Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/5LeznSgmKUj_iBHfRluOWSvfpew.roa
File:                     5LeznSgmKUj_iBHfRluOWSvfpew.roa (raw, json)
Hash identifier:          CTDVKjH/IsRgrH9jQakRTcdUp0+HEcmmBicuO7z3Zm0=
Subject key identifier:   E4:B7:B3:9D:28:26:29:48:FF:88:11:DF:46:5B:8E:59:2B:DF:A5:EC
Certificate issuer:       /CN=c340909aec320a8c2ee1cabce1302cbb7d4e0486
Certificate serial:       018B9555957AB9179C32E4D8FA2A46164DFD
Authority key identifier: C3:40:90:9A:EC:32:0A:8C:2E:E1:CA:BC:E1:30:2C:BB:7D:4E:04:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w0CQmuwyCowu4cq84TAsu31OBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/5LeznSgmKUj_iBHfRluOWSvfpew.roa
Signing time:             Fri 03 Nov 2023 13:18:15 +0000
ROA not before:           Fri 03 Nov 2023 13:18:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8220
IP address blocks:        194.0.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:95:55:95:7a:b9:17:9c:32:e4:d8:fa:2a:46:16:4d:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c340909aec320a8c2ee1cabce1302cbb7d4e0486
        Validity
            Not Before: Nov  3 13:18:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e4b7b39d28262948ff8811df465b8e592bdfa5ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:85:e7:46:66:62:6f:a4:8b:bd:1a:33:ef:4d:
                    31:4a:d2:96:4c:ff:97:4d:a9:0f:5b:77:2e:1a:51:
                    83:28:40:5c:72:0e:06:9a:be:69:a3:d6:f5:65:10:
                    25:1d:26:63:ef:f4:c5:ff:d2:e0:5e:ca:f7:a5:26:
                    35:69:c5:46:ca:29:9e:f6:f8:34:a0:a2:87:15:3a:
                    8f:59:ea:a9:d2:c5:af:ee:36:3a:a4:c2:f9:96:a7:
                    5b:af:7d:de:54:61:3b:59:de:bd:9f:21:70:f7:4d:
                    43:0b:f3:2b:3d:05:47:e8:a8:c9:8c:8a:76:fc:59:
                    e7:37:0a:c5:e9:81:7f:08:01:03:b5:70:6f:33:4c:
                    2d:70:dd:6b:48:86:14:78:04:33:dc:7f:00:a9:d0:
                    92:11:f1:0f:8c:dc:b5:fb:04:4f:ee:1a:4c:91:09:
                    29:2c:0e:13:5c:ec:22:27:77:e1:79:d5:d4:80:f3:
                    25:a6:fb:d7:67:95:2c:74:e2:da:34:2e:59:e9:71:
                    c3:c5:e7:c9:78:35:2e:ce:be:16:6f:cd:c3:5e:aa:
                    d3:c7:34:87:d0:36:49:c9:70:61:1c:4f:4b:74:9c:
                    1b:c6:6f:6f:fe:79:33:39:41:c4:b6:9d:0c:e5:04:
                    e7:3e:1d:bb:f1:bb:8a:81:62:ef:ea:a8:20:36:c3:
                    7d:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:B7:B3:9D:28:26:29:48:FF:88:11:DF:46:5B:8E:59:2B:DF:A5:EC
            X509v3 Authority Key Identifier:
                keyid:C3:40:90:9A:EC:32:0A:8C:2E:E1:CA:BC:E1:30:2C:BB:7D:4E:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w0CQmuwyCowu4cq84TAsu31OBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/5LeznSgmKUj_iBHfRluOWSvfpew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/w0CQmuwyCowu4cq84TAsu31OBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:30:f0:45:1c:9b:38:98:be:67:c7:81:6c:b2:39:99:df:be:
