44:4F:7F:32:05:29:59:12:78:DA:2E
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/1ajLuoPYgP28RE9_MgUpWRJ42i4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.41.0-94.154.42.255
                  94.154.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         66:07:c6:4e:fb:f3:74:4b:f1:75:c1:56:cc:f2:d7:57:e0:2f:
         e2:bc:62:f7:4f:7b:47:08:55:03:25:cd:95:d7:19:c1:25:71:
         d6:ce:af:6f:ca:bb:f9:ff:f5:fb:f4:4d:ae:7d:9a:ce:3e:68:
         d0:7d:db:df:2b:67:8e:e0:6f:14:ff:d4:58:b6:da:6b:76:16:
         e8:fb:bb:54:ac:9b:6a:a0:2f:81:c0:ad:43:72:e4:c9:33:5a:
         6d:19:f2:c8:fb:75:bf:60:a6:be:29:f2:5d:4b:85:34:9c:45:
         4e:2f:7b:ab:aa:23:c6:7d:ac:04:71:96:9d:92:3f:42:96:58:
         45:93:87:58:ea:1e:16:d3:65:5e:6c:11:45:98:52:f1:4b:30:
         45:08:32:07:6a:38:1b:ad:54:2e:b3:5a:b2:40:f7:fa:53:96:
         b2:d0:85:e9:79:6f:dd:fb:3b:a7:c6:a6:66:0a:4b:c4:c0:43:
         c3:e6:f6:10:78:8d:ed:7e:a8:5a:e1:91:b7:1e:66:85:b0:cc:
         b3:d9:cc:15:9d:94:98:df:39:2b:27:5a:92:e7:47:d5:be:c4:
         0b:20:9f:b4:36:90:6f:56:ca:d4:20:8f:ef:e2:12:85:7a:0a:
         2c:f2:23:70:bc:aa:af:87:a8:73:4b:b1:31:bb:66:a4:0c:c1:
         25:95:4a:8d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzkhPbsjInC1beUQjIcokn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMTA3MTUyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWE4Y2JiYTgzZDg4MGZkYmM0NDRmN2YzMjA1Mjk1OTEyNzhkYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLqBMAjL939AARMknJ4C9GstY0ye
MWyOUlZ6zaFa2XfkPAeE5CRiIITlDdV0XeHLbQHlZ0JWyUDQoFg3QDbivKxa2gB2
+A67Jb4zA4ldxq2rc3h8hNft+OKyoq3oHGOd0uFqGpHoYT3U2K0nnGWlLH+E6n01
CHTb03jZpZCR0T5NYN3333jPulGGxazoSoXWp4UETF9vtJhklVCPROpRwpz2v01C
d7SsZSQ4/V4dWHwwa6zbEgZbdNBDHNnwJOuSX94zaDQw3UPrg6Y5soQ9hXjKgko+
IWGd8aVyAcY8G/M/1RuVo+d/dsLZNeY2ymd6KorPUN5JnSpzXmJyoeSyawIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNWoy7qD2ID9vERPfzIFKVkSeNouMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvMWFqTHVvUFlnUDI4UkU5X01nVXBXUko0Mmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABemikD
BABemioDBAFemiwwDQYJKoZIhvcNAQELBQADggEBAGYHxk7783RL8XXBVszy11fg
L+K8YvdPe0cIVQMlzZXXGcElcdbOr2/Ku/n/9fv0Ta59ms4+aNB9298rZ47gbxT/
1Fi22mt2Fuj7u1Ssm2qgL4HArUNy5MkzWm0Z8sj7db9gpr4p8l1LhTScRU4ve6uq
I8Z9rARxlp2SP0KWWEWTh1jqHhbTZV5sEUWYUvFLMEUIMgdqOButVC6zWrJA9/pT
lrLQhel5b937O6fGpmYKS8TAQ8Pm9hB4je1+qFrhkbceZoWwzLPZzBWdlJjfOSsn
WpLnR9W+xAsgn7Q2kG9WytQgj+/iEoV6CizyI3C8qq+HqHNLsTG7ZqQMwSWVSo0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org