Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/ui4F971iLcWXQuSmLOo6HHQVPoc.roa
File:                     ui4F971iLcWXQuSmLOo6HHQVPoc.roa (raw, json)
Hash identifier:          I0UjeWAcr/xD8cq9xhAM02y+v1rdhZyHXxKQqe7Tft8=
Subject key identifier:   BA:2E:05:F7:BD:62:2D:C5:97:42:E4:A6:2C:EA:3A:1C:74:15:3E:87
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       018A3311800C806BA8A71D02008B0718FF75
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/ui4F971iLcWXQuSmLOo6HHQVPoc.roa
Signing time:             Sat 26 Aug 2023 18:18:19 +0000
ROA not before:           Sat 26 Aug 2023 18:18:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        95.214.173.0/24 maxlen: 24
                          193.239.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Sep 2023 02:32:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:33:11:80:0c:80:6b:a8:a7:1d:02:00:8b:07:18:ff:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Aug 26 18:18:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ba2e05f7bd622dc59742e4a62cea3a1c74153e87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:de:74:4a:eb:c4:8c:e7:6d:0f:c3:5f:2a:c9:
                    1c:63:dc:e6:93:4c:d9:69:ee:f3:f2:9c:2a:60:b9:
                    4e:e0:bf:1a:74:82:cb:4c:e7:4c:8a:0f:e7:00:70:
                    bb:82:36:87:ce:5d:f6:e5:b8:36:d4:3d:24:36:3c:
                    78:4b:0c:fb:62:18:e0:74:2f:fe:53:2c:b6:30:6d:
                    f6:a3:74:cd:df:8a:53:28:5b:0b:5c:7f:b6:e0:dc:
                    5b:14:fd:be:8f:68:a3:27:0f:4e:96:be:ba:0a:4e:
                    0a:f1:f6:27:18:5f:e1:7a:3e:5a:65:c6:34:f5:34:
                    e3:26:68:1d:b5:e6:85:59:6f:02:0f:9b:c0:e0:5f:
                    34:97:3c:1d:93:ff:ef:77:5c:82:18:fc:20:ee:c0:
                    e5:da:19:a9:17:a7:82:3d:b5:e7:6d:09:f3:6e:ec:
                    b7:d6:3c:af:1f:f2:28:90:e0:64:0e:08:b8:13:62:
                    56:7b:df:38:85:ae:5b:4a:9e:85:52:bc:04:61:b6:
                    8f:06:a1:bb:11:82:bb:0f:08:2f:a1:88:be:94:e5:
                    c7:65:b4:e6:ff:25:d6:1c:33:1a:9c:3c:6c:2c:33:
                    26:46:ee:0b:92:f4:73:35:5e:22:30:3c:ae:41:6c:
                    ad:75:81:56:44:89:fa:5c:a4:fe:7c:f8:40:37:43:
                    5f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:2E:05:F7:BD:62:2D:C5:97:42:E4:A6:2C:EA:3A:1C:74:15:3E:87
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/ui4F971iLcWXQuSmLOo6HHQVPoc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.173.0/24
                  193.239.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:4b:36:58:42:4a:73:53:0a:d2:4f:f7:5a:05:59:26:53:3e:
         6e:28:50:63:b7:39:2a:97:c1:9c:a1:b2:3d:a8:f4:df:0b:85:
         c8:c9:83:55:31:16:36:71:79:bb:d6:39:ba:e3:22:1f:e9:d6:
         ad:71:19:0f:36:db:39:ec:f7:10:83:a8:98:a3:ed:4e:ec:e3:
         25:1c:e2:1d:fc:ea:28:4a:f3:6c:09:38:4f:d7:54:93:fa:f4:
         41:a6:27:24:64:1a:01:77:0d:4e:63:a0:63:00:5a:5b:0f:ab:
         44:6f:94:6b:a5:48:c5:0e:a3:73:62:47:18:04:ca:3b:51:a1:
         6c:d3:78:ac:fa:0e:9c:da:f0:0e:91:bd:be:ff:ed:b6:5f:00:
         52:93:3d:8d:e1:93:05:e1:a4:30:c0:c8:a9:de:b0:19:a3:a9:
         66:c9:db:5b:8d:0f:da:53:7d:a6:f7:eb:d4:b0:69:b3:22:c1:
         cd:39:9a:bd:91:5d:93:52:15:f7:a7:5e:14:24:9d:2b:0b:ac:
         33:ec:0b:39:eb:0e:d9:1d:43:f2:c5:58:34:f6:1b:3c:7a:f2:
         5d:20:98:55:4c:31:f1:62:62:6c:19:70:81:13:91:38:7c:0f:
         5b:9f:06:19:95:42:49:f4:42:75:d8:1a:fd:f9:0a:f2:89:2f:
         fe:d9:1c:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYozEYAMgGuopx0CAIsHGP91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwODI2MTgxODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTJlMDVmN2JkNjIyZGM1OTc0MmU0YTYyY2VhM2ExYzc0MTUzZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt50SuvEjOdtD8NfKskcY9zmk0zZ
ae7z8pwqYLlO4L8adILLTOdMig/nAHC7gjaHzl325bg21D0kNjx4Swz7YhjgdC/+
Uyy2MG32o3TN34pTKFsLXH+24NxbFP2+j2ijJw9Olr66Ck4K8fYnGF/hej5aZcY0
9TTjJmgdteaFWW8CD5vA4F80lzwdk//vd1yCGPwg7sDl2hmpF6eCPbXnbQnzbuy3
1jyvH/IokOBkDgi4E2JWe984ha5bSp6FUrwEYbaPBqG7EYK7DwgvoYi+lOXHZbTm
/yXWHDManDxsLDMmRu4LkvRzNV4iMDyuQWytdYFWRIn6XKT+fPhAN0NfgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLouBfe9Yi3Fl0LkpizqOhx0FT6HMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvdWk0Rjk3MWlMY1dYUXVTbUxPbzZISFFWUG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9atAwQA
we/EMA0GCSqGSIb3DQEBCwUAA4IBAQAlSzZYQkpzUwrST/daBVkmUz5uKFBjtzkq
l8GcobI9qPTfC4XIyYNVMRY2cXm71jm64yIf6datcRkPNts57PcQg6iYo+1O7OMl
HOId/OooSvNsCThP11ST+vRBpickZBoBdw1OY6BjAFpbD6tEb5RrpUjFDqNzYkcY
BMo7UaFs03is+g6c2vAOkb2+/+22XwBSkz2N4ZMF4aQwwMip3rAZo6lmydtbjQ/a
U32m9+vUsGmzIsHNOZq9kV2TUhX3p14UJJ0rC6wz7As56w7ZHUPyxVg09hs8evJd
IJhVTDHxYmJsGXCBE5E4fA9bnwYZlUJJ9EJ12Br9+QryiS/+2Rzt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:47 2024 by rpki-client on console-fra.rpki-client.org