Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S57TcxQrDp9aOsXzhDeCl7qGeb8.roa
File:                     S57TcxQrDp9aOsXzhDeCl7qGeb8.roa (raw, json)
Hash identifier:          KmyguVPTDboT0qloz8j+d36J+3KlHhdzI/amMEfQRWc=
Subject key identifier:   4B:9E:D3:73:14:2B:0E:9F:5A:3A:C5:F3:84:37:82:97:BA:86:79:BF
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018571E88A02BCE37A61C6EE6D7D488953A4
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S57TcxQrDp9aOsXzhDeCl7qGeb8.roa
Signing time:             Mon 02 Jan 2023 09:55:43 +0000
ROA not before:           Mon 02 Jan 2023 09:55:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50751
IP address blocks:        195.62.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:e8:8a:02:bc:e3:7a:61:c6:ee:6d:7d:48:89:53:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan  2 09:55:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b9ed373142b0e9f5a3ac5f384378297ba8679bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:2a:87:07:df:45:16:c0:71:9e:33:54:f9:48:
                    d0:74:81:b7:84:79:29:5c:05:c0:e7:f9:4b:cc:cc:
                    a3:04:fb:6d:1b:3c:d1:3b:9d:02:4c:f8:67:85:78:
                    6e:24:0d:3b:22:e8:53:99:e8:e8:51:cb:3d:a7:d3:
                    24:66:69:17:f8:f5:54:bb:da:c3:3e:0b:de:81:33:
                    63:a7:9e:f4:e4:06:05:1a:9b:c9:6a:b4:ec:e3:ba:
                    e9:cc:a1:8b:f0:f7:c2:7f:a8:3c:03:0e:5c:ec:7e:
                    5a:ef:20:33:3c:cb:b6:fd:93:e4:a8:c0:8a:53:e0:
                    b4:88:f7:c8:03:1d:05:41:f4:34:51:14:e6:d0:b3:
                    83:dc:f8:e0:7d:47:89:3f:3e:e7:95:fe:04:4a:9c:
                    cb:65:6b:b1:3d:d1:eb:23:8a:aa:49:ec:f0:9e:b5:
                    d3:a3:55:4c:f9:42:8a:41:86:2c:fa:25:c7:73:c7:
                    f7:2c:0c:4a:2a:dc:12:29:d3:41:b8:0c:a9:c6:e6:
                    02:06:f3:d3:5b:41:1d:cd:c4:e4:4d:04:44:42:b3:
                    ce:e7:68:50:8f:e4:fe:4a:b4:53:ca:85:5b:64:5f:
                    05:89:f3:74:ba:b9:dc:38:47:50:05:b2:a6:ad:e3:
                    f8:6e:76:e8:a1:2c:ab:ab:88:ec:8c:90:72:4a:35:
                    72:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:9E:D3:73:14:2B:0E:9F:5A:3A:C5:F3:84:37:82:97:BA:86:79:BF
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S57TcxQrDp9aOsXzhDeCl7qGeb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.62.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:7e:9d:8c:1f:38:17:99:6e:62:4d:5b:41:2a:c1:15:34:84:
         7e:41:96:f9:43:2d:48:17:d9:fd:ff:a0:a8:40:1e:c4:9f:ef:
         0f:fd:3f:5d:62:39:f0:0f:f6:b3:9a:f5:01:52:95:1e:80:b7:
         01:69:6b:be:ca:63:f7:cc:11:00:95:d6:a5:c4:b6:7b:61:da:
         49:e6:de:12:c1:aa:4e:73:b8:ec:39:a0:49:be:e1:6a:86:fb:
         81:c8:23:f5:96:7f:46:cc:f4:48:a4:03:4c:f2:de:95:e7:75:
         14:93:bf:e6:fe:95:10:77:67:09:03:d0:1f:61:38:37:67:3e:
         95:f2:03:09:62:ab:b5:a9:15:1e:a6:33:25:03:60:c4:ff:ea:
         64:17:9e:92:3d:42:ff:f8:61:67:c8:06:eb:29:ed:77:fd:d7:
         72:bc:63:37:64:54:85:f3:96:c3:06:69:04:5d:8c:3d:8a:a4:
         b0:7d:00:f7:73:4b:55:e3:64:1f:13:ff:1e:cc:1c:9e:5f:7c:
         78:75:df:87:bd:2d:c7:6e:71:6b:1f:b0:06:e6:e6:65:ff:21:
         cf:f5:2f:23:61:50:92:66:d3:07:45:af:23:30:1a:ba:35:0b:
         80:43:f8:ef:2a:1f:48:87:14:ae:32:94:aa:0a:cb:3a:2f:1f:
         c9:a0:2e:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx6IoCvON6YcbubX1IiVOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjllZDM3MzE0MmIwZTlmNWEzYWM1ZjM4NDM3ODI5N2JhODY3OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSqHB99FFsBxnjNU+UjQdIG3hHkp
XAXA5/lLzMyjBPttGzzRO50CTPhnhXhuJA07IuhTmejoUcs9p9MkZmkX+PVUu9rD
PgvegTNjp5705AYFGpvJarTs47rpzKGL8PfCf6g8Aw5c7H5a7yAzPMu2/ZPkqMCK
U+C0iPfIAx0FQfQ0URTm0LOD3PjgfUeJPz7nlf4ESpzLZWuxPdHrI4qqSezwnrXT
o1VM+UKKQYYs+iXHc8f3LAxKKtwSKdNBuAypxuYCBvPTW0EdzcTkTQREQrPO52hQ
j+T+SrRTyoVbZF8FifN0urncOEdQBbKmreP4bnbooSyrq4jsjJBySjVywwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEue03MUKw6fWjrF84Q3gpe6hnm/MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUzU3VGN4UXJEcDlhT3NYemhEZUNsN3FHZWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwz4ZMA0G
CSqGSIb3DQEBCwUAA4IBAQCYfp2MHzgXmW5iTVtBKsEVNIR+QZb5Qy1IF9n9/6Co
QB7En+8P/T9dYjnwD/azmvUBUpUegLcBaWu+ymP3zBEAldalxLZ7YdpJ5t4SwapO
c7jsOaBJvuFqhvuByCP1ln9GzPRIpANM8t6V53UUk7/m/pUQd2cJA9AfYTg3Zz6V
8gMJYqu1qRUepjMlA2DE/+pkF56SPUL/+GFnyAbrKe13/ddyvGM3ZFSF85bDBmkE
XYw9iqSwfQD3c0tV42QfE/8ezByeX3x4dd+HvS3HbnFrH7AG5uZl/yHP9S8jYVCS
ZtMHRa8jMBq6NQuAQ/jvKh9IhxSuMpSqCss6Lx/JoC5d
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org