Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/cf9533-1b34-44aa-9a78-f261fe516951/1/NJQ00IcG7OeKvxXsng6lBTx_5r8.roa
File:                     NJQ00IcG7OeKvxXsng6lBTx_5r8.roa (raw, json)
Hash identifier:          5iNAe9+K95eyGCZIa/SGKUavbIpKfK7ctDYgD2j38oY=
Subject key identifier:   34:94:34:D0:87:06:EC:E7:8A:BF:15:EC:9E:0E:A5:05:3C:7F:E6:BF
Certificate issuer:       /CN=a9c77844aeb6aab58c4603ca082bdd4a7804779f
Certificate serial:       0185723A0107843E00283DD42C7A06F65AE7
Authority key identifier: A9:C7:78:44:AE:B6:AA:B5:8C:46:03:CA:08:2B:DD:4A:78:04:77:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qcd4RK62qrWMRgPKCCvdSngEd58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/cf9533-1b34-44aa-9a78-f261fe516951/1/NJQ00IcG7OeKvxXsng6lBTx_5r8.roa
Signing time:             Mon 02 Jan 2023 11:24:41 +0000
ROA not before:           Mon 02 Jan 2023 11:24:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205365
IP address blocks:        195.191.80.0/24 maxlen: 24
                          195.191.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:3a:01:07:84:3e:00:28:3d:d4:2c:7a:06:f6:5a:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9c77844aeb6aab58c4603ca082bdd4a7804779f
        Validity
            Not Before: Jan  2 11:24:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=349434d08706ece78abf15ec9e0ea5053c7fe6bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:83:24:c0:ea:00:98:79:f4:81:c2:67:c4:af:
                    42:a2:2a:58:5a:f6:f2:9e:fd:13:41:6d:3f:38:e3:
                    04:13:8b:12:40:f5:92:b8:c5:e4:c3:1d:8c:d5:83:
                    e8:9e:ac:91:c7:84:52:2f:88:42:e0:71:05:00:fd:
                    48:a5:66:9d:db:9b:42:89:c8:99:36:d9:12:b5:54:
                    f2:76:26:20:98:d1:2e:59:f8:65:3c:f0:9c:c7:d1:
                    ce:85:04:b4:22:b8:56:77:9b:5c:a9:8e:24:e3:b0:
                    98:6c:b7:a4:c2:52:c0:0a:02:88:9b:01:c6:52:0d:
                    e4:01:0b:75:fb:ef:22:8e:bb:f4:6d:d8:2b:03:49:
                    17:df:7e:20:7a:ae:7e:5f:a3:4e:ad:00:1a:e8:e5:
                    21:90:a7:6b:2e:5f:5a:c0:66:a3:3a:5f:6b:e1:29:
                    94:5c:57:d1:5f:77:63:a0:9a:f6:88:9d:1e:b3:c2:
                    fb:d5:24:8b:22:f1:c8:64:f9:f3:bc:90:a9:55:dd:
                    0e:b4:c2:19:22:e1:d5:19:75:7d:26:b3:bd:0a:41:
                    15:35:70:9b:1a:2d:73:a6:b1:2d:bd:bd:a4:3a:58:
                    06:18:28:90:b6:22:bb:c6:b7:44:02:67:46:1d:97:
                    cb:40:a7:cb:55:a9:bf:97:7d:7b:6e:4c:3e:83:b4:
                    7f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:94:34:D0:87:06:EC:E7:8A:BF:15:EC:9E:0E:A5:05:3C:7F:E6:BF
            X509v3 Authority Key Identifier:
