Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gnK-NskBbdatHaiN7zWAiNCK3Qo.roa
File:                     gnK-NskBbdatHaiN7zWAiNCK3Qo.roa (raw, json)
Hash identifier:          8sphNHEAfYSPNFWWMu5xZpXW7ozn5gpbI9ygZaDhWRg=
Subject key identifier:   82:72:BE:36:C9:01:6D:D6:AD:1D:A8:8D:EF:35:80:88:D0:8A:DD:0A
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       018A24210B69330F2786C849BEDAD965A617
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gnK-NskBbdatHaiN7zWAiNCK3Qo.roa
Signing time:             Wed 23 Aug 2023 20:40:59 +0000
ROA not before:           Wed 23 Aug 2023 20:40:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        95.214.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 26 Aug 2023 18:18:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:24:21:0b:69:33:0f:27:86:c8:49:be:da:d9:65:a6:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Aug 23 20:40:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8272be36c9016dd6ad1da88def358088d08add0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:44:1c:d2:dd:01:72:9c:f7:58:f1:bc:1a:f8:
                    a2:50:a6:41:16:ad:9e:37:a7:d9:ff:35:f2:78:d6:
                    f3:60:e6:30:a9:08:59:32:04:c5:4c:d6:e1:96:eb:
                    b2:ae:e2:b2:fb:d9:9f:f2:89:3c:fb:32:18:ad:e3:
                    28:03:35:42:7d:7c:4e:9d:23:89:90:67:7d:ef:ee:
                    7d:ce:b8:40:a5:6f:a6:09:13:56:a7:38:bc:0b:00:
                    88:78:86:6c:9a:14:18:09:95:96:43:ea:c4:99:e4:
                    36:00:84:00:ec:f3:ff:58:db:1e:82:3d:5b:e3:6e:
                    ea:6a:af:55:55:b5:9f:8e:09:e0:72:ac:66:ec:c2:
                    25:27:e4:39:5b:ab:46:40:1e:0b:8d:be:d4:1a:a0:
                    26:ab:2c:cd:1c:bf:d9:33:af:4b:4c:93:b1:16:0e:
                    84:e7:69:1a:52:67:d0:36:cd:7d:95:20:bd:d9:f7:
                    38:ca:21:09:d7:03:d6:23:70:c8:13:f0:3e:b7:1e:
                    25:47:f7:98:2d:6f:76:1b:56:39:19:35:a0:b9:7e:
                    d7:43:6a:c7:fb:44:02:0e:fd:28:fd:a3:2c:85:a7:
                    90:0d:93:79:bc:af:70:a4:c9:2b:63:be:02:56:e5:
                    a5:9d:8d:e6:10:19:24:cb:d4:91:fc:31:9f:f7:b2:
                    b9:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:72:BE:36:C9:01:6D:D6:AD:1D:A8:8D:EF:35:80:88:D0:8A:DD:0A
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gnK-NskBbdatHaiN7zWAiNCK3Qo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:eb:f2:3f:84:7f:92:1c:e9:f1:e5:34:eb:89:a5:7d:03:28:
         58:dd:8d:f6:32:a9:86:a0:f9:d9:05:83:1a:98:2a:41:01:e6:
         66:7b:e0:4c:90:8b:e0:10:5c:4a:62:98:dc:c9:78:36:3d:bf:
         37:53:a5:ce:6a:13:79:64:bf:9a:79:3c:8b:b2:1f:60:42:96:
         1e:ee:78:21:46:2a:20:00:24:ef:0e:82:d0:95:78:e3:56:16:
         ff:0a:c6:93:be:46:19:01:80:ac:d5:e4:e2:36:f1:5e:87:b8:
         1d:eb:d5:cb:9c:1f:92:94:35:c2:5b:cb:7b:b1:c2:7b:be:98:
         e1:ba:fc:f1:fc:e4:91:92:27:e3:75:c1:d2:fa:b9:ef:0e:08:
         f6:1b:b9:e4:06:de:56:f2:49:3e:91:55:bd:97:52:8d:ea:a2:
         ae:60:e5:62:9b:ff:5f:68:65:54:84:b8:70:f3:cd:1f:8b:c2:
         6f:5f:67:9b:6a:ff:83:eb:7b:fc:14:ce:3e:35:7e:16:a1:b1:
         c4:0e:8e:21:a1:db:7d:c8:17:e4:fa:e0:94:4f:5a:64:5b:8f:
         4c:cc:d1:73:7e:9f:95:ba:f2:c3:b8:01:91:7e:c5:bb:bb:c7:
         1f:5f:27:7e:ff:aa:2f:44:1a:06:d3:54:54:65:a8:e0:73:a0:
         8e:f0:c9:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYokIQtpMw8nhshJvtrZZaYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwODIzMjA0MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjcyYmUzNmM5MDE2ZGQ2YWQxZGE4OGRlZjM1ODA4OGQwOGFkZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kQc0t0Bcpz3WPG8GviiUKZBFq2e
N6fZ/zXyeNbzYOYwqQhZMgTFTNbhluuyruKy+9mf8ok8+zIYreMoAzVCfXxOnSOJ
kGd97+59zrhApW+mCRNWpzi8CwCIeIZsmhQYCZWWQ+rEmeQ2AIQA7PP/WNsegj1b
427qaq9VVbWfjgngcqxm7MIlJ+Q5W6tGQB4Ljb7UGqAmqyzNHL/ZM69LTJOxFg6E
52kaUmfQNs19lSC92fc4yiEJ1wPWI3DIE/A+tx4lR/eYLW92G1Y5GTWguX7XQ2rH
+0QCDv0o/aMshaeQDZN5vK9wpMkrY74CVuWlnY3mEBkky9SR/DGf97K5cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJyvjbJAW3WrR2oje81gIjQit0KMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvZ25LLU5za0JiZGF0SGFpTjd6V0FpTkNLM1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9asMA0G
CSqGSIb3DQEBCwUAA4IBAQCd6/I/hH+SHOnx5TTriaV9AyhY3Y32MqmGoPnZBYMa
mCpBAeZme+BMkIvgEFxKYpjcyXg2Pb83U6XOahN5ZL+aeTyLsh9gQpYe7nghRiog
ACTvDoLQlXjjVhb/CsaTvkYZAYCs1eTiNvFeh7gd69XLnB+SlDXCW8t7scJ7vpjh
uvzx/OSRkifjdcHS+rnvDgj2G7nkBt5W8kk+kVW9l1KN6qKuYOVim/9faGVUhLhw
880fi8JvX2ebav+D63v8FM4+NX4WobHEDo4hodt9yBfk+uCUT1pkW49MzNFzfp+V
uvLDuAGRfsW7u8cfXyd+/6ovRBoG01RUZajgc6CO8MlD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:46 2024 by rpki-client on console-fra.rpki-client.org