Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/11dca8-23d4-424a-8965-3b1c55e3de97/1/orMAnM5vjEYQOnCUp15REaM95fY.roa
File:                     orMAnM5vjEYQOnCUp15REaM95fY.roa (raw, json)
Hash identifier:          vmFgRcg31XgU7OxlDNEM9rluL8pswuXSlDm6Ow5Y3Zk=
Subject key identifier:   A2:B3:00:9C:CE:6F:8C:46:10:3A:70:94:A7:5E:51:11:A3:3D:E5:F6
Certificate issuer:       /CN=1083f3f195974f0e90084e0e327ff5b667e6fd90
Certificate serial:       018DCD530DBC0981F9E917E71A7AD19D8CA1
Authority key identifier: 10:83:F3:F1:95:97:4F:0E:90:08:4E:0E:32:7F:F5:B6:67:E6:FD:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EIPz8ZWXTw6QCE4OMn_1tmfm_ZA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/11dca8-23d4-424a-8965-3b1c55e3de97/1/orMAnM5vjEYQOnCUp15REaM95fY.roa
Signing time:             Wed 21 Feb 2024 20:19:48 +0000
ROA not before:           Wed 21 Feb 2024 20:19:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212042
IP address blocks:        185.237.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Dec 2024 08:56:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:cd:53:0d:bc:09:81:f9:e9:17:e7:1a:7a:d1:9d:8c:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1083f3f195974f0e90084e0e327ff5b667e6fd90
        Validity
            Not Before: Feb 21 20:19:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a2b3009cce6f8c46103a7094a75e5111a33de5f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:da:6b:82:4c:46:5a:4d:51:93:12:e6:cd:78:
                    c4:83:5e:9d:f9:26:de:72:59:3f:e8:50:89:ba:58:
                    4c:0d:ae:31:2f:d9:a8:69:40:70:bd:6d:f6:17:91:
                    a2:50:4a:ab:56:e5:54:04:82:91:d7:ae:59:0a:b5:
                    59:eb:62:c7:0f:ea:3e:40:f2:6d:30:e4:32:47:28:
                    40:c2:a3:3b:53:0b:a8:7a:59:d0:95:de:67:96:99:
                    78:db:b5:88:d3:5d:fa:81:05:6c:0d:73:fa:fd:58:
                    dd:2f:c0:fc:bb:f6:98:bd:e6:be:2f:45:64:a0:50:
                    b8:fc:ec:03:96:be:19:a5:6b:e3:ad:45:d6:67:15:
                    29:66:0e:a5:51:3a:5a:82:70:31:a7:9a:67:10:d6:
                    b9:4c:c5:dd:0c:95:ee:5e:51:db:0c:b6:8b:e1:36:
                    db:c9:dc:e9:44:02:f3:8a:54:02:e3:c3:19:70:6a:
                    07:61:4e:2e:8f:13:07:45:e2:10:b9:63:e0:1d:61:
                    f7:f9:db:2c:15:34:b6:07:de:08:0e:ef:9f:4c:05:
                    ea:9c:50:be:aa:74:39:b0:19:73:b3:3e:67:17:d6:
                    92:8c:db:0b:ba:ee:28:9a:79:d9:32:05:69:f0:1f:
                    94:bc:39:5a:8b:c8:2b:f0:f7:ed:a6:36:42:57:71:
                    06:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:B3:00:9C:CE:6F:8C:46:10:3A:70:94:A7:5E:51:11:A3:3D:E5:F6
            X509v3 Authority Key Identifier:
                keyid:10:83:F3:F1:95:97:4F:0E:90:08:4E:0E:32:7F:F5:B6:67:E6:FD:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EIPz8ZWXTw6QCE4OMn_1tmfm_ZA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/11dca8-23d4-424a-8965-3b1c55e3de97/1/orMAnM5vjEYQOnCUp15REaM95fY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/11dca8-23d4-424a-8965-3b1c55e3de97/1/EIPz8ZWXTw6QCE4OMn_1tmfm_ZA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.237.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:2e:cb:86:f4:85:a5:4b:9b:0e:c6:ab:e7:6b:36:34:c4:22:
         d6:48:b3:79:11:b7:73:1d:68:38:6d:e8:ff:95:a9:9b:68:5d:
         3c:51:a6:14:82:13:16:68:a1:05:ba:a1:be:88:9b:fa:c3:16:
         f9:e3:2a:e4:83:d9:9e:eb:a5:07:4b:10:e6:05:b7:ba:48:66:
         2c:a6:76:d6:b2:a8:a2:bd:e0:2b:ba:f3:b5:f2:0b:45:99:9f:
         41:87:fb:41:60:7b:92:a1:f0:01:07:12:aa:ed:53:16:40:5c:
         df:be:7a:c3:70:64:d9:3e:6a:af:a1:81:52:6e:4f:bb:e3:a9:
         90:0c:1d:61:1d:19:7b:96:26:6d:0f:14:de:5c:f3:68:05:cb:
         29:91:96:5b:5c:14:72:89:43:eb:ae:52:eb:2e:07:ee:19:d2:
         63:be:6b:7d:f6:80:4f:88:97:81:5a:55:c1:51:76:af:01:c1:
         a2:32:aa:53:db:20:55:b8:47:b6:2b:71:43:4c:ed:37:42:f3:
         8a:d8:9b:42:b0:5a:aa:a8:08:a7:7f:78:95:8a:70:94:d1:87:
         16:91:73:9b:3c:5f:bf:97:3c:cb:cd:ec:68:9f:e1:b9:19:e7:
         63:d1:85:d8:0f:01:44:10:f1:cb:90:e9:d1:3e:40:67:6c:65:
         77:21:01:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3NUw28CYH56RfnGnrRnYyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwODNmM2YxOTU5NzRmMGU5MDA4NGUwZTMyN2ZmNWI2Njdl
NmZkOTAwHhcNMjQwMjIxMjAxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmIzMDA5Y2NlNmY4YzQ2MTAzYTcwOTRhNzVlNTExMWEzM2RlNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNprgkxGWk1RkxLmzXjEg16d+Sbe
clk/6FCJulhMDa4xL9moaUBwvW32F5GiUEqrVuVUBIKR165ZCrVZ62LHD+o+QPJt
MOQyRyhAwqM7UwuoelnQld5nlpl427WI0136gQVsDXP6/VjdL8D8u/aYvea+L0Vk
oFC4/OwDlr4ZpWvjrUXWZxUpZg6lUTpagnAxp5pