Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1H5jq5WZsKmJTRX0EPkm6HKeCpY.roa
File:                     1H5jq5WZsKmJTRX0EPkm6HKeCpY.roa (raw, json)
Hash identifier:          F2h/b9Bajqy7YYVszn86GnTYt8RBnst7ir0h8WchMO0=
Subject key identifier:   D4:7E:63:AB:95:99:B0:A9:89:4D:15:F4:10:F9:26:E8:72:9E:0A:96
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01899CC02E3FADA4E8550DDE6BCB29C85CF1
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1H5jq5WZsKmJTRX0EPkm6HKeCpY.roa
Signing time:             Fri 28 Jul 2023 13:46:27 +0000
ROA not before:           Fri 28 Jul 2023 13:46:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29066
IP address blocks:        45.95.172.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 09:02:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:9c:c0:2e:3f:ad:a4:e8:55:0d:de:6b:cb:29:c8:5c:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jul 28 13:46:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d47e63ab9599b0a9894d15f410f926e8729e0a96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:7f:61:67:11:13:ba:61:df:ae:81:d1:d7:57:
                    82:7a:57:d6:92:62:18:30:9b:bb:ed:88:98:9f:94:
                    43:41:17:f9:56:98:65:09:91:3f:5e:08:b2:f9:5a:
                    a2:15:d5:a1:76:b0:ac:91:0f:16:b5:b3:f8:a8:07:
                    a9:35:da:8f:34:5f:10:5e:ff:3a:df:31:a3:bf:69:
                    1b:37:e8:7f:fd:bf:11:6d:ea:e0:95:51:e6:f2:6a:
                    85:9a:09:52:39:6f:c3:93:7a:a1:3b:a3:c2:2d:23:
                    d5:a2:ea:1d:d0:67:15:0a:04:9f:1e:ee:32:66:e5:
                    ec:79:0b:c7:d0:ed:1f:b1:3b:03:b3:a9:d9:a8:e2:
                    2a:47:61:71:d4:f3:1c:f7:32:15:6a:7e:9e:3c:2e:
                    64:70:40:ab:83:82:f6:00:25:32:68:a8:ff:a2:33:
                    60:3c:63:b1:aa:00:a4:d2:f1:a1:f8:1e:b5:3e:91:
                    63:2a:db:36:d6:31:90:77:b2:0f:cf:86:14:d2:11:
                    5f:dd:2b:1b:92:c5:d8:6d:b1:80:1c:8d:2b:40:7d:
                    a0:99:fa:39:a3:31:6f:f0:a9:1f:21:d7:71:f3:c8:
                    ce:0d:a6:cf:16:6d:12:e5:8c:e2:ee:18:95:10:f1:
                    e0:6e:ab:88:2c:c5:cc:c3:ee:29:42:51:8f:d6:de:
                    3d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:7E:63:AB:95:99:B0:A9:89:4D:15:F4:10:F9:26:E8:72:9E:0A:96
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1H5jq5WZsKmJTRX0EPkm6HKeCpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:cb:21:c6:6e:e6:d3:13:15:23:98:b0:08:87:99:35:de:40:
         15:c9:7b:27:d6:f4:f0:99:6a:af:af:4a:58:52:57:20:53:6a:
         07:45:6c:f4:24:08:0c:43:b9:5e:2b:7c:4e:51:1a:89:3f:b4:
         36:69:9c:1f:56:a9:a2:49:01:1a:99:af:31:1d:73:6f:76:1b:
         2d:8b:1f:f8:d2:bc:18:de:cf:82:f6:e0:96:bd:98:cf:ae:e7:
         31:10:ca:24:cc:b4:44:b2:b8:e7:78:96:21:31:52:c4:79:a6:
         f0:7a:eb:8d:e5:d3:48:69:36:66:63:6e:54:b2:d4:c4:7c:74:
         70:75:c3:bf:e2:cd:ec:e4:33:0a:d4:8e:c8:1e:f3:fe:4b:91:
         1b:4f:18:38:73:75:b6:42:81:b9:65:e2:37:44:94:d8:6f:97:
         d8:f1:59:35:42:82:6d:17:80:92:0c:07:96:6c:b3:08:0b:ff:
         55:3d:53:ce:00:52:2e:3f:32:a5:76:58:eb:ec:97:65:31:d5:
         0e:42:26:2d:a0:97:86:66:f1:68:5f:d3:04:35:b1:aa:55:ed:
         60:84:aa:7b:66:35:94:aa:24:27:34:17:0c:0b:ef:c2:b5:47:
         68:1d:71:90:b5:97:51:5e:31:b7:34:cd:8f:f0:50:3c:37:08:
         5e:53:00:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmcwC4/raToVQ3ea8spyFzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwNzI4MTM0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdlNjNhYjk1OTliMGE5ODk0ZDE1ZjQxMGY5MjZlODcyOWUwYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhn9hZxETumHfroHR11eCelfWkmIY
MJu77YiYn5RDQRf5VphlCZE/Xgiy+VqiFdWhdrCskQ8WtbP4qAepNdqPNF8QXv86
3zGjv2kbN+h//b8RberglVHm8mqFmglSOW/Dk3qhO6PCLSPVouod0GcVCgSfHu4y
ZuXseQvH0O0fsTsDs6nZqOIqR2Fx1PMc9zIVan6ePC5kcECrg4L2ACUyaKj/ojNg
PGOxqgCk0vGh+B61PpFjKts21jGQd7IPz4YU0hFf3SsbksXYbbGAHI0rQH2gmfo5
ozFv8KkfIddx88jODabPFm0S5Yzi7hiVEPHgbquILMXMw+4pQlGP1t49PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNR+Y6uVmbCpiU0V9BD5JuhyngqWMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMUg1anE1V1pzS21KVFJYMEVQa202SEtlQ3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV+sMA0G
CSqGSIb3DQEBCwUAA4IBAQCKyyHGbubTExUjmLAIh5k13kAVyXsn1vTwmWqvr0pY
UlcgU2oHRWz0JAgMQ7leK3xOURqJP7Q2aZwfVqmiSQEama8xHXNvdhstix/40rwY
3s+C9uCWvZjPrucxEMokzLREsrjneJYhMVLEeabweuuN5dNIaTZmY25UstTEfHRw
dcO/4s3s5DMK1I7IHvP+S5EbTxg4c3W2QoG5ZeI3RJTYb5fY8Vk1QoJtF4CSDAeW
bLMIC/9VPVPOAFIuPzKldljr7JdlMdUOQiYtoJeGZvFoX9MENbGqVe1ghKp7ZjWU
qiQnNBcMC+/CtUdoHXGQtZdRXjG3NM2P8FA8NwheUwBm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org