Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/iI_MaTgeuk5JKam8n5vAmVNmyI4.roa
File:                     iI_MaTgeuk5JKam8n5vAmVNmyI4.roa (raw, json)
Hash identifier:          YTSUtixe16tU1yKBMYZiM2BSpSfHifBosZgodlQhLAw=
Subject key identifier:   88:8F:CC:69:38:1E:BA:4E:49:29:A9:BC:9F:9B:C0:99:53:66:C8:8E
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       01856EAA2ADF7B2CB4182CDB45C6077DB9C1
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/iI_MaTgeuk5JKam8n5vAmVNmyI4.roa
Signing time:             Sun 01 Jan 2023 18:48:43 +0000
ROA not before:           Sun 01 Jan 2023 18:48:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211415
IP address blocks:        95.214.182.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:aa:2a:df:7b:2c:b4:18:2c:db:45:c6:07:7d:b9:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Jan  1 18:48:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=888fcc69381eba4e4929a9bc9f9bc0995366c88e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:26:28:8a:6f:4e:74:12:27:6a:07:c3:0d:4c:
                    f4:22:8a:f1:f7:49:c5:47:24:00:67:e0:29:0f:ff:
                    49:39:f1:61:07:15:7a:e5:a9:38:dd:81:13:19:c8:
                    29:b3:dd:bd:25:9a:7b:7b:43:1b:8f:4d:f1:18:66:
                    70:cb:a9:a4:4b:a4:b5:93:26:a6:07:76:72:02:2d:
                    55:cd:14:d9:7b:f1:3e:e9:8b:46:5e:18:86:8c:55:
                    f8:34:72:8b:95:08:5c:f5:47:e1:32:c2:46:fb:53:
                    ee:4e:0e:61:29:6a:07:1d:a1:53:19:fd:f5:62:54:
                    a4:38:6d:46:d8:9d:c0:dd:b4:39:da:93:e9:bd:4d:
                    81:71:57:1b:85:3b:51:38:27:15:b6:fa:94:31:54:
                    21:d0:da:40:41:03:52:8e:44:3c:6c:4c:06:3e:5c:
                    02:2c:2c:f9:52:c7:37:fa:c3:bf:00:57:c2:15:4f:
                    4a:b9:c7:de:90:46:14:bb:13:bc:bb:75:f9:13:ee:
                    c4:a5:bf:6d:a0:f8:b3:3b:0f:f5:6e:c1:48:91:59:
                    03:6a:0f:bc:ae:0f:2c:1e:94:b1:2d:3f:d2:f6:4b:
                    0a:42:7e:9c:75:14:57:c1:a5:f3:66:ac:85:f5:1f:
                    71:7b:2a:73:e2:5a:6c:4d:01:42:d2:c8:29:e1:fa:
                    94:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:8F:CC:69:38:1E:BA:4E:49:29:A9:BC:9F:9B:C0:99:53:66:C8:8E
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/iI_MaTgeuk5JKam8n5vAmVNmyI4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:7b:5b:d3:11:bf:5b:43:df:23:f4:75:e2:d6:ff:75:0d:a5:
         a2:5f:c9:3d:98:db:25:15:b3:e3:69:5e:a1:22:2d:9f:9e:97:
         f6:6b:f3:88:4c:a2:c1:f4:18:ad:fd:18:47:2c:9b:90:f9:86:
         1a:69:cd:f9:5d:0c:11:b7:ce:01:c6:b5:45:f8:24:e7:34:75:
         32:62:62:df:db:d6:af:bc:df:ed:37:e2:ca:46:34:50:fb:b4:
         1d:5a:69:2b:8d:29:0e:10:16:c9:11:b1:ef:69:69:0f:7f:c7:
         3f:5a:18:72:8f:a3:e7:8d:5b:fd:40:3a:35:bf:ca:a2:4f:2c:
         3b:82:59:e8:44:5a:e6:bf:e0:13:5e:b8:30:18:75:b7:47:01:
         ca:35:3f:7f:3c:45:d6:e5:47:11:5f:81:17:c7:fb:ed:34:5c:
         0e:b3:ce:7b:8a:19:6b:65:2b:a2:32:9d:32:06:45:9e:02:07:
         95:58:35:7d:9a:df:c0:12:46:b5:14:9d:a6:6f:b2:a0:c5:c2:
         aa:37:10:0c:c1:5e:e7:6b:a2:b8:2b:7e:d6:08:72:d7:36:c0:
         20:af:0a:12:f1:50:b5:47:8a:76:cf:5b:06:96:6e:a7:51:ae:
         4c:a5:a9:14:77:ad:d2:36:c9:44:f2:76:d8:01:1e:c2:c9:01:
         90:4a:cd:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuqirfeyy0GCzbRcYHfbnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwMTAxMTg0ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhmY2M2OTM4MWViYTRlNDkyOWE5YmM5ZjliYzA5OTUzNjZjODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSYoim9OdBInagfDDUz0Iorx90nF
RyQAZ+ApD/9JOfFhBxV65ak43YETGcgps929JZp7e0Mbj03xGGZwy6mkS6S1kyam
B3ZyAi1VzRTZe/E+6YtGXhiGjFX4NHKLlQhc9UfhMsJG+1PuTg5hKWoHHaFTGf31
YlSkOG1G2J3A3bQ52pPpvU2BcVcbhTtROCcVtvqUMVQh0NpAQQNSjkQ8bEwGPlwC
LCz5Usc3+sO/AFfCFU9KucfekEYUuxO8u3X5E+7Epb9toPizOw/1bsFIkVkDag+8
rg8sHpSxLT/S9ksKQn6cdRRXwaXzZqyF9R9xeypz4lpsTQFC0sgp4fqU6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiPzGk4HrpOSSmpvJ+bwJlTZsiOMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvaUlfTWFUZ2V1azVKS2FtOG41dkFtVk5teUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9a2MA0G
CSqGSIb3DQEBCwUAA4IBAQAee1vTEb9bQ98j9HXi1v91DaWiX8k9mNslFbPjaV6h
Ii2fnpf2a/OITKLB9Bit/RhHLJuQ+YYaac35XQwRt84BxrVF+CTnNHUyYmLf29av
vN/tN+LKRjRQ+7QdWmkrjSkOEBbJEbHvaWkPf8c/Whhyj6PnjVv9QDo1v8qiTyw7
glnoRFrmv+ATXrgwGHW3RwHKNT9/PEXW5UcRX4EXx/vtNFwOs857ihlrZSuiMp0y
BkWeAgeVWDV9mt/AEka1FJ2mb7KgxcKqNxAMwV7na6K4K37WCHLXNsAgrwoS8VC1
R4p2z1sGlm6nUa5MpakUd63SNslE8nbYAR7CyQGQSs0I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:46 2024 by rpki-client on console-fra.rpki-client.org