Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/V5NKqJE-0LAHQd5_KWxcv7z7TPI.roa
File:                     V5NKqJE-0LAHQd5_KWxcv7z7TPI.roa (raw, json)
Hash identifier:          MQcVy3r7j/DLJB57cucI1ID6ruBkYkYlt2hA3rQAHHc=
Subject key identifier:   57:93:4A:A8:91:3E:D0:B0:07:41:DE:7F:29:6C:5C:BF:BC:FB:4C:F2
Certificate issuer:       /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial:       01856F8248EC5BC7CD509F3739833BCD7056
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/V5NKqJE-0LAHQd5_KWxcv7z7TPI.roa
Signing time:             Sun 01 Jan 2023 22:44:47 +0000
ROA not before:           Sun 01 Jan 2023 22:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48960
IP address blocks:        95.173.200.0/24 maxlen: 24
                          2a02:a48::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:82:48:ec:5b:c7:cd:50:9f:37:39:83:3b:cd:70:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
        Validity
            Not Before: Jan  1 22:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=57934aa8913ed0b00741de7f296c5cbfbcfb4cf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:10:fe:bc:62:28:97:d7:86:48:5b:b1:a2:a1:
                    37:99:ac:1f:00:80:2f:74:5a:00:7b:69:cf:2f:dc:
                    73:bd:fe:a4:38:39:86:bf:6d:e1:90:f5:04:6b:96:
                    85:5f:d2:33:85:6c:5c:b4:7f:e6:7f:e7:57:19:3b:
                    38:ac:54:df:a9:fb:0a:56:d4:73:f5:e4:95:ee:d7:
                    05:15:ec:d1:2d:0e:d1:1b:ea:00:77:4e:fa:3e:dd:
                    97:0b:2e:a5:52:89:f0:54:90:5f:70:f8:9c:ed:9c:
                    28:92:1e:87:60:dc:67:e0:a9:01:21:cf:1e:f6:60:
                    10:5f:bf:01:72:1b:60:61:f3:25:70:64:f1:51:a7:
                    aa:ab:4c:d0:60:bb:51:78:e8:b5:8e:71:1e:41:21:
                    f7:66:96:61:b8:e6:ba:67:51:2f:91:35:86:eb:e5:
                    cf:97:10:0c:d9:aa:28:e0:84:1f:6e:a9:df:0e:7f:
                    fb:0c:15:c4:5c:e4:64:9e:e4:fe:03:ef:68:c7:be:
                    29:f7:2c:72:e3:37:6d:92:fa:08:a7:f4:91:6d:d9:
                    e5:b0:91:be:ca:5e:17:20:b5:fb:be:5b:c2:3c:9a:
                    3d:21:12:64:12:12:4e:4f:60:ab:b9:49:1f:05:e6:
                    d6:cb:54:66:fe:0a:2e:a4:12:4a:44:d7:0b:4d:6d:
                    8d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:93:4A:A8:91:3E:D0:B0:07:41:DE:7F:29:6C:5C:BF:BC:FB:4C:F2
            X509v3 Authority Key Identifier:
                keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/V5NKqJE-0LAHQd5_KWxcv7z7TPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.173.200.0/24
                IPv6:
                  2a02:a48::/32

    Signature Algorithm: sha256WithRSAEncryption
         28:9c:dc:16:93:6f:46:86:8f:c0:19:b2:12:7a:c5:11:65:1b:
         b5:e3:8a:f3:d9:93:6c:eb:c8:4a:d7:52:0c:51:ca:e4:75:0a:
         00:ed:68:ea:fb:0a:25:2d:cb:03:14:b9:ca:28:79:21:06:d5:
         bf:b5:17:96:c0:3d:4e:74:a7:ac:db:fb:07:e4:92:e9:a2:82:
         d8:24:58:ca:98:1b:72:96:fd:fe:e8:28:79:41:55:ce:d6:4e:
         dc:79:48:b7:aa:97:07:0a:01:9d:f1:27:a5:89:0e:4a:95:5e:
         67:f7:26:6e:fe:bd:db:b1:16:8b:a2:7b:df:a8:59:30:e3:71:
         8b:a3:cf:2b:41:9a:aa:96:52:b8:b9:cc:26:b8:44:39:a1:19:
         d9:1f:ee:cf:78:40:57:38:ea:1f:02:24:44:30:f5:41:07:8d:
         7d:ab:40:46:97:3f:a5:ce:df:17:b2:75:90:71:19:f3:da:c0:
         0d:67:67:04:9c:01:77:3d:6a:1d:8b:c4:e2:b6:c1:a7:3b:c8:
         8b:7b:25:f1:9a:83:dc:bf:3f:45:70:ea:fc:77:63:1d:44:c5:
         83:33:7a:f9:31:4c:c6:13:44:c3:8b:ee:a3:fd:31:9a:1c:68:
         95:6e:85:f6:5d:e7:47:e1:0f:0e:5b:04:8a:5e:f2:a5:ec:93:
         d0:5a:41:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvgkjsW8fNUJ83OYM7zXBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjMwMTAxMjI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzkzNGFhODkxM2VkMGIwMDc0MWRlN2YyOTZjNWNiZmJjZmI0Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhD+vGIol9eGSFuxoqE3mawfAIAv
dFoAe2nPL9xzvf6kODmGv23hkPUEa5aFX9IzhWxctH/mf+dXGTs4rFTfqfsKVtRz
9eSV7tcFFezRLQ7RG+oAd076Pt2XCy6lUonwVJBfcPic7Zwokh6HYNxn4KkBIc8e
9mAQX78BchtgYfMlcGTxUaeqq0zQYLtReOi1jnEeQSH3ZpZhuOa6Z1EvkTWG6+XP
lxAM2aoo4IQfbqnfDn/7DBXEXORknuT+A+9ox74p9yxy4zdtkvoIp/SRbdnlsJG+
yl4XILX7vlvCPJo9IRJkEhJOT2CruUkfBebWy1Rm/goupBJKRNcLTW2NMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFeTSqiRPtCwB0HefylsXL+8+0zyMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvVjVOS3FKRS0wTEFIUWQ1X0tXeGN2N3o3VFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX63IMA0E
AgACMAcDBQAqAgpIMA0GCSqGSIb3DQEBCwUAA4IBAQAonNwWk29Gho/AGbISesUR
ZRu144rz2ZNs68hK11IMUcrkdQoA7Wjq+wolLcsDFLnKKHkhBtW/tReWwD1OdKes
2/sH5JLpooLYJFjKmBtylv3+6Ch5QVXO1k7ceUi3qpcHCgGd8SeliQ5KlV5n9yZu
/r3bsRaLonvfqFkw43GLo88rQZqqllK4ucwmuEQ5oRnZH+7PeEBXOOofAiREMPVB
B419q0BGlz+lzt8XsnWQcRnz2sANZ2cEnAF3PWodi8TitsGnO8iLeyXxmoPcvz9F
cOr8d2MdRMWDM3r5MUzGE0TDi+6j/TGaHGiVboX2XedH4Q8OWwSKXvKl7JPQWkEu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:34 2024 by rpki-client on console-ams.rpki-client.org