Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ivdELwJ48nn3fy0lgvvaoFfBoIQ.roa
File:                     ivdELwJ48nn3fy0lgvvaoFfBoIQ.roa (raw, json)
Hash identifier:          6mazKWTXtkBAhxvzcsV1yscpvIPjvpX7yORhszM21R4=
Subject key identifier:   8A:F7:44:2F:02:78:F2:79:F7:7F:2D:25:82:FB:DA:A0:57:C1:A0:84
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       018CFA6C7492F51C6FC94F12409693D89F93
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ivdELwJ48nn3fy0lgvvaoFfBoIQ.roa
Signing time:             Thu 11 Jan 2024 21:27:40 +0000
ROA not before:           Thu 11 Jan 2024 21:27:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        94.154.42.0/24 maxlen: 24
                          94.154.41.0/24 maxlen: 24
                          94.154.44.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 13:56:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:fa:6c:74:92:f5:1c:6f:c9:4f:12:40:96:93:d8:9f:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Jan 11 21:27:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8af7442f0278f279f77f2d2582fbdaa057c1a084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:04:32:03:49:a6:89:f8:ae:15:f1:c6:ec:61:
                    07:ae:f4:b0:44:8f:85:d3:9a:02:43:fe:13:35:e5:
                    b1:be:38:90:f8:68:4f:25:36:87:6c:3f:9b:78:85:
                    b7:50:fd:3a:92:65:5c:46:2b:76:42:35:f9:e7:55:
                    4d:c9:81:7e:f1:9d:49:cb:23:b6:a8:ef:db:3c:9d:
                    23:cb:98:b7:c5:cd:44:f1:41:cd:12:b2:e0:61:44:
                    70:6a:88:e1:81:56:81:49:94:e2:9e:dc:60:3b:fa:
                    eb:a8:78:9b:95:4b:8d:0d:cd:90:b1:a1:66:e5:65:
                    bb:a8:0a:a7:87:be:84:01:c2:8a:26:e1:5a:97:4d:
                    f9:75:68:89:4a:42:57:d1:0a:da:32:bd:c9:a4:45:
                    f3:3a:75:5d:c3:50:1b:59:53:3c:48:ab:00:8d:32:
                    39:de:62:39:45:2d:3f:29:e1:0c:ed:00:0a:2d:13:
                    fc:67:3c:cc:2a:db:99:3e:c2:f7:08:ed:ff:a9:7f:
                    7d:8d:e6:af:15:55:a5:b1:4a:40:f1:fb:97:ec:dd:
                    eb:17:65:a5:6d:51:46:64:c7:5b:94:3e:34:6e:26:
                    ba:48:48:78:4c:ef:f4:47:5e:b2:77:a7:45:d8:23:
                    55:da:cf:0e:69:df:77:7d:0f:71:7b:40:56:5f:2e:
                    2f:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:F7:44:2F:02:78:F2:79:F7:7F:2D:25:82:FB:DA:A0:57:C1:A0:84
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ivdELwJ48nn3fy0lgvvaoFfBoIQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.41.0-94.154.42.255
                  94.154.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         51:da:a4:89:77:f9:65:d5:88:c9:5d:8b:a4:0a:2b:c7:b9:50:
         d5:24:6a:d9:a8:ca:a9:48:f7:0f:64:0d:5c:f7:9d:c6:b3:ed:
         0b:1e:11:5c:b6:fe:85:fd:bb:04:50:48:57:16:e5:b4:b0:da:
         1a:4b:c6:a5:58:d7:9b:64:71:5d:4a:ae:92:10:d5:2e:c5:3d:
         c6:e2:ee:93:5a:e7:fe:29:31:2e:58:ed:bd:0a:e8:e3:2a:bf:
         50:22:8c:d7:06:c5:46:11:09:84:93:c9:c1:b2:02:2b:81:d7:
         9f:61:c3:00:44:56:73:e0:9c:bd:3f:d7:69:13:b1:96:f0:bf:
         b7:79:31:64:8d:47:5d:e0:31:49:8d:dc:8b:37:3b:e9:9a:b8:
         6e:46:f1:13:9f:d3:14:6a:33:13:d0:98:da:69:be:81:a5:ab:
         f9:1d:ea:3f:4c:63:a9:7d:f7:b7:39:a9:78:4b:c3:f5:08:51:
         6e:ff:2f:b0:e2:4f:42:24:92:2e:fb:10:aa:81:f1:72:cb:3d:
         e5:0a:49:80:5a:ec:ab:3d:c2:cc:6a:f9:ca:c3:e3:49:8c:c9:
         73:a4:26:86:64:93:bb:70:b9:56:20:76:56:0a:c8:0a:9c:49:
         d3:64:3c:53:67:fd:ed:bf:51:75:27:af:40:5a:13:9d:7b:54:
         fe:38:f6:c1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYz6bHSS9RxvyU8SQJaT2J+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMTExMjEyNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWY3NDQyZjAyNzhmMjc5Zjc3ZjJkMjU4MmZiZGFhMDU3YzFhMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQQyA0mmifiuFfHG7GEHrvSwRI+F
05oCQ/4TNeWxvjiQ+GhPJTaHbD+beIW3UP06kmVcRit2QjX551VNyYF+8Z1JyyO2
qO/bPJ0jy5i3xc1E8UHNErLgYURwaojhgVaBSZTintxgO/rrqHiblUuNDc2QsaFm
5WW7qAqnh76EAcKKJuFal035dWiJSkJX0QraMr3JpEXzOnVdw1AbWVM8SKsAjTI5
3mI5RS0/KeEM7QAKLRP8ZzzMKtuZPsL3CO3/qX99jeavFVWlsUpA8fuX7N3rF2Wl
bVFGZMdblD40bia6SEh4TO/0R16yd6dF2CNV2s8Oad93fQ9xe0BWXy4vhwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIr3RC8CePJ5938tJYL72qBXwaCEMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvaXZkRUx3SjQ4bm4zZnkwbGd2dmFvRmZCb0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABemikD
BABemioDBAFemiwwDQYJKoZIhvcNAQELBQADggEBAFHapIl3+WXViMldi6QKK8e5
UNUkatmoyqlI9w9kDVz3ncaz7QseEVy2/oX9uwRQSFcW5bSw2hpLxqVY15tkcV1K
rpIQ1S7FPcbi7pNa5/4pMS5Y7b0K6OMqv1AijNcGxUYRCYSTycGyAiuB159hwwBE
VnPgnL0/12kTsZbwv7d5MWSNR13gMUmN3Is3O+mauG5G8ROf0xRqMxPQmNppvoGl
q/kd6j9MY6l997c5qXhLw/UIUW7/L7DiT0Ikki77EKqB8XLLPeUKSYBa7Ks9wsxq
+crD40mMyXOkJoZkk7twuVYgdlYKyAqcSdNkPFNn/e2/UXUnr0BaE517VP449sE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org