Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/SP43sKx_kRkeybsYJth0exMkjtY.roa
File:                     SP43sKx_kRkeybsYJth0exMkjtY.roa (raw, json)
Hash identifier:          hGiY0V41+hei2xugQ0+30XZjGCSMIEQ/k8ry4ozO/fU=
Subject key identifier:   48:FE:37:B0:AC:7F:91:19:1E:C9:BB:18:26:D8:74:7B:13:24:8E:D6
Certificate issuer:       /CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
Certificate serial:       018CC6B928B2441A93A55F8B1B9BF14B4A69
Authority key identifier: 4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/SP43sKx_kRkeybsYJth0exMkjtY.roa
Signing time:             Mon 01 Jan 2024 20:31:12 +0000
ROA not before:           Mon 01 Jan 2024 20:31:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202973
IP address blocks:        195.10.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 23:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:28:b2:44:1a:93:a5:5f:8b:1b:9b:f1:4b:4a:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
        Validity
            Not Before: Jan  1 20:31:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=48fe37b0ac7f91191ec9bb1826d8747b13248ed6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:56:ce:09:c0:3a:f9:c4:aa:e1:7d:ee:75:20:
                    cd:7f:d3:a8:80:bf:d8:9f:9b:df:98:d6:a7:ab:7e:
                    b9:ec:6a:83:3e:b1:97:a7:cb:00:85:e1:49:27:d8:
                    2d:d9:b5:e3:a8:5f:d2:88:95:8e:7b:44:06:d3:1b:
                    b3:e5:bc:58:e3:08:8d:0d:a0:03:c8:74:0f:cf:25:
                    d3:5c:e2:8e:d7:74:b0:c8:df:65:54:cd:0e:c4:fe:
                    5f:6b:ef:3f:1a:66:5c:a2:9f:1f:26:99:15:98:b0:
                    3d:1f:1d:31:92:11:83:20:b2:c0:f2:41:7a:c2:87:
                    e4:be:47:b9:d6:91:37:e8:47:8a:fb:4b:f5:89:f9:
                    15:2f:73:07:7c:30:a9:fc:5c:c4:ff:a6:7a:5c:4c:
                    ef:e8:03:d5:e9:83:83:b7:1b:71:b8:55:ec:6a:f8:
                    ed:5c:49:85:f8:3b:84:38:8c:9a:30:e4:0d:be:b4:
                    e2:9f:ef:1d:87:23:89:b1:92:b5:b6:c0:28:ee:21:
                    4a:7a:8a:f3:39:bd:5f:61:16:d1:bb:07:24:0b:ab:
                    52:f5:b9:d5:9d:64:9a:36:af:d5:05:d2:38:65:46:
                    12:32:cd:68:d2:b2:1d:fb:de:4a:69:20:8e:0e:ce:
                    38:6f:b1:27:2c:ea:79:5d:f2:6d:57:67:3b:57:40:
                    1b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:FE:37:B0:AC:7F:91:19:1E:C9:BB:18:26:D8:74:7B:13:24:8E:D6
            X509v3 Authority Key Identifier:
                keyid:4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/SP43sKx_kRkeybsYJth0exMkjtY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:ce:6b:ff:c2:a5:61:2b:95:3b:2e:da:81:91:fe:88:20:a3:
         b3:70:f0:0b:71:7e:1c:eb:48:0e:30:9e:35:ba:cd:d8:14:a7:
         2f:5e:fd:d9:6d:31:ec:5e:9c:15:79:88:3b:68:9a:34:e1:03:
         ca:fc:59:ff:25:5b:e3:c9:e2:ba:a9:92:8f:f5:1d:57:0a:e6:
         b2:97:ef:f1:81:c9:80:5b:52:ce:49:2f:3d:b5:0f:b6:2c:86:
         c0:e8:13:7e:d1:c1:ac:09:9b:c6:90:ae:a4:91:e6:89:8c:86:
         e6:b2:67:7f:4e:84:65:c7:d3:c0:2d:f3:22:72:7a:33:12:eb:
         9a:da:da:26:4b:27:14:22:a4:cb:d4:df:33:69:84:55:3e:b3:
         27:3b:ed:8f:32:a9:d0:fc:b4:de:8c:f9:e2:62:0e:ce:f9:74:
         a7:80:6d:72:a8:90:e8:00:4d:20:24:c4:2d:29:16:6f:45:10:
         fe:87:6f:ea:85:bb:5c:43:29:05:7e:1a:52:ae:7c:09:60:dc:
         02:96:be:73:89:5c:52:fa:a6:be:0a:2c:df:0f:70:ac:27:f4:
         b3:3e:54:2e:3e:f1:53:77:2b:4d:23:8d:9d:c7:09:b4:c2:03:
         3f:ea:e6:86:ab:8c:ca:b5:7b:66:25:54:6c:29:d3:fb:e8:b8:
         67:a2:c3:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuSiyRBqTpV+LG5vxS0ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMmQzMGIwMTVlYzRlZjFiMGQzYzY0MzQ3YzhkMWI1OTgy
OTNmODEwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGZlMzdiMGFjN2Y5MTE5MWVjOWJiMTgyNmQ4NzQ3YjEzMjQ4ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFbOCcA6+cSq4X3udSDNf9OogL/Y
n5vfmNanq3657GqDPrGXp8sAheFJJ9gt2bXjqF/SiJWOe0QG0xuz5bxY4wiNDaAD
yHQPzyXTXOKO13SwyN9lVM0OxP5fa+8/GmZcop8fJpkVmLA9Hx0xkhGDILLA8kF6
wofkvke51pE36EeK+0v1ifkVL3MHfDCp/FzE/6Z6XEzv6APV6YODtxtxuFXsavjt
XEmF+DuEOIyaMOQNvrTin+8dhyOJsZK1tsAo7iFKeorzOb1fYRbRuwckC6tS9bnV
nWSaNq/VBdI4ZUYSMs1o0rId+95KaSCODs44b7EnLOp5XfJtV2c7V0AbgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEj+N7Csf5EZHsm7GCbYdHsTJI7WMB8GA1UdIwQY
MBaAFE8tMLAV7E7xsNPGQ0fI0bWYKT+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjkt
NDM1MWJiZjc0YzBjLzEvU1A0M3NLeF9rUmtleWJzWUp0aDBleE1ranRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjktNDM1MWJiZjc0YzBj
LzEvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrNMA0G
CSqGSIb3DQEBCwUAA4IBAQB3zmv/wqVhK5U7LtqBkf6IIKOzcPALcX4c60gOMJ41
us3YFKcvXv3ZbTHsXpwVeYg7aJo04QPK/Fn/JVvjyeK6qZKP9R1XCuayl+/xgcmA
W1LOSS89tQ+2LIbA6BN+0cGsCZvGkK6kkeaJjIbmsmd/ToRlx9PALfMicnozEuua
2tomSycUIqTL1N8zaYRVPrMnO+2PMqnQ/LTejPniYg7O+XSngG1yqJDoAE0gJMQt
KRZvRRD+h2/qhbtcQykFfhpSrnwJYNwClr5ziVxS+qa+CizfD3CsJ/SzPlQuPvFT
dytNI42dxwm0wgM/6uaGq4zKtXtmJVRsKdP76LhnosNY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org