Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_glbA3HH4qlvBZLn1Y6PN41lQls.roa
File:                     _glbA3HH4qlvBZLn1Y6PN41lQls.roa (raw, json)
Hash identifier:          c7YO/d792EhlFVdezSx5p7eRj42ttPXccGxnEKHHJKk=
Subject key identifier:   FE:09:5B:03:71:C7:E2:A9:6F:05:92:E7:D5:8E:8F:37:8D:65:42:5B
Certificate issuer:       /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial:       01856F42A5A8988E234FECAA9B86F7340C71
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_glbA3HH4qlvBZLn1Y6PN41lQls.roa
Signing time:             Sun 01 Jan 2023 21:35:16 +0000
ROA not before:           Sun 01 Jan 2023 21:35:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6461
IP address blocks:        95.164.0.0/21 maxlen: 24
                          95.164.24.0/21 maxlen: 24
                          95.164.96.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Oct 2023 16:45:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:a5:a8:98:8e:23:4f:ec:aa:9b:86:f7:34:0c:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
        Validity
            Not Before: Jan  1 21:35:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe095b0371c7e2a96f0592e7d58e8f378d65425b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:12:d0:31:44:c1:36:d2:50:4b:b9:bd:84:7b:
                    42:1e:d8:a2:66:7b:21:d5:63:83:08:ba:a3:0b:44:
                    2b:cf:0a:a9:5d:ef:e5:78:35:e4:ff:40:1c:df:c4:
                    2d:5a:61:5f:cf:5d:08:fa:ab:94:c1:86:3d:c2:0c:
                    6d:59:1d:bd:fb:57:aa:b6:53:59:ea:67:42:44:fc:
                    52:42:94:00:96:3f:e1:bd:d7:f1:77:e3:af:a3:41:
                    1c:1f:f1:7f:a1:5d:87:0a:d9:11:2e:23:94:47:bb:
                    a2:a3:b8:75:f6:0c:0a:68:c7:7f:b8:df:99:5e:a0:
                    de:56:9c:57:9a:e6:b6:1b:eb:04:d1:16:db:e6:2b:
                    97:f4:61:89:35:36:f2:de:28:1e:9f:57:44:07:04:
                    8f:62:22:b6:a9:9b:49:69:e8:50:ec:cd:f6:c5:ae:
                    f9:e0:01:38:39:5c:30:d3:81:d0:13:8f:27:c8:be:
                    8d:f8:1c:81:74:e4:65:b3:1c:45:d6:38:a6:d1:a0:
                    61:37:c6:ad:55:84:34:4d:7f:7a:85:1c:33:93:24:
                    41:d0:34:ec:7a:c4:d9:55:ca:81:9f:40:5c:fb:b7:
                    b0:6b:17:0c:b7:40:73:df:10:1b:87:d7:a3:3c:11:
                    9a:4e:61:de:8a:41:43:e9:dc:f8:04:7c:a1:93:82:
                    0e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:09:5B:03:71:C7:E2:A9:6F:05:92:E7:D5:8E:8F:37:8D:65:42:5B
            X509v3 Authority Key Identifier:
                keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_glbA3HH4qlvBZLn1Y6PN41lQls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.164.0.0/21
                  95.164.24.0/21
                  95.164.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         70:37:92:f9:b1:29:5c:f2:da:a9:f1:c0:99:36:1a:3b:3e:7a:
         35:da:c5:d9:2d:ba:d2:d7:7b:27:9c:89:f5:b5:60:8e:12:a0:
         b0:ff:e9:38:20:23:be:0f:cf:10:e3:27:22:d2:2b:dd:42:1b:
         f1:e6:1f:4b:47:54:e0:72:72:3b:33:32:b0:bb:e4:b6:5c:7f:
         e1:2d:4d:c4:af:17:13:f4:96:fb:32:ae:c6:eb:22:67:0c:7e:
         a2:4b:cc:e7:94:38:e0:cd:1f:e3:44:ad:ef:0b:30:65:a2:86:
         33:51:db:ae:4e:e8:83:82:cd:41:d5:93:da:d3:1e:ea:b9:d4:
         06:32:92:b1:b3:b2:1b:93:67:5e:2d:36:0f:e5:e0:10:ce:84:
         ac:c3:90:33:5c:99:1d:64:d4:c4:b9:c0:68:8e:1d:fe:89:48:
         c8:1b:18:8e:c8:c4:4a:a9:46:c8:e4:7a:c2:56:e1:d3:57:62:
         b0:f4:5b:15:bf:44:65:16:b5:e0:3e:f4:eb:12:ed:68:3a:50:
         90:fc:2d:c5:95:94:92:65:85:87:43:9f:b7:0e:db:c3:60:cb:
         99:17:cc:87:88:00:81:fd:fc:75:e5:c0:19:2e:51:db:dc:83:
         85:3a:6c:5e:7a:3d:68:54:83:22:f0:f9:15:88:06:6d:46:5f:
         80:3a:2c:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQqWomI4jT+yqm4b3NAxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA5NWIwMzcxYzdlMmE5NmYwNTkyZTdkNThlOGYzNzhkNjU0MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhLQMUTBNtJQS7m9hHtCHtiiZnsh
1WODCLqjC0QrzwqpXe/leDXk/0Ac38QtWmFfz10I+quUwYY9wgxtWR29+1eqtlNZ
6mdCRPxSQpQAlj/hvdfxd+Ovo0EcH/F/oV2HCtkRLiOUR7uio7h19gwKaMd/uN+Z
XqDeVpxXmua2G+sE0Rbb5iuX9GGJNTby3igen1dEBwSPYiK2qZtJaehQ7M32xa75
4AE4OVww04HQE48nyL6N+ByBdORlsxxF1jim0aBhN8atVYQ0TX96hRwzkyRB0DTs
esTZVcqBn0Bc+7ewaxcMt0Bz3xAbh9ejPBGaTmHeikFD6dz4BHyhk4IODwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP4JWwNxx+KpbwWS59WOjzeNZUJbMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvX2dsYkEzSEg0cWx2QlpMbjFZNlBONDFsUWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDX6QAAwQD
X6QYAwQEX6RgMA0GCSqGSIb3DQEBCwUAA4IBAQBwN5L5sSlc8tqp8cCZNho7Pno1
2sXZLbrS13snnIn1tWCOEqCw/+k4ICO+D88Q4yci0ivdQhvx5h9LR1TgcnI7MzKw
u+S2XH/hLU3ErxcT9Jb7Mq7G6yJnDH6iS8znlDjgzR/jRK3vCzBlooYzUduuTuiD
gs1B1ZPa0x7qudQGMpKxs7Ibk2deLTYP5eAQzoSsw5AzXJkdZNTEucBojh3+iUjI
GxiOyMRKqUbI5HrCVuHTV2Kw9FsVv0RlFrXgPvTrEu1oOlCQ/C3FlZSSZYWHQ5+3
DtvDYMuZF8yHiACB/fx15cAZLlHb3IOFOmxeej1oVIMi8PkViAZtRl+AOiwx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org