Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a0ca76-e264-40f1-9d8a-065ca1f36310/1/eAoQwALhSfOrW20leM5FQx7k2Rc.roa
File:                     eAoQwALhSfOrW20leM5FQx7k2Rc.roa (raw, json)
Hash identifier:          wLVI5zw3gBFTTZ1IqF79VW2B5qqRlhJswowrmInhvRg=
Subject key identifier:   78:0A:10:C0:02:E1:49:F3:AB:5B:6D:25:78:CE:45:43:1E:E4:D9:17
Certificate issuer:       /CN=d05b2623a39d556c50b7046d36447fb621af974a
Certificate serial:       01856FC262BB620DF96891BB74DA9483A2AE
Authority key identifier: D0:5B:26:23:A3:9D:55:6C:50:B7:04:6D:36:44:7F:B6:21:AF:97:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0FsmI6OdVWxQtwRtNkR_tiGvl0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/a0ca76-e264-40f1-9d8a-065ca1f36310/1/eAoQwALhSfOrW20leM5FQx7k2Rc.roa
Signing time:             Sun 01 Jan 2023 23:54:48 +0000
ROA not before:           Sun 01 Jan 2023 23:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35802
IP address blocks:        195.10.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:62:bb:62:0d:f9:68:91:bb:74:da:94:83:a2:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d05b2623a39d556c50b7046d36447fb621af974a
        Validity
            Not Before: Jan  1 23:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=780a10c002e149f3ab5b6d2578ce45431ee4d917
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:0c:3a:72:7f:b4:1d:07:f3:0f:b2:17:99:5e:
                    01:a5:f2:d5:30:be:a3:c4:56:9c:87:be:e8:2d:8b:
                    eb:5f:d6:fa:18:de:a1:3c:84:b0:37:1c:d7:30:c3:
                    b9:b6:b4:c1:e6:03:51:f3:8d:fe:54:7c:cf:5c:89:
                    b9:4e:65:55:4e:e2:ae:df:54:af:bc:e4:57:d5:7f:
                    5b:b6:71:47:f1:0d:64:eb:4a:cb:29:8f:56:ac:77:
                    b8:74:91:5c:bb:4b:b9:4a:8c:2f:5a:46:60:48:40:
                    3b:bc:c1:85:ef:ff:91:e4:9d:83:d2:5b:c3:58:d9:
                    03:fd:b2:ba:f4:f7:04:10:8a:a8:91:8b:ab:be:22:
                    59:c5:35:7f:d9:db:a6:98:ea:82:cc:2f:d9:d4:9e:
                    f5:81:c5:7b:4e:09:8f:06:e1:18:3a:83:cf:b7:6e:
                    55:7a:2a:d7:4a:74:6c:df:ff:aa:59:95:06:6a:f2:
                    27:c5:50:a5:43:96:3c:a8:f8:c3:d6:1b:71:f7:5e:
                    00:b3:0c:00:f1:6c:fd:f4:e7:92:6d:9a:6a:2a:3d:
                    a4:54:7a:66:6a:9a:6c:39:d6:15:61:de:6e:87:53:
                    fa:75:f5:ce:f4:21:bc:0a:ea:22:f3:35:61:7e:8e:
                    a4:60:ba:a2:a2:dc:93:cf:2c:ba:3c:64:61:16:a1:
                    3e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:0A:10:C0:02:E1:49:F3:AB:5B:6D:25:78:CE:45:43:1E:E4:D9:17
            X509v3 Authority Key Identifier:
