Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/51065b-904f-4ce3-8fe5-8ea2d14a642e/1/fLvuRMUP3CCTa-Owaq0GvxgZvG4.roa
File:                     fLvuRMUP3CCTa-Owaq0GvxgZvG4.roa (raw, json)
Hash identifier:          wIulrwjpkJyBMNjfbGK01pAsndFuMkNiNCDpN7a9r/s=
Subject key identifier:   7C:BB:EE:44:C5:0F:DC:20:93:6B:E3:B0:6A:AD:06:BF:18:19:BC:6E
Certificate issuer:       /CN=2452de9370c20ef1ba4d7fe1bb018f3f6dfdc9ce
Certificate serial:       01856D01739A2E1FB1B9CEAB96CA1A0B530E
Authority key identifier: 24:52:DE:93:70:C2:0E:F1:BA:4D:7F:E1:BB:01:8F:3F:6D:FD:C9:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFLek3DCDvG6TX_huwGPP239yc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/51065b-904f-4ce3-8fe5-8ea2d14a642e/1/fLvuRMUP3CCTa-Owaq0GvxgZvG4.roa
Signing time:             Sun 01 Jan 2023 11:04:49 +0000
ROA not before:           Sun 01 Jan 2023 11:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39930
IP address blocks:        195.95.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:73:9a:2e:1f:b1:b9:ce:ab:96:ca:1a:0b:53:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2452de9370c20ef1ba4d7fe1bb018f3f6dfdc9ce
        Validity
            Not Before: Jan  1 11:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7cbbee44c50fdc20936be3b06aad06bf1819bc6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:71:66:1b:3a:4f:17:d7:9d:c5:62:1a:a1:a4:
                    5b:06:61:eb:f7:19:2a:c4:64:8a:fc:95:a8:cd:21:
                    21:5d:3a:d8:67:8e:f9:59:55:f7:71:71:22:8a:be:
                    61:31:8e:43:2b:d0:61:22:e3:5a:05:cf:ae:09:1f:
                    40:d2:10:46:0b:e3:88:0d:cf:6c:35:20:0a:23:41:
                    13:e9:3c:2d:9a:78:ac:4a:49:08:e5:b7:99:63:72:
                    a4:1f:40:f8:8e:20:dc:61:87:29:39:14:99:2f:30:
                    ce:d3:98:bb:2b:f2:70:85:0b:7c:1f:a7:0a:d1:35:
                    78:97:b3:26:77:46:ce:ce:df:42:1e:da:60:94:e9:
                    27:67:c4:38:7e:a5:f7:9e:1d:25:98:62:b9:0d:4f:
                    8f:89:95:9a:42:a2:87:57:2f:2c:28:bd:da:9b:91:
                    df:6a:5b:26:23:0d:5c:8b:23:17:a4:51:6b:52:d5:
                    24:52:3f:64:c0:ff:15:f4:2b:f7:81:0e:ad:c5:18:
                    70:31:c1:54:78:d6:44:41:40:ba:fe:c8:af:90:89:
                    00:c5:18:26:e0:2d:b8:51:ac:8e:81:2a:3d:f3:f8:
                    70:de:e8:ad:77:27:75:a9:dd:e0:4b:0c:2c:ff:cd:
                    bd:70:1b:06:d9:2e:84:f5:94:c1:c3:6d:60:b8:7c:
                    d3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:BB:EE:44:C5:0F:DC:20:93:6B:E3:B0:6A:AD:06:BF:18:19:BC:6E
            X509v3 Authority Key Identifier:
