Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/U1d-28-8wBwR_kw4-qzzAM5U_H8.roa
File:                     U1d-28-8wBwR_kw4-qzzAM5U_H8.roa (raw, json)
Hash identifier:          Cjr3YpOAdJvA+jJjNIu4SGSp5V4kKY7yz+5ruLOKPZ4=
Subject key identifier:   53:57:7E:DB:CF:BC:C0:1C:11:FE:4C:38:FA:AC:F3:00:CE:54:FC:7F
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       018AC883D3B5B6FA9F7CEDB5B390ACA4A8AF
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/U1d-28-8wBwR_kw4-qzzAM5U_H8.roa
Signing time:             Sun 24 Sep 2023 18:46:37 +0000
ROA not before:           Sun 24 Sep 2023 18:46:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        95.214.173.0/24 maxlen: 24
                          193.239.197.0/24 maxlen: 24
                          193.239.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 11 Nov 2023 08:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:c8:83:d3:b5:b6:fa:9f:7c:ed:b5:b3:90:ac:a4:a8:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Sep 24 18:46:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53577edbcfbcc01c11fe4c38faacf300ce54fc7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:4c:2a:19:8a:12:20:f3:56:25:90:d5:9b:df:
                    6f:de:bf:fd:d6:1d:eb:d1:8f:65:aa:69:3a:1c:d5:
                    81:98:46:3f:2c:8b:f6:14:00:6c:04:6e:30:58:f3:
                    d9:5d:6b:e6:30:2c:bb:58:32:1b:38:1e:45:f7:00:
                    4f:05:d3:20:78:94:39:80:60:e5:d6:0a:f3:f1:81:
                    7f:1f:17:44:b8:91:32:67:d0:8b:c1:f9:73:4b:84:
                    22:b4:5c:81:b3:35:a3:1c:14:78:c7:d8:22:5a:b3:
                    4b:de:3a:ef:f7:ee:a7:66:0b:3e:fa:0b:61:97:65:
                    d9:2e:53:e8:56:a6:fc:10:b2:57:63:90:8e:cb:31:
                    6f:5e:ee:b1:c1:d1:1c:40:8f:a5:dd:3d:1a:e4:55:
                    3d:3f:00:20:a2:2b:20:59:20:44:93:4b:82:bc:3e:
                    17:eb:bc:b7:76:63:28:ed:ed:c7:95:2c:1f:a4:ea:
                    56:01:ff:3d:83:2e:ec:44:ac:6b:69:77:a4:c0:41:
                    c5:57:3d:f0:2b:1d:b1:e5:f7:f3:dc:1e:76:1b:78:
                    1c:40:d9:2f:bc:72:07:b5:fa:c0:24:b2:ea:4e:37:
                    84:80:32:0c:2a:39:c1:14:86:d7:68:a1:24:6a:4e:
                    e9:69:4d:fb:f5:83:47:32:52:c4:ea:0a:4e:b8:a4:
                    6d:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:57:7E:DB:CF:BC:C0:1C:11:FE:4C:38:FA:AC:F3:00:CE:54:FC:7F
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/U1d-28-8wBwR_kw4-qzzAM5U_H8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.173.0/24
                  193.239.196.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5a:e2:78:03:40:1c:9e:81:00:0d:e3:e1:8f:af:28:9b:d7:d9:
         4c:aa:60:80:50:e7:5b:61:c0:c9:6e:1a:44:51:4a:56:eb:91:
         d0:45:cb:41:6d:2f:aa:c5:d8:67:6b:c9:63:1f:21:c4:3d:ea:
         56:f0:bd:4c:11:fb:05:20:87:48:cd:70:2d:70:d3:c9:06:81:
         94:cf:23:6a:a1:29:f0:e1:c8:25:ce:5c:5e:85:40:4c:ae:19:
         e1:0f:13:37:7a:3e:15:a2:fe:98:bd:9e:d1:4b:d5:c2:dd:a3:
         a0:19:55:c9:26:b2:c2:ea:8d:39:bd:14:c7:f5:57:14:f3:c0:
         00:37:10:b4:85:99:19:70:e6:4d:2c:8e:86:8d:76:54:23:3e:
         99:89:f6:7d:bd:0b:d4:fe:5f:a3:13:6b:a7:d6:d7:1f:eb:b2:
         c7:bc:02:71:25:66:87:35:a0:99:ef:94:82:ba:76:89:f4:ac:
         aa:73:66:6f:69:c1:2d:b1:05:1e:fe:2e:ef:c1:da:3d:92:72:
         18:10:da:51:e4:cb:e9:62:71:ac:90:d3:1e:d8:b0:d2:3a:7f:
         dc:2d:1a:9e:31:14:a1:cd:42:7c:6c:3e:20:97:1e:88:0b:fd:
         52:4c:24:bc:e3:68:67:37:47:a2:eb:72:df:c5:8d:8a:85:3a:
         3a:36:95:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrIg9O1tvqffO21s5CspKivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwOTI0MTg0NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzU3N2VkYmNmYmNjMDFjMTFmZTRjMzhmYWFjZjMwMGNlNTRmYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUwqGYoSIPNWJZDVm99v3r/91h3r
0Y9lqmk6HNWBmEY/LIv2FABsBG4wWPPZXWvmMCy7WDIbOB5F9wBPBdMgeJQ5gGDl
1grz8YF/HxdEuJEyZ9CLwflzS4QitFyBszWjHBR4x9giWrNL3jrv9+6nZgs++gth
l2XZLlPoVqb8ELJXY5COyzFvXu6xwdEcQI+l3T0a5FU9PwAgoisgWSBEk0uCvD4X
67y3dmMo7e3HlSwfpOpWAf89gy7sRKxraXekwEHFVz3wKx2x5ffz3B52G3gcQNkv
vHIHtfrAJLLqTjeEgDIMKjnBFIbXaKEkak7paU379YNHMlLE6gpOuKRt5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNXftvPvMAcEf5MOPqs8wDOVPx/MB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvVTFkLTI4LTh3QndSX2t3NC1xenpBTTVVX0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9atAwQB
we/EMA0GCSqGSIb3DQEBCwUAA4IBAQBa4ngDQByegQAN4+GPryib19lMqmCAUOdb
YcDJbhpEUUpW65HQRctBbS+qxdhna8ljHyHEPepW8L1MEfsFIIdIzXAtcNPJBoGU
zyNqoSnw4cglzlxehUBMrhnhDxM3ej4Vov6YvZ7RS9XC3aOgGVXJJrLC6o05vRTH
9VcU88AANxC0hZkZcOZNLI6GjXZUIz6ZifZ9vQvU/l+jE2un1tcf67LHvAJxJWaH
NaCZ75SCunaJ9Kyqc2ZvacEtsQUe/i7vwdo9knIYENpR5MvpYnGskNMe2LDSOn/c
LRqeMRShzUJ8bD4glx6IC/1STCS842hnN0ei63LfxY2KhTo6NpXA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org