Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/97MU3f0cQfT9OQUxwXdmLSfmHjE.roa
File:                     97MU3f0cQfT9OQUxwXdmLSfmHjE.roa (raw, json)
Hash identifier:          Du9OYI4Q5s2asPupG0CJKaxB9B3pQliCW6gVXXFZuc4=
Subject key identifier:   F7:B3:14:DD:FD:1C:41:F4:FD:39:05:31:C1:77:66:2D:27:E6:1E:31
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       018CC8DE13A4403DA5711C7D36E8072944A5
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/97MU3f0cQfT9OQUxwXdmLSfmHjE.roa
Signing time:             Tue 02 Jan 2024 06:30:46 +0000
ROA not before:           Tue 02 Jan 2024 06:30:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6939
IP address blocks:        95.214.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 20 Jan 2024 07:12:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:13:a4:40:3d:a5:71:1c:7d:36:e8:07:29:44:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Jan  2 06:30:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f7b314ddfd1c41f4fd390531c177662d27e61e31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:be:80:28:bd:d6:56:03:55:80:0a:1f:17:a9:
                    8d:0e:4c:42:20:9d:f0:3f:18:84:1d:0b:14:c6:a2:
                    de:ff:52:3a:f1:e2:49:95:d4:e5:7a:9c:11:e9:80:
                    c2:5d:a1:bd:9b:2b:5f:95:49:5a:66:15:5e:2f:7b:
                    d7:cc:e7:3f:41:5a:c2:41:dd:e9:ce:f8:2f:de:ea:
                    00:4c:8f:8c:fc:de:d2:6d:fb:02:1c:58:d7:84:6d:
                    30:e9:09:41:4c:70:13:bf:91:6a:65:56:1a:f9:e2:
                    2e:fa:fd:ff:21:64:fd:8b:95:29:a1:8f:ee:d0:0a:
                    ea:04:9c:e3:59:d8:c3:ec:51:9d:c0:2a:84:58:90:
                    b6:a1:4d:44:ce:8d:5d:1a:0e:57:9c:5b:d2:82:00:
                    5d:e3:07:56:c8:68:20:93:a1:c8:19:ff:fb:12:20:
                    67:8c:d7:5f:ff:fc:76:c9:62:7f:8f:87:56:1d:ee:
                    63:a9:b6:76:97:ab:74:d2:92:19:df:4e:65:c8:78:
                    5c:93:6d:bd:29:86:cc:32:f9:30:f3:92:63:75:ef:
                    d3:5a:44:79:e5:db:e4:db:b3:d0:52:c1:be:f0:3d:
                    98:45:b9:eb:65:6d:a7:65:66:6a:ef:90:76:de:7d:
                    65:e0:74:6c:9d:84:26:82:67:70:f5:8b:95:96:f4:
                    4d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:B3:14:DD:FD:1C:41:F4:FD:39:05:31:C1:77:66:2D:27:E6:1E:31
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/97MU3f0cQfT9OQUxwXdmLSfmHjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:e0:51:8b:24:a1:3d:5b:f3:74:7e:85:64:13:8a:aa:fe:d9:
         36:3c:c6:f9:1c:8d:f1:c7:0e:84:5a:3c:94:1a:99:62:27:64:
         57:85:bd:59:80:e9:36:b9:ab:3a:bd:82:6f:59:a4:05:54:f9:
         3c:a3:12:b7:f3:75:d8:10:70:b7:08:7e:01:1e:16:68:7e:f1:
         f1:70:44:7e:ff:31:9b:03:80:3b:e8:b3:34:7c:a2:e4:4b:2f:
         7a:1e:28:21:d5:91:cb:29:cc:ab:48:b5:e2:18:d2:bf:89:84:
         90:62:4d:0e:e0:6e:c0:84:50:e9:2c:ce:c0:fc:bb:17:01:6c:
         0e:a9:84:7b:85:15:59:b1:85:74:3b:c4:47:f7:a7:7a:09:c3:
         7b:d9:f5:f6:eb:c4:9b:ae:dc:f3:9a:4e:fd:75:c4:77:81:4a:
         b2:06:96:a0:2e:91:25:73:c8:d7:cf:1e:a9:fd:b4:03:3f:c9:
         de:54:2e:a2:7a:d7:7c:fd:c3:68:5e:75:2a:6d:59:d4:ac:1b:
         fc:3e:c5:76:dc:a6:4d:d7:ac:8f:68:64:6a:73:58:78:9d:85:
         5d:b5:4f:8f:a2:72:84:bb:26:07:50:5c:e3:31:fc:a3:45:ae:
         f8:0f:f6:80:52:c3:6c:34:f3:93:f6:bd:66:27:65:26:dc:58:
         d0:2b:3a:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3hOkQD2lcRx9NugHKUSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjQwMTAyMDYzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2IzMTRkZGZkMWM0MWY0ZmQzOTA1MzFjMTc3NjYyZDI3ZTYxZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs76AKL3WVgNVgAofF6mNDkxCIJ3w
PxiEHQsUxqLe/1I68eJJldTlepwR6YDCXaG9mytflUlaZhVeL3vXzOc/QVrCQd3p
zvgv3uoATI+M/N7SbfsCHFjXhG0w6QlBTHATv5FqZVYa+eIu+v3/IWT9i5UpoY/u
0ArqBJzjWdjD7FGdwCqEWJC2oU1Ezo1dGg5XnFvSggBd4wdWyGggk6HIGf/7EiBn
jNdf//x2yWJ/j4dWHe5jqbZ2l6t00pIZ305lyHhck229KYbMMvkw85Jjde/TWkR5
5dvk27PQUsG+8D2YRbnrZW2nZWZq75B23n1l4HRsnYQmgmdw9YuVlvRNZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPezFN39HEH0/TkFMcF3Zi0n5h4xMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvOTdNVTNmMGNRZlQ5T1FVeHdYZG1MU2ZtSGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9avMA0G
CSqGSIb3DQEBCwUAA4IBAQBp4FGLJKE9W/N0foVkE4qq/tk2PMb5HI3xxw6EWjyU
GpliJ2RXhb1ZgOk2uas6vYJvWaQFVPk8oxK383XYEHC3CH4BHhZofvHxcER+/zGb
A4A76LM0fKLkSy96High1ZHLKcyrSLXiGNK/iYSQYk0O4G7AhFDpLM7A/LsXAWwO
qYR7hRVZsYV0O8RH96d6CcN72fX268Sbrtzzmk79dcR3gUqyBpagLpElc8jXzx6p
/bQDP8neVC6ietd8/cNoXnUqbVnUrBv8PsV23KZN16yPaGRqc1h4nYVdtU+PonKE
uyYHUFzjMfyjRa74D/aAUsNsNPOT9r1mJ2Um3FjQKzqh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org