Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/ARo8Pc-KCLXYq2qJQov6e8zs1Qo.roa
File:                     ARo8Pc-KCLXYq2qJQov6e8zs1Qo.roa (raw, json)
Hash identifier:          KxIwiibkkA+pG8J+PYYL2KwSQHkYKi/pkujJraq+Bsk=
Subject key identifier:   01:1A:3C:3D:CF:8A:08:B5:D8:AB:6A:89:42:8B:FA:7B:CC:EC:D5:0A
Certificate issuer:       /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial:       018EF4F199EFAA9D63885E803AFAAC70F6F0
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/ARo8Pc-KCLXYq2qJQov6e8zs1Qo.roa
Signing time:             Fri 19 Apr 2024 06:00:57 +0000
ROA not before:           Fri 19 Apr 2024 06:00:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        45.95.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 07:24:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f4:f1:99:ef:aa:9d:63:88:5e:80:3a:fa:ac:70:f6:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
        Validity
            Not Before: Apr 19 06:00:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=011a3c3dcf8a08b5d8ab6a89428bfa7bccecd50a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d5:75:de:77:00:9c:52:cb:a3:9e:fe:99:fe:
                    75:73:45:9d:1f:2f:91:30:a3:73:48:61:80:10:9d:
                    d2:15:d0:d1:1f:03:21:3e:2f:80:34:88:d2:bf:93:
                    dd:b6:11:26:dc:b5:c0:02:6e:e0:03:7d:a6:19:52:
                    99:89:95:7d:52:2d:c0:72:f1:55:0a:7b:42:32:07:
                    95:59:b7:c5:b4:17:1d:b1:88:da:e2:54:d4:55:9e:
                    46:c3:9d:dd:87:d6:b1:43:0f:67:48:2c:b0:9c:43:
                    31:2d:d6:6d:ad:d5:6e:61:90:5d:00:d5:ae:d6:ab:
                    b1:89:1a:33:2a:f7:1c:a5:54:fa:8e:e7:e5:3a:71:
                    fe:e4:ee:7c:56:dc:80:61:94:0e:ef:22:c3:97:7e:
                    67:fc:a0:80:4e:82:d3:af:e2:2c:b4:51:b8:af:ab:
                    58:5b:7e:e5:b2:0e:0f:9c:6d:61:45:8c:46:08:12:
                    6c:3c:4f:ce:7d:01:6a:1f:ba:b0:08:d0:fb:1e:ae:
                    48:b4:05:a8:39:6c:e8:bc:e5:ec:9e:9e:cb:41:fe:
                    17:7d:2f:87:16:25:98:ef:09:69:34:b9:f8:2b:6c:
                    cb:5e:26:e5:94:fa:77:56:96:2f:ed:cd:5f:a6:72:
                    4f:64:61:7f:2a:78:32:0e:18:cf:2c:55:7c:78:c7:
                    11:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:1A:3C:3D:CF:8A:08:B5:D8:AB:6A:89:42:8B:FA:7B:CC:EC:D5:0A
            X509v3 Authority Key Identifier:
                keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/ARo8Pc-KCLXYq2qJQov6e8zs1Qo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d7:4d:8e:bb:48:65:71:40:08:d4:70:45:2e:af:e4:54:97:d0:
         22:9d:65:3f:10:ea:ed:5b:65:b2:42:8b:01:ba:8c:7a:da:db:
         3e:cf:29:34:1b:94:6a:5e:1c:25:28:23:33:00:c5:c2:19:bb:
         ac:0d:02:19:b7:63:32:5d:b2:52:74:cf:1e:4c:3b:4c:2c:d0:
         94:69:9c:e6:7f:f1:f3:09:fa:d6:83:71:35:e7:7a:70:ae:92:
         a6:3a:1f:13:0d:dd:fc:1b:49:07:89:f3:36:5f:0f:5f:b9:3a:
         53:8c:b1:45:25:fc:01:26:59:57:9f:fb:52:3e:be:2a:82:a2:
         04:5e:84:3c:c1:0d:a9:12:08:2d:73:ef:2f:4d:2a:92:55:a9:
         ed:8a:31:f3:3e:41:e8:b0:cf:e3:fa:38:af:7f:4f:31:da:97:
         1c:d4:a4:12:1c:8b:c7:81:cd:79:70:b7:b5:7b:10:74:d5:5c:
         6a:6e:aa:6c:e9:0d:75:8b:e8:7e:d8:70:d0:88:49:b2:bf:ba:
         38:50:ea:2e:f8:69:60:e4:47:fe:cf:95:d4:ce:e8:18:84:20:
         1e:49:85:f8:43:39:5e:93:80:22:1a:14:ef:c2:0e:4d:48:b5:
         b1:75:de:c4:bb:dd:6a:3d:cd:07:3d:7a:16:af:80:64:8f:3b:
         61:44:59:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY708Znvqp1jiF6AOvqscPbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmVlN2NiZDhlNzhkMWYxNGE0NTNhMDRiOTE2ZjdjMTU4
MWQyMDQwHhcNMjQwNDE5MDYwMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTFhM2MzZGNmOGEwOGI1ZDhhYjZhODk0MjhiZmE3YmNjZWNkNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtV13ncAnFLLo57+mf51c0WdHy+R
MKNzSGGAEJ3SFdDRHwMhPi+ANIjSv5PdthEm3LXAAm7gA32mGVKZiZV9Ui3AcvFV
CntCMgeVWbfFtBcdsYja4lTUVZ5Gw53dh9axQw9nSCywnEMxLdZtrdVuYZBdANWu
1quxiRozKvccpVT6juflOnH+5O58VtyAYZQO7yLDl35n/KCAToLTr+IstFG4r6tY
W37lsg4PnG1hRYxGCBJsPE/OfQFqH7qwCND7Hq5ItAWoOWzovOXsnp7LQf4XfS+H
FiWY7wlpNLn4K2zLXibllPp3VpYv7c1fpnJPZGF/KngyDhjPLFV8eMcR3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAEaPD3Pigi12KtqiUKL+nvM7NUKMB8GA1UdIwQY
MBaAFJn+58vY540fFKRToEuRb3wVgdIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTct
MWMyMmVmZjcyODE4LzEvQVJvOFBjLUtDTFhZcTJxSlFvdjZlOHpzMVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTctMWMyMmVmZjcyODE4
LzEvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV9yMA0G
CSqGSIb3DQEBCwUAA4IBAQDXTY67SGVxQAjUcEUur+RUl9AinWU/EOrtW2WyQosB
uox62ts+zyk0G5RqXhwlKCMzAMXCGbusDQIZt2MyXbJSdM8eTDtMLNCUaZzmf/Hz
CfrWg3E153pwrpKmOh8TDd38G0kHifM2Xw9fuTpTjLFFJfwBJllXn/tSPr4qgqIE
XoQ8wQ2pEggtc+8vTSqSVantijHzPkHosM/j+jivf08x2pcc1KQSHIvHgc15cLe1
exB01Vxqbqps6Q11i+h+2HDQiEmyv7o4UOou+Glg5Ef+z5XUzugYhCAeSYX4Qzle
k4AiGhTvwg5NSLWxdd7Eu91qPc0HPXoWr4BkjzthRFkO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org