Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/m2al5SOFs7dvE6TmcsWY-Ko8CnU.roa
File:                     m2al5SOFs7dvE6TmcsWY-Ko8CnU.roa (raw, json)
Hash identifier:          c2BmnetiAFggJ+OGZ1dIr4Sbp6kqqlJnFiR3kJyCm50=
Subject key identifier:   9B:66:A5:E5:23:85:B3:B7:6F:13:A4:E6:72:C5:98:F8:AA:3C:0A:75
Certificate issuer:       /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial:       018CC7275B6EDC0939694C59867E5F770D74
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/m2al5SOFs7dvE6TmcsWY-Ko8CnU.roa
Signing time:             Mon 01 Jan 2024 22:31:34 +0000
ROA not before:           Mon 01 Jan 2024 22:31:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211439
IP address blocks:        94.103.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Jan 2024 22:31:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:5b:6e:dc:09:39:69:4c:59:86:7e:5f:77:0d:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
        Validity
            Not Before: Jan  1 22:31:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9b66a5e52385b3b76f13a4e672c598f8aa3c0a75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:cd:bc:05:4c:c8:32:fe:66:0c:68:e5:94:9c:
                    d9:14:48:01:0e:65:d7:21:63:c0:1e:b7:f0:eb:ab:
                    05:38:d7:8d:44:85:1b:5a:a0:e3:9a:bf:c6:dc:c9:
                    2c:5f:8d:77:51:38:72:4e:99:f4:62:54:a5:73:7b:
                    fb:76:39:25:f2:8e:77:ba:66:0a:5d:05:14:8b:6b:
                    f3:02:2e:13:2d:b8:b4:3c:cd:3a:a3:69:0c:84:db:
                    47:fe:91:92:ab:73:29:69:24:cc:33:37:de:65:b6:
                    ea:e9:e5:fe:54:c9:96:a3:41:cf:58:74:b7:df:3f:
                    7d:cd:2b:21:7f:e0:ab:18:02:2c:1b:53:bc:b3:cd:
                    ca:e5:95:be:3c:2e:1b:62:84:3c:c0:57:1c:ff:eb:
                    fa:25:03:ec:f1:55:f2:f7:1a:a7:1d:45:a6:46:86:
                    eb:da:c9:61:dc:37:e0:a6:42:ea:0a:d1:87:61:3a:
                    ce:40:3c:54:1d:df:f9:f9:7d:2f:e4:a9:9a:07:65:
                    17:dc:14:8e:67:27:e8:bd:42:0f:f7:9f:b1:0d:28:
                    12:0c:8c:45:93:dd:a9:17:eb:6a:3a:d1:9f:19:d3:
                    b9:14:81:3f:86:11:59:71:b6:6e:0a:50:19:31:80:
                    49:f5:e5:d8:02:31:e8:9f:a7:f7:bd:8c:b4:a9:16:
                    59:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:66:A5:E5:23:85:B3:B7:6F:13:A4:E6:72:C5:98:F8:AA:3C:0A:75
            X509v3 Authority Key Identifier:
                keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/m2al5SOFs7dvE6TmcsWY-Ko8CnU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.103.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         db:5c:c8:db:59:3d:4c:ad:5d:5e:7c:3d:38:f5:48:ee:c7:4d:
         33:50:56:3e:33:cd:23:78:d1:29:06:d3:79:fa:5c:24:25:d4:
         78:36:37:a4:48:6e:e4:2a:da:3d:44:e9:dc:1b:f7:ad:2b:96:
         91:1b:d5:2e:31:b5:f0:0f:dc:c4:f8:47:33:db:37:5a:0f:3a:
         55:89:ef:0a:c6:08:98:28:2e:89:ee:9d:02:bc:3e:bb:6d:1c:
         80:ce:34:a9:ef:b1:37:f0:a6:3e:ac:76:fd:a5:f5:45:63:49:
         d8:aa:cd:dc:21:73:17:9f:ae:10:84:69:22:e6:e3:b4:0d:62:
         98:20:c7:f3:bc:6e:e0:63:e8:3e:e9:e6:b2:2d:26:e7:5a:d1:
         6d:46:a5:6e:c3:c8:9b:66:5c:f5:0d:0b:35:55:22:94:e3:b7:
         0a:57:59:f7:bd:a8:39:4a:8f:85:50:3f:66:76:10:88:9d:80:
         31:5a:15:45:a1:08:2a:2f:0a:7e:a7:a6:bf:82:26:07:1e:00:
         53:08:25:54:73:96:ef:e5:db:a4:3e:cd:b2:08:00:be:f9:62:
         62:c5:f4:9b:30:bb:29:52:d9:4b:6c:19:87:b0:fe:03:c8:24:
         95:af:dd:e1:5b:88:63:3a:93:1d:b7:4e:e0:ae:22:3d:e8:80:
         d7:c3:ab:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ1tu3Ak5aUxZhn5fdw10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjY2YTVlNTIzODViM2I3NmYxM2E0ZTY3MmM1OThmOGFhM2MwYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM28BUzIMv5mDGjllJzZFEgBDmXX
IWPAHrfw66sFONeNRIUbWqDjmr/G3MksX413UThyTpn0YlSlc3v7djkl8o53umYK
XQUUi2vzAi4TLbi0PM06o2kMhNtH/pGSq3MpaSTMMzfeZbbq6eX+VMmWo0HPWHS3
3z99zSshf+CrGAIsG1O8s83K5ZW+PC4bYoQ8wFcc/+v6JQPs8VXy9xqnHUWmRobr
2slh3DfgpkLqCtGHYTrOQDxUHd/5+X0v5KmaB2UX3BSOZyfovUIP95+xDSgSDIxF
k92pF+tqOtGfGdO5FIE/hhFZcbZuClAZMYBJ9eXYAjHon6f3vYy0qRZZOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJtmpeUjhbO3bxOk5nLFmPiqPAp1MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbTJhbDVTT0ZzN2R2RTZUbWNzV1ktS284Q25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXme7MA0G
CSqGSIb3DQEBCwUAA4IBAQDbXMjbWT1MrV1efD049Ujux00zUFY+M80jeNEpBtN5
+lwkJdR4NjekSG7kKto9ROncG/etK5aRG9UuMbXwD9zE+Ecz2zdaDzpVie8KxgiY
KC6J7p0CvD67bRyAzjSp77E38KY+rHb9pfVFY0nYqs3cIXMXn64QhGki5uO0DWKY
IMfzvG7gY+g+6eayLSbnWtFtRqVuw8ibZlz1DQs1VSKU47cKV1n3vag5So+FUD9m
dhCInYAxWhVFoQgqLwp+p6a/giYHHgBTCCVUc5bv5dukPs2yCAC++WJixfSbMLsp
UtlLbBmHsP4DyCSVr93hW4hjOpMdt07griI96IDXw6s4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org