Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CQmWY_ldunHhF-Fm0WOVy-OQ_5s.roa
File:                     CQmWY_ldunHhF-Fm0WOVy-OQ_5s.roa (raw, json)
Hash identifier:          zEKbfK3l0ne6noKuw3N7ZMzpil67neuB34VqxcCllmY=
Subject key identifier:   09:09:96:63:F9:5D:BA:71:E1:17:E1:66:D1:63:95:CB:E3:90:FF:9B
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0185DFC91E3D4BF52DEAB4EDA29B113AB2B6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CQmWY_ldunHhF-Fm0WOVy-OQ_5s.roa
Signing time:             Mon 23 Jan 2023 17:59:37 +0000
ROA not before:           Mon 23 Jan 2023 17:59:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393427
IP address blocks:        195.177.94.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:df:c9:1e:3d:4b:f5:2d:ea:b4:ed:a2:9b:11:3a:b2:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan 23 17:59:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=09099663f95dba71e117e166d16395cbe390ff9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ee:1b:91:79:d4:a5:7d:0b:1e:f0:5a:a3:7a:
                    f4:d0:01:58:4a:6a:b0:14:42:0d:c7:0d:ec:19:a8:
                    71:7a:24:27:08:79:10:2a:10:29:da:cf:5a:d9:0f:
                    1c:6d:98:e2:6c:e8:04:20:0e:a6:4d:b2:c1:b4:95:
                    84:5b:15:30:87:dd:c4:a7:a0:dd:9b:cc:78:53:b5:
                    c7:89:09:f9:b6:c3:ce:f2:ad:97:ad:3c:db:2e:85:
                    33:73:98:65:fa:98:70:6b:a3:b2:a1:5a:0b:0e:92:
                    84:37:04:0a:e0:11:e5:e6:ca:ed:76:98:db:02:c4:
                    9d:91:ab:ab:9c:28:06:f8:d7:bb:b4:ef:53:09:77:
                    7b:cf:8a:f5:4d:6e:0e:fc:0f:5c:6d:60:08:a5:35:
                    1a:8e:ce:e5:a4:9b:1d:82:7f:b1:0c:0d:a4:b7:3d:
                    a8:fd:26:0f:bd:14:ff:4a:07:65:75:28:c2:68:82:
                    39:d0:63:e6:1c:9a:3e:cb:4c:52:45:89:03:dc:2f:
                    4b:29:03:f1:af:6d:a7:fd:8f:00:b0:15:80:67:2a:
                    7b:a5:ae:cc:f7:f0:02:41:b8:ad:60:57:89:3a:93:
                    f3:da:b9:6b:ff:c9:7d:bd:b1:fc:bd:20:cb:ae:24:
                    13:7a:d9:44:f5:62:dc:af:80:d8:d4:7b:85:17:3e:
                    79:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:09:96:63:F9:5D:BA:71:E1:17:E1:66:D1:63:95:CB:E3:90:FF:9B
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CQmWY_ldunHhF-Fm0WOVy-OQ_5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.177.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:4f:42:29:cf:b4:7a:5f:93:9c:95:a5:e7:7b:9d:b8:52:6f:
         da:1f:eb:25:79:2d:f2:3d:8e:10:e6:21:d0:dd:22:0e:db:a7:
         c7:f5:47:1e:83:c6:de:3f:be:27:1c:ef:d1:6f:c5:59:04:d3:
         65:6b:a4:99:14:ab:9e:ad:3e:ce:d0:33:52:61:06:de:a1:d5:
         78:68:05:c8:01:b0:76:63:0b:39:14:62:58:49:a7:2a:e7:04:
         0b:8c:f9:6f:8f:02:24:4b:69:52:d5:c6:47:11:1d:fd:5f:ff:
         3e:89:f7:90:84:13:90:39:c8:cf:31:b0:f4:84:50:96:dc:09:
         94:49:ac:ee:bd:60:f0:b7:69:09:ef:c3:4d:1b:e9:35:2a:3f:
         23:8f:f7:ec:8e:d8:b5:e7:5e:27:a9:9d:99:94:73:68:ef:1d:
         50:78:6e:af:95:60:fb:48:bb:0e:a7:ce:4f:c9:e4:5b:aa:8b:
         c4:8c:23:88:8a:3d:de:2d:77:1c:e5:2c:6d:8c:0e:5c:ad:a5:
         f6:f7:c8:eb:5b:9e:e9:2a:e4:4a:d9:3c:af:91:39:b7:9d:c9:
         d6:81:bc:49:4b:b0:1a:41:90:77:15:31:98:35:1a:94:b7:5f:
         c1:8d:52:5b:31:b2:af:8c:b6:16:4a:7c:4c:ae:be:cb:63:de:
         14:e0:a7:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXfyR49S/Ut6rTtopsROrK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTIzMTc1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA5OTY2M2Y5NWRiYTcxZTExN2UxNjZkMTYzOTVjYmUzOTBmZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu4bkXnUpX0LHvBao3r00AFYSmqw
FEINxw3sGahxeiQnCHkQKhAp2s9a2Q8cbZjibOgEIA6mTbLBtJWEWxUwh93Ep6Dd
m8x4U7XHiQn5tsPO8q2XrTzbLoUzc5hl+phwa6OyoVoLDpKENwQK4BHl5srtdpjb
AsSdkaurnCgG+Ne7tO9TCXd7z4r1TW4O/A9cbWAIpTUajs7lpJsdgn+xDA2ktz2o
/SYPvRT/SgdldSjCaII50GPmHJo+y0xSRYkD3C9LKQPxr22n/Y8AsBWAZyp7pa7M
9/ACQbitYFeJOpPz2rlr/8l9vbH8vSDLriQTetlE9WLcr4DY1HuFFz55tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkJlmP5Xbpx4RfhZtFjlcvjkP+bMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQ1FtV1lfbGR1bkhoRi1GbTBXT1Z5LU9RXzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7FeMA0G
CSqGSIb3DQEBCwUAA4IBAQBXT0Ipz7R6X5OclaXne524Um/aH+sleS3yPY4Q5iHQ
3SIO26fH9Uceg8beP74nHO/Rb8VZBNNla6SZFKuerT7O0DNSYQbeodV4aAXIAbB2
Yws5FGJYSacq5wQLjPlvjwIkS2lS1cZHER39X/8+ifeQhBOQOcjPMbD0hFCW3AmU
SazuvWDwt2kJ78NNG+k1Kj8jj/fsjti1514nqZ2ZlHNo7x1QeG6vlWD7SLsOp85P
yeRbqovEjCOIij3eLXcc5SxtjA5craX298jrW57pKuRK2TyvkTm3ncnWgbxJS7Aa
QZB3FTGYNRqUt1/BjVJbMbKvjLYWSnxMrr7LY94U4Ke4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org