                keyid:D0:5B:26:23:A3:9D:55:6C:50:B7:04:6D:36:44:7F:B6:21:AF:97:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FsmI6OdVWxQtwRtNkR_tiGvl0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a0ca76-e264-40f1-9d8a-065ca1f36310/1/eAoQwALhSfOrW20leM5FQx7k2Rc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a0ca76-e264-40f1-9d8a-065ca1f36310/1/0FsmI6OdVWxQtwRtNkR_tiGvl0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:eb:7f:c6:36:07:bb:8e:73:6c:af:f9:18:5e:2a:d2:01:de:
         ab:60:9d:13:e7:f3:f9:31:07:1f:02:7a:bd:3a:ba:60:0b:8d:
         2c:1b:be:09:f8:60:75:82:c6:f6:2c:8f:2a:f1:98:8b:1a:5e:
         18:52:67:e5:ab:70:9a:ab:cc:87:63:bb:9a:06:b8:bf:38:33:
         ab:02:69:0a:fa:6c:72:87:14:a9:f3:c0:05:9c:8f:58:7d:27:
         40:4c:28:e9:c0:63:40:a8:82:94:3d:1e:81:05:30:60:da:89:
         71:0b:50:26:2d:0b:2e:79:54:90:46:d8:3c:b6:be:0c:7f:26:
         4b:4d:7f:f4:46:5b:8f:8a:aa:66:d8:e2:ec:2c:10:86:1a:5d:
         ae:7c:4f:42:74:41:37:80:23:07:55:5d:47:0d:71:e9:89:77:
         a2:51:e8:13:1e:77:4b:79:49:86:64:85:e6:25:d8:50:30:f2:
         23:ce:77:d2:bb:61:ea:0f:0d:34:51:f0:72:4e:c7:44:0a:39:
         95:c5:a8:cf:f4:bc:bc:fc:de:26:45:67:0f:93:33:83:af:fe:
         e5:52:96:dd:35:61:21:c5:15:d0:38:c2:f6:3a:42:b1:2a:e5:
         53:35:3a:61:a5:63:92:2c:05:08:76:1c:b4:f9:8d:25:18:7b:
         df:7d:02:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwmK7Yg35aJG7dNqUg6KuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNWIyNjIzYTM5ZDU1NmM1MGI3MDQ2ZDM2NDQ3ZmI2MjFh
Zjk3NGEwHhcNMjMwMTAxMjM1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODBhMTBjMDAyZTE0OWYzYWI1YjZkMjU3OGNlNDU0MzFlZTRkOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgw6cn+0HQfzD7IXmV4BpfLVML6j
xFach77oLYvrX9b6GN6hPISwNxzXMMO5trTB5gNR843+VHzPXIm5TmVVTuKu31Sv
vORX1X9btnFH8Q1k60rLKY9WrHe4dJFcu0u5SowvWkZgSEA7vMGF7/+R5J2D0lvD
WNkD/bK69PcEEIqokYurviJZxTV/2dummOqCzC/Z1J71gcV7TgmPBuEYOoPPt25V
eirXSnRs3/+qWZUGavInxVClQ5Y8qPjD1htx914AswwA8Wz99OeSbZpqKj2kVHpm
appsOdYVYd5uh1P6dfXO9CG8Cuoi8zVhfo6kYLqiotyTzyy6PGRhFqE+IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHgKEMAC4Unzq1ttJXjORUMe5NkXMB8GA1UdIwQY
MBaAFNBbJiOjnVVsULcEbTZEf7Yhr5dKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZzbUk2T2RWV3hRdHdSdE5rUl90aUd2bDBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hMGNhNzYtZTI2NC00MGYxLTlkOGEt
MDY1Y2ExZjM2MzEwLzEvZUFvUXdBTGhTZk9yVzIwbGVNNUZReDdrMlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hMGNhNzYtZTI2NC00MGYxLTlkOGEtMDY1Y2ExZjM2MzEw
LzEvMEZzbUk2T2RWV3hRdHdSdE5rUl90aUd2bDBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrGMA0G
CSqGSIb3DQEBCwUAA4IBAQCN63/GNge7jnNsr/kYXirSAd6rYJ0T5/P5MQcfAnq9
OrpgC40sG74J+GB1gsb2LI8q8ZiLGl4YUmflq3Caq8yHY7uaBri/ODOrAmkK+mxy
hxSp88AFnI9YfSdATCjpwGNAqIKUPR6BBTBg2olxC1AmLQsueVSQRtg8tr4MfyZL
TX/0RluPiqpm2OLsLBCGGl2ufE9CdEE3gCMHVV1HDXHpiXeiUegTHndLeUmGZIXm
JdhQMPIjznfSu2HqDw00UfByTsdECjmVxajP9Ly8/N4mRWcPkzODr/7lUpbdNWEh
xRXQOML2OkKxKuVTNTphpWOSLAUIdhy0+Y0lGHvffQJP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:43 2024 by rpki-client on console-ams.rpki-client.org