                keyid:A9:C7:78:44:AE:B6:AA:B5:8C:46:03:CA:08:2B:DD:4A:78:04:77:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcd4RK62qrWMRgPKCCvdSngEd58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cf9533-1b34-44aa-9a78-f261fe516951/1/NJQ00IcG7OeKvxXsng6lBTx_5r8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cf9533-1b34-44aa-9a78-f261fe516951/1/qcd4RK62qrWMRgPKCCvdSngEd58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.191.80.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6e:cd:21:b1:5d:0d:5e:5e:ed:8a:5d:63:78:db:da:eb:73:a1:
         15:a3:37:44:7d:3c:be:bc:2e:69:39:e7:d5:16:c4:60:7f:8c:
         3e:a1:db:27:c3:f1:d1:f2:7b:fa:eb:6c:a1:27:95:43:51:12:
         d7:aa:e4:ad:8f:54:91:d6:07:3b:51:a1:58:61:b3:cc:d8:5e:
         94:89:af:0f:e0:c9:b4:8a:22:82:9a:61:15:10:a3:b9:16:54:
         bc:a1:be:e2:f7:1b:5b:ce:42:8e:1e:18:af:3a:2b:1a:44:2e:
         85:96:cf:ae:ef:a4:0e:83:9a:7b:9f:c1:a8:b2:be:d3:36:aa:
         e7:80:5f:64:52:1a:eb:c2:27:32:5d:67:0e:39:a3:72:a5:93:
         b9:41:4f:5d:9a:28:31:d7:0c:2c:ba:f4:42:d8:8a:db:db:ba:
         a0:f5:91:16:f5:0b:b0:50:38:76:14:44:de:4a:98:5d:9b:bb:
         fb:16:fe:e7:98:c2:00:a7:41:86:2e:65:ab:ea:62:f6:41:ec:
         64:74:6f:d2:92:bd:79:65:a6:d8:65:ca:64:80:f9:21:d1:64:
         27:6d:f6:39:70:71:c2:d1:f8:9e:ff:aa:b9:94:f8:dd:5a:c1:
         c4:9f:cb:c6:b4:20:4e:1b:94:a1:03:39:74:62:04:5b:54:bf:
         ef:61:b0:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOgEHhD4AKD3ULHoG9lrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yzc3ODQ0YWViNmFhYjU4YzQ2MDNjYTA4MmJkZDRhNzgw
NDc3OWYwHhcNMjMwMTAyMTEyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk0MzRkMDg3MDZlY2U3OGFiZjE1ZWM5ZTBlYTUwNTNjN2ZlNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYMkwOoAmHn0gcJnxK9CoipYWvby
nv0TQW0/OOMEE4sSQPWSuMXkwx2M1YPonqyRx4RSL4hC4HEFAP1IpWad25tCiciZ
NtkStVTydiYgmNEuWfhlPPCcx9HOhQS0IrhWd5tcqY4k47CYbLekwlLACgKImwHG
Ug3kAQt1++8ijrv0bdgrA0kX334geq5+X6NOrQAa6OUhkKdrLl9awGajOl9r4SmU
XFfRX3djoJr2iJ0es8L71SSLIvHIZPnzvJCpVd0OtMIZIuHVGXV9JrO9CkEVNXCb
Gi1zprEtvb2kOlgGGCiQtiK7xrdEAmdGHZfLQKfLVam/l317bkw+g7R/QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSUNNCHBuznir8V7J4OpQU8f+a/MB8GA1UdIwQY
MBaAFKnHeESutqq1jEYDyggr3Up4BHefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWNkNFJLNjJxcldNUmdQS0NDdmRTbmdFZDU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9jZjk1MzMtMWIzNC00NGFhLTlhNzgt
ZjI2MWZlNTE2OTUxLzEvTkpRMDBJY0c3T2VLdnhYc25nNmxCVHhfNXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9jZjk1MzMtMWIzNC00NGFhLTlhNzgtZjI2MWZlNTE2OTUx
LzEvcWNkNFJLNjJxcldNUmdQS0NDdmRTbmdFZDU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw79QMA0G
CSqGSIb3DQEBCwUAA4IBAQBuzSGxXQ1eXu2KXWN429rrc6EVozdEfTy+vC5pOefV
FsRgf4w+odsnw/HR8nv662yhJ5VDURLXquStj1SR1gc7UaFYYbPM2F6Uia8P4Mm0
iiKCmmEVEKO5FlS8ob7i9xtbzkKOHhivOisaRC6Fls+u76QOg5p7n8Gosr7TNqrn
gF9kUhrrwicyXWcOOaNypZO5QU9dmigx1wwsuvRC2Irb27qg9ZEW9QuwUDh2FETe
Sphdm7v7Fv7nmMIAp0GGLmWr6mL2QexkdG/Skr15ZabYZcpkgPkh0WQnbfY5cHHC
0fie/6q5lPjdWsHEn8vGtCBOG5ShAzl0YgRbVL/vYbDb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:40 2024 by rpki-client on console-ams.rpki-client.org