Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/rQEFcHGq2KGC2fSAGEKqRNeU_pM.roa
File:                     rQEFcHGq2KGC2fSAGEKqRNeU_pM.roa (raw, json)
Hash identifier:          OHK26qT9SFuu0bs6pPEKB3LO2d/aI0yeOMxfE2TEPtk=
Subject key identifier:   AD:01:05:70:71:AA:D8:A1:82:D9:F4:80:18:42:AA:44:D7:94:FE:93
Certificate issuer:       /CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
Certificate serial:       018ACC7CFA58351E8E57ADA29569CA059DA6
Authority key identifier: 99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/rQEFcHGq2KGC2fSAGEKqRNeU_pM.roa
Signing time:             Mon 25 Sep 2023 13:17:37 +0000
ROA not before:           Mon 25 Sep 2023 13:17:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216308
IP address blocks:        195.184.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 Nov 2023 19:10:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:cc:7c:fa:58:35:1e:8e:57:ad:a2:95:69:ca:05:9d:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
        Validity
            Not Before: Sep 25 13:17:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad01057071aad8a182d9f4801842aa44d794fe93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cc:4b:d3:81:45:da:e6:c1:80:f8:dd:1e:9b:
                    f1:ca:8d:de:39:90:91:f6:88:2e:15:f0:f6:8d:32:
                    92:07:2a:80:47:8c:79:02:8a:54:52:2e:35:94:01:
                    26:99:de:90:cf:6e:f1:7d:74:b7:e6:f5:fa:51:f4:
                    bc:2a:94:a6:b5:5c:34:07:78:2a:2c:3b:5f:2c:06:
                    5e:3f:66:ea:bd:de:61:cd:16:4f:ab:e0:3b:35:41:
                    f3:85:68:9b:61:44:8e:14:90:c4:c3:61:a2:5a:cc:
                    7f:61:b7:7f:ee:f1:d1:84:24:bf:07:15:c9:c5:23:
                    ca:ec:d2:35:86:7e:d8:19:39:ab:e7:e4:5e:94:9a:
                    e7:d4:d5:0f:e5:06:b8:17:56:84:5b:81:5c:4a:7e:
                    72:8b:b4:0f:c3:aa:98:b9:7b:76:6a:fb:ff:71:a5:
                    38:a4:01:b6:49:01:fa:60:cd:49:30:1a:65:2c:83:
                    85:1c:14:7b:13:b5:f0:0d:39:7d:e9:32:fc:1c:81:
                    9b:ad:ec:4f:cb:de:4e:9b:93:6e:56:98:22:5b:4f:
                    97:62:59:72:1a:f6:c9:18:75:99:bd:cf:fa:48:5e:
                    ea:32:5a:5d:d1:8f:52:d5:49:fc:0b:1d:ab:ca:18:
                    93:ff:a5:bc:e2:de:d9:db:f8:7a:12:d6:7e:cc:80:
                    95:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:01:05:70:71:AA:D8:A1:82:D9:F4:80:18:42:AA:44:D7:94:FE:93
            X509v3 Authority Key Identifier:
                keyid:99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/rQEFcHGq2KGC2fSAGEKqRNeU_pM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/mfrSUn6vqVIVqP7Weif608-y038.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.184.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:0a:1a:4f:8c:6c:59:18:c4:84:0a:41:22:a9:77:ae:48:41:
         85:f1:03:f9:bf:11:45:84:04:e6:f8:86:45:11:68:f0:08:89:
         8d:db:e2:ad:70:89:4b:39:9b:4f:05:30:89:b4:c6:7b:1d:d3:
         a7:0f:1c:dc:58:41:e0:50:76:7c:dd:4f:53:66:1d:7c:1f:70:
         46:e3:f3:b5:ad:fb:34:64:5b:ea:b7:bb:fb:c6:cf:64:ae:ba:
         6f:8c:05:cd:2a:d7:da:cd:7b:84:82:20:63:70:8a:63:5e:df:
         e3:be:56:a3:28:8b:01:45:99:68:a0:3b:e3:c7:91:18:39:c8:
         95:42:4f:50:82:12:9a:e5:10:f0:f6:8b:39:e0:9a:ce:9d:21:
         ca:f4:f6:ce:fb:7c:e6:73:20:5e:1f:69:a6:41:69:f0:69:1e:
         cd:4f:3d:39:4d:27:6e:b8:9f:7c:26:07:7a:4e:32:50:1d:06:
         c8:80:e8:7a:a4:61:0e:8f:38:31:8c:23:4a:4d:86:3e:9d:7a:
         59:92:c1:19:72:f5:0c:63:78:66:6e:1a:dd:8a:da:af:59:7d:
         6d:35:1c:a2:86:a2:a8:0e:22:3c:74:18:f8:c5:6f:0c:e5:d9:
         c2:7e:c3:25:41:03:0a:27:28:e5:92:b9:9d:ef:2f:9d:66:58:
         12:39:38:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrMfPpYNR6OV62ilWnKBZ2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmFkMjUyN2VhZmE5NTIxNWE4ZmVkNjdhMjdmYWQzY2Zi
MmQzN2YwHhcNMjMwOTI1MTMxNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDAxMDU3MDcxYWFkOGExODJkOWY0ODAxODQyYWE0NGQ3OTRmZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsxL04FF2ubBgPjdHpvxyo3eOZCR
9oguFfD2jTKSByqAR4x5AopUUi41lAEmmd6Qz27xfXS35vX6UfS8KpSmtVw0B3gq
LDtfLAZeP2bqvd5hzRZPq+A7NUHzhWibYUSOFJDEw2GiWsx/Ybd/7vHRhCS/BxXJ
xSPK7NI1hn7YGTmr5+RelJrn1NUP5Qa4F1aEW4FcSn5yi7QPw6qYuXt2avv/caU4
pAG2SQH6YM1JMBplLIOFHBR7E7XwDTl96TL8HIGbrexPy95Om5NuVpgiW0+XYlly
GvbJGHWZvc/6SF7qMlpd0Y9S1Un8Cx2ryhiT/6W84t7Z2/h6EtZ+zICVCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0BBXBxqtihgtn0gBhCqkTXlP6TMB8GA1UdIwQY
MBaAFJn60lJ+r6lSFaj+1non+tPPstN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMt
MDEwM2E4OTljMmRlLzEvclFFRmNIR3EyS0dDMmZTQUdFS3FSTmVVX3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMtMDEwM2E4OTljMmRl
LzEvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7hMMA0G
CSqGSIb3DQEBCwUAA4IBAQB3ChpPjGxZGMSECkEiqXeuSEGF8QP5vxFFhATm+IZF
EWjwCImN2+KtcIlLOZtPBTCJtMZ7HdOnDxzcWEHgUHZ83U9TZh18H3BG4/O1rfs0
ZFvqt7v7xs9krrpvjAXNKtfazXuEgiBjcIpjXt/jvlajKIsBRZlooDvjx5EYOciV
Qk9QghKa5RDw9os54JrOnSHK9PbO+3zmcyBeH2mmQWnwaR7NTz05TSduuJ98Jgd6
TjJQHQbIgOh6pGEOjzgxjCNKTYY+nXpZksEZcvUMY3hmbhrditqvWX1tNRyihqKo
DiI8dBj4xW8M5dnCfsMlQQMKJyjlkrmd7y+dZlgSOTiS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org