         05:e0:6a:d8:5e:81:79:75:ac:e6:cc:7e:b1:53:cc:4b:91:c6:
         15:25:80:13:b8:49:d9:7d:32:07:2c:3b:47:6c:01:3b:77:cd:
         0f:c3:8d:9c:5d:06:4d:a0:55:12:2b:e3:c6:6b:ff:9c:c7:ca:
         81:ec:d1:c9:39:ef:73:46:d7:08:63:e0:b3:f0:db:b6:24:b9:
         de:85:bd:54:c0:cb:25:dc:05:c4:72:71:b7:61:00:5f:d5:ad:
         a3:08:6a:57:48:10:c0:55:ec:2a:c2:66:55:3d:aa:31:2e:da:
         29:c3:1c:6c:37:a2:82:de:99:ca:f9:5f:0c:29:4c:d9:f9:da:
         a1:23:aa:52:45:0f:86:51:39:bb:6c:5f:6b:7a:64:ad:8f:9b:
         95:bb:0a:42:4b:d2:75:78:02:7a:fa:cc:5a:cc:38:68:64:0c:
         37:0a:c4:a6:01:de:fe:5a:5b:db:cc:2b:a2:f9:19:1c:59:02:
         98:1a:65:8a:c4:18:1e:d4:61:f6:e4:69:e3:7f:9a:ce:9f:d2:
         0e:ae:8a:79:b7:75:24:50:5a:69:99:96:96:03:06:c0:e7:33:
         0e:0f:bc:30:d4:8b:e8:c1:09:b5:ac:f8:16:03:68:31:cd:5f:
         1d:d2:c9:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuVVZV6uRecMuTY+ipGFk39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNDA5MDlhZWMzMjBhOGMyZWUxY2FiY2UxMzAyY2JiN2Q0
ZTA0ODYwHhcNMjMxMTAzMTMxODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI3YjM5ZDI4MjYyOTQ4ZmY4ODExZGY0NjViOGU1OTJiZGZhNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIXnRmZib6SLvRoz700xStKWTP+X
TakPW3cuGlGDKEBccg4Gmr5po9b1ZRAlHSZj7/TF/9LgXsr3pSY1acVGyime9vg0
oKKHFTqPWeqp0sWv7jY6pML5lqdbr33eVGE7Wd69nyFw901DC/MrPQVH6KjJjIp2
/FnnNwrF6YF/CAEDtXBvM0wtcN1rSIYUeAQz3H8AqdCSEfEPjNy1+wRP7hpMkQkp
LA4TXOwiJ3fhedXUgPMlpvvXZ5UsdOLaNC5Z6XHDxefJeDUuzr4Wb83DXqrTxzSH
0DZJyXBhHE9LdJwbxm9v/nkzOUHEtp0M5QTnPh278buKgWLv6qggNsN9twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOS3s50oJilI/4gR30Zbjlkr36XsMB8GA1UdIwQY
MBaAFMNAkJrsMgqMLuHKvOEwLLt9TgSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzBDUW11d3lDb3d1NGNxODRUQXN1MzFPQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MGIyMDUtOGYyMS00NmY1LWEzZjYt
YmNhMGE4ZjJmNzhjLzEvNUxlem5TZ21LVWpfaUJIZlJsdU9XU3ZmcGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MGIyMDUtOGYyMS00NmY1LWEzZjYtYmNhMGE4ZjJmNzhj
LzEvdzBDUW11d3lDb3d1NGNxODRUQXN1MzFPQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDDMA0G
CSqGSIb3DQEBCwUAA4IBAQCWMPBFHJs4mL5nx4FssjmZ374F4GrYXoF5dazmzH6x
U8xLkcYVJYATuEnZfTIHLDtHbAE7d80Pw42cXQZNoFUSK+PGa/+cx8qB7NHJOe9z
RtcIY+Cz8Nu2JLnehb1UwMsl3AXEcnG3YQBf1a2jCGpXSBDAVewqwmZVPaoxLtop
wxxsN6KC3pnK+V8MKUzZ+dqhI6pSRQ+GUTm7bF9remStj5uVuwpCS9J1eAJ6+sxa
zDhoZAw3CsSmAd7+WlvbzCui+RkcWQKYGmWKxBge1GH25Gnjf5rOn9IOrop5t3Uk
UFppmZaWAwbA5zMOD7ww1IvowQm1rPgWA2gxzV8d0slR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:25 2024 by rpki-client on console-ams.rpki-client.org