                keyid:24:52:DE:93:70:C2:0E:F1:BA:4D:7F:E1:BB:01:8F:3F:6D:FD:C9:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFLek3DCDvG6TX_huwGPP239yc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/51065b-904f-4ce3-8fe5-8ea2d14a642e/1/fLvuRMUP3CCTa-Owaq0GvxgZvG4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/51065b-904f-4ce3-8fe5-8ea2d14a642e/1/JFLek3DCDvG6TX_huwGPP239yc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:c9:a9:c0:76:0b:ba:8c:ba:91:bf:8c:3e:62:d2:32:8e:28:
         50:99:6b:81:22:67:3d:2c:3a:23:27:57:75:a8:b6:7a:7f:f9:
         57:87:11:88:d4:13:21:e8:f6:2d:28:5a:80:af:a4:eb:84:5f:
         2d:81:28:17:3a:3f:ee:3b:08:af:87:30:14:1e:ed:71:60:01:
         07:3e:0f:3e:53:05:6f:f7:1c:56:8b:4a:04:29:f9:1f:eb:84:
         a6:6f:28:c3:c4:5b:1b:73:08:6b:7b:65:0e:d5:43:83:92:58:
         1d:a2:58:ff:2a:7f:32:be:bf:05:4a:30:a9:c8:95:db:5d:4f:
         ef:65:b1:6a:75:ec:3b:69:ab:d4:cc:99:cf:59:d0:ac:b8:cc:
         bf:43:e5:87:db:fd:15:01:2b:cc:90:c9:5b:16:31:bf:40:1e:
         bb:32:72:47:7c:1b:96:b0:4f:44:73:2e:16:84:e5:48:cf:13:
         71:4d:2b:a2:13:ab:29:86:d2:2a:cf:e3:38:9c:b1:59:33:d2:
         4c:af:b2:fa:d2:aa:d1:58:6a:c0:1c:28:f1:75:7a:0a:1f:e3:
         52:60:f8:ec:de:dc:e0:81:a0:83:72:b2:bf:e1:ee:76:6d:e8:
         b3:0c:c8:33:11:f3:3c:c4:cd:a1:5f:ec:dc:fd:01:dc:71:f7:
         de:47:5e:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAXOaLh+xuc6rlsoaC1MOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTJkZTkzNzBjMjBlZjFiYTRkN2ZlMWJiMDE4ZjNmNmRm
ZGM5Y2UwHhcNMjMwMTAxMTEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2JiZWU0NGM1MGZkYzIwOTM2YmUzYjA2YWFkMDZiZjE4MTliYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnFmGzpPF9edxWIaoaRbBmHr9xkq
xGSK/JWozSEhXTrYZ475WVX3cXEiir5hMY5DK9BhIuNaBc+uCR9A0hBGC+OIDc9s
NSAKI0ET6TwtmnisSkkI5beZY3KkH0D4jiDcYYcpORSZLzDO05i7K/JwhQt8H6cK
0TV4l7Mmd0bOzt9CHtpglOknZ8Q4fqX3nh0lmGK5DU+PiZWaQqKHVy8sKL3am5Hf
alsmIw1ciyMXpFFrUtUkUj9kwP8V9Cv3gQ6txRhwMcFUeNZEQUC6/sivkIkAxRgm
4C24UayOgSo98/hw3uitdyd1qd3gSwws/829cBsG2S6E9ZTBw21guHzTDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHy77kTFD9wgk2vjsGqtBr8YGbxuMB8GA1UdIwQY
MBaAFCRS3pNwwg7xuk1/4bsBjz9t/cnOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZMZWszRENEdkc2VFhfaHV3R1BQMjM5eWM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81MTA2NWItOTA0Zi00Y2UzLThmZTUt
OGVhMmQxNGE2NDJlLzEvZkx2dVJNVVAzQ0NUYS1Pd2FxMEd2eGdadkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81MTA2NWItOTA0Zi00Y2UzLThmZTUtOGVhMmQxNGE2NDJl
LzEvSkZMZWszRENEdkc2VFhfaHV3R1BQMjM5eWM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+RMA0G
CSqGSIb3DQEBCwUAA4IBAQA0yanAdgu6jLqRv4w+YtIyjihQmWuBImc9LDojJ1d1
qLZ6f/lXhxGI1BMh6PYtKFqAr6TrhF8tgSgXOj/uOwivhzAUHu1xYAEHPg8+UwVv
9xxWi0oEKfkf64SmbyjDxFsbcwhre2UO1UODklgdolj/Kn8yvr8FSjCpyJXbXU/v
ZbFqdew7aavUzJnPWdCsuMy/Q+WH2/0VASvMkMlbFjG/QB67MnJHfBuWsE9Ecy4W
hOVIzxNxTSuiE6sphtIqz+M4nLFZM9JMr7L60qrRWGrAHCjxdXoKH+NSYPjs3tzg
gaCDcrK/4e52beizDMgzEfM8xM2hX+zc/QHccffeR14E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:23 2024 by rpki-client on console-fra.rpki-client.org