Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/n8B4-S3R8QpFdrUG5I1FdFP1-M0.roa
File:                     n8B4-S3R8QpFdrUG5I1FdFP1-M0.roa (raw, json)
Hash identifier:          ernduR7TwD253oyXCCngDTwAIasuYuvtL5aTTkf8rz4=
Subject key identifier:   9F:C0:78:F9:2D:D1:F1:0A:45:76:B5:06:E4:8D:45:74:53:F5:F8:CD
Certificate issuer:       /CN=cf2eee78a0084d831de1a2500183e16489516ccf
Certificate serial:       01857127613F216609CACFAF43A7B4372DD5
Authority key identifier: CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/n8B4-S3R8QpFdrUG5I1FdFP1-M0.roa
Signing time:             Mon 02 Jan 2023 06:24:44 +0000
ROA not before:           Mon 02 Jan 2023 06:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211215
IP address blocks:        45.95.8.0/24 maxlen: 24
                          2a0c:3300::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:61:3f:21:66:09:ca:cf:af:43:a7:b4:37:2d:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf2eee78a0084d831de1a2500183e16489516ccf
        Validity
            Not Before: Jan  2 06:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9fc078f92dd1f10a4576b506e48d457453f5f8cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:d3:c9:10:29:76:66:44:7d:de:e7:be:a8:1f:
                    62:bf:03:17:3f:35:de:9e:8c:19:05:48:26:57:f3:
                    a0:41:1b:0e:71:b4:a3:e3:a2:0c:57:12:e4:31:b1:
                    d3:f7:9f:36:6d:7a:86:6f:68:7d:2c:f9:b2:6f:a8:
                    c4:df:15:38:fc:3b:36:09:be:a7:73:cf:20:56:57:
                    b4:10:2f:e0:bb:bf:25:c6:1e:de:7d:6c:73:c7:31:
                    65:1f:fd:8a:bb:b0:9d:80:13:bf:b7:c1:03:ce:e8:
                    74:f4:e5:6d:d0:01:35:2e:5f:2a:d3:ee:1d:84:95:
                    57:0a:5b:0d:3c:8f:c1:6a:18:fc:35:07:19:17:18:
                    3e:92:55:0f:a9:aa:93:a1:47:98:c1:3d:81:a5:b5:
                    d3:77:09:f3:6f:0d:07:98:5f:7d:ec:7a:23:e1:63:
                    4c:b2:49:01:21:e7:f9:2a:15:5f:72:0b:ac:db:c1:
                    01:e6:3b:2a:e6:b0:e4:f9:76:4b:2b:4d:f9:52:01:
                    ee:bd:23:29:f1:f7:1b:06:87:3c:29:d1:09:b9:17:
                    60:aa:6f:e5:be:3f:39:95:1b:a7:d0:57:3a:a8:c5:
                    31:8f:c2:6d:bb:9b:37:15:f6:3e:47:d6:7c:4f:55:
                    96:ab:22:e4:52:e1:0a:a3:5a:c4:e8:1e:39:f1:65:
                    4e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:C0:78:F9:2D:D1:F1:0A:45:76:B5:06:E4:8D:45:74:53:F5:F8:CD
            X509v3 Authority Key Identifier:
                keyid:CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/n8B4-S3R8QpFdrUG5I1FdFP1-M0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.8.0/24
                IPv6:
                  2a0c:3300::/32

    Signature Algorithm: sha256WithRSAEncryption
         9a:1c:9b:a4:08:b1:c1:31:a3:61:31:25:36:e7:29:43:18:ee:
         f6:70:47:f2:8e:d4:73:29:06:3c:c0:47:bc:98:4f:81:fc:e0:
         36:f7:8d:b9:c7:39:a2:e8:f9:7b:90:02:e2:a3:e3:0a:7b:5b:
         ed:7e:b0:ff:4b:02:ed:fc:2d:fd:04:19:71:fe:18:dc:c0:33:
         63:34:65:19:bf:c0:22:40:e8:a6:69:1e:b4:e4:97:ef:5d:2b:
         8f:0e:6a:76:f2:92:97:91:ba:7a:38:68:2d:b3:a4:e6:8d:19:
         13:97:0d:6a:5e:6f:6c:fd:4f:b3:d5:f4:36:d3:7b:83:81:a1:
         7c:56:c7:d4:3e:0a:25:ef:ef:11:20:5d:0d:8e:e7:00:9f:7a:
         34:cc:a2:e9:62:31:c8:9c:d7:82:02:57:66:99:74:6b:a5:f0:
         60:52:f9:de:da:09:26:57:15:6d:82:64:dd:bc:51:25:9c:f4:
         47:c7:a9:1f:dd:8e:24:01:c0:ab:93:16:38:cd:6a:25:13:26:
         9a:5e:84:b6:cd:ab:d1:b3:49:ce:37:5b:63:f8:32:ca:df:91:
         5c:3d:d9:74:8a:17:3e:07:bd:1f:dc:5b:6e:0b:38:d0:fc:17:
         2b:33:d4:08:e2:31:7c:91:ea:5f:d6:dd:54:c0:26:02:8c:43:
         30:e1:9d:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxJ2E/IWYJys+vQ6e0Ny3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMmVlZTc4YTAwODRkODMxZGUxYTI1MDAxODNlMTY0ODk1
MTZjY2YwHhcNMjMwMTAyMDYyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmMwNzhmOTJkZDFmMTBhNDU3NmI1MDZlNDhkNDU3NDUzZjVmOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNPJECl2ZkR93ue+qB9ivwMXPzXe
nowZBUgmV/OgQRsOcbSj46IMVxLkMbHT9582bXqGb2h9LPmyb6jE3xU4/Ds2Cb6n
c88gVle0EC/gu78lxh7efWxzxzFlH/2Ku7CdgBO/t8EDzuh09OVt0AE1Ll8q0+4d
hJVXClsNPI/Bahj8NQcZFxg+klUPqaqToUeYwT2BpbXTdwnzbw0HmF997Hoj4WNM
skkBIef5KhVfcgus28EB5jsq5rDk+XZLK035UgHuvSMp8fcbBoc8KdEJuRdgqm/l
vj85lRun0Fc6qMUxj8Jtu5s3FfY+R9Z8T1WWqyLkUuEKo1rE6B458WVOQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ/AePkt0fEKRXa1BuSNRXRT9fjNMB8GA1UdIwQY
MBaAFM8u7nigCE2DHeGiUAGD4WSJUWzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kN2U2NjAtNjkxMi00MzgwLWFiNGYt
NzE4YjljNDBmZDI1LzEvbjhCNC1TM1I4UXBGZHJVRzVJMUZkRlAxLU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kN2U2NjAtNjkxMi00MzgwLWFiNGYtNzE4YjljNDBmZDI1
LzEvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALV8IMA0E
AgACMAcDBQAqDDMAMA0GCSqGSIb3DQEBCwUAA4IBAQCaHJukCLHBMaNhMSU25ylD
GO72cEfyjtRzKQY8wEe8mE+B/OA29425xzmi6Pl7kALio+MKe1vtfrD/SwLt/C39
BBlx/hjcwDNjNGUZv8AiQOimaR605JfvXSuPDmp28pKXkbp6OGgts6TmjRkTlw1q
Xm9s/U+z1fQ203uDgaF8VsfUPgol7+8RIF0NjucAn3o0zKLpYjHInNeCAldmmXRr
pfBgUvne2gkmVxVtgmTdvFElnPRHx6kf3Y4kAcCrkxY4zWolEyaaXoS2zavRs0nO
N1tj+DLK35FcPdl0ihc+B70f3FtuCzjQ/BcrM9QI4jF8kepf1t1UwCYCjEMw4Z2r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:06 2024 by rpki-client on console-fra.rpki-client.org