Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/VNddMh8M9vgJB0VIKejaBx6tn2w.roa
File:                     VNddMh8M9vgJB0VIKejaBx6tn2w.roa (raw, json)
Hash identifier:          MVtiBhpUyrux6N2BrG3yA/MOXDdpZd6Ob+U+ZS1hc8U=
Subject key identifier:   54:D7:5D:32:1F:0C:F6:F8:09:07:45:48:29:E8:DA:07:1E:AD:9F:6C
Certificate issuer:       /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial:       01897215EC76081699743E59D55B129DC6C7
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/VNddMh8M9vgJB0VIKejaBx6tn2w.roa
Signing time:             Thu 20 Jul 2023 06:56:26 +0000
ROA not before:           Thu 20 Jul 2023 06:56:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210732
IP address blocks:        45.95.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 11:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:72:15:ec:76:08:16:99:74:3e:59:d5:5b:12:9d:c6:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
        Validity
            Not Before: Jul 20 06:56:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=54d75d321f0cf6f80907454829e8da071ead9f6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e5:3f:32:b5:6a:70:74:5f:ae:7d:3d:f2:66:
                    fe:52:17:c0:08:e1:29:2a:d3:7d:81:f6:4b:02:bd:
                    92:df:77:73:e6:67:63:48:09:13:af:84:33:85:00:
                    01:df:a6:18:0b:49:2e:70:81:1b:f5:dc:c3:37:bb:
                    a4:92:bb:d2:56:47:b3:f4:14:21:0a:8f:d2:cf:00:
                    08:ac:9b:51:55:e1:60:ad:9a:65:34:43:9e:b8:bb:
                    2e:4d:48:ed:c7:ba:2e:fa:77:f9:9e:23:b8:16:45:
                    00:f9:df:c8:8a:be:c5:26:07:8e:70:78:94:93:20:
                    d2:09:a9:b3:1e:b4:af:53:ba:73:4e:8b:5a:05:ce:
                    78:ab:a7:62:0c:f7:7c:19:18:f4:62:e2:00:ed:a8:
                    d5:e2:4b:ee:d6:3a:7e:24:28:02:90:11:a0:8d:e2:
                    a9:ca:d6:dd:ed:2e:d4:c5:66:68:be:2b:e3:41:e8:
                    2d:08:a8:4e:27:28:c6:3f:a4:3d:ed:3b:9f:13:48:
                    b1:47:9b:80:6f:40:82:b4:ee:de:25:c1:2c:a4:e8:
                    5e:df:6f:b1:5b:49:0a:de:da:42:2c:fc:60:1a:f3:
                    f4:a6:75:2b:26:1c:f9:fb:7d:d2:8c:74:db:73:1e:
                    e3:00:f9:8d:56:b7:18:3d:98:c7:69:51:07:d9:7b:
                    50:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:D7:5D:32:1F:0C:F6:F8:09:07:45:48:29:E8:DA:07:1E:AD:9F:6C
            X509v3 Authority Key Identifier:
                keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/VNddMh8M9vgJB0VIKejaBx6tn2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:dd:4e:86:a1:60:24:56:b2:ea:8a:4f:2f:5b:f5:e8:2a:dc:
         07:69:39:1a:04:7c:03:32:35:97:95:d9:a5:03:29:e4:96:0a:
         b3:ec:12:02:ba:d1:19:13:70:a3:51:75:39:a2:63:b0:1a:67:
         f4:85:85:a5:e7:7f:40:4c:5b:c2:01:6a:9f:35:43:de:b3:b5:
         b2:e3:44:19:e2:c3:64:34:2d:fa:40:47:83:98:06:ce:7a:8d:
         6a:50:51:30:9f:f4:ad:b8:b8:a1:fa:de:ce:e2:88:18:d2:02:
         3a:03:8b:b1:66:e4:fc:38:4f:73:85:51:8b:bd:46:de:f2:50:
         f9:d7:dc:32:c1:72:49:0e:b3:bc:06:74:f4:1a:5e:cf:b4:30:
         36:cd:f8:c8:38:cd:e3:2e:6f:88:01:2c:30:14:26:d6:a4:8f:
         4d:51:c1:49:00:87:a4:98:81:ef:8b:1e:1c:4b:8a:54:c2:77:
         07:66:ce:72:af:26:b3:aa:f9:d3:a9:cf:60:56:54:87:9b:3c:
         69:ff:08:8d:59:fb:f4:c1:90:9e:2e:58:75:d9:99:de:b0:75:
         6d:90:d5:63:59:68:a4:e9:a0:4b:94:30:78:08:89:00:ed:7a:
         3b:e7:f9:b7:38:90:dc:a0:05:fd:3b:a1:e8:a5:81:31:2f:99:
         5e:3d:8e:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlyFex2CBaZdD5Z1VsSncbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmVlN2NiZDhlNzhkMWYxNGE0NTNhMDRiOTE2ZjdjMTU4
MWQyMDQwHhcNMjMwNzIwMDY1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGQ3NWQzMjFmMGNmNmY4MDkwNzQ1NDgyOWU4ZGEwNzFlYWQ5ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+U/MrVqcHRfrn098mb+UhfACOEp
KtN9gfZLAr2S33dz5mdjSAkTr4QzhQAB36YYC0kucIEb9dzDN7ukkrvSVkez9BQh
Co/SzwAIrJtRVeFgrZplNEOeuLsuTUjtx7ou+nf5niO4FkUA+d/Iir7FJgeOcHiU
kyDSCamzHrSvU7pzTotaBc54q6diDPd8GRj0YuIA7ajV4kvu1jp+JCgCkBGgjeKp
ytbd7S7UxWZovivjQegtCKhOJyjGP6Q97TufE0ixR5uAb0CCtO7eJcEspOhe32+x
W0kK3tpCLPxgGvP0pnUrJhz5+33SjHTbcx7jAPmNVrcYPZjHaVEH2XtQjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFTXXTIfDPb4CQdFSCno2gcerZ9sMB8GA1UdIwQY
MBaAFJn+58vY540fFKRToEuRb3wVgdIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTct
MWMyMmVmZjcyODE4LzEvVk5kZE1oOE05dmdKQjBWSUtlamFCeDZ0bjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTctMWMyMmVmZjcyODE4
LzEvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV9yMA0G
CSqGSIb3DQEBCwUAA4IBAQAH3U6GoWAkVrLqik8vW/XoKtwHaTkaBHwDMjWXldml
Aynklgqz7BICutEZE3CjUXU5omOwGmf0hYWl539ATFvCAWqfNUPes7Wy40QZ4sNk
NC36QEeDmAbOeo1qUFEwn/StuLih+t7O4ogY0gI6A4uxZuT8OE9zhVGLvUbe8lD5
19wywXJJDrO8BnT0Gl7PtDA2zfjIOM3jLm+IASwwFCbWpI9NUcFJAIekmIHvix4c
S4pUwncHZs5yryazqvnTqc9gVlSHmzxp/wiNWfv0wZCeLlh12ZnesHVtkNVjWWik
6aBLlDB4CIkA7Xo75/m3OJDcoAX9O6HopYExL5lePY7n
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:37 2024 by rpki-client on console-ams.rpki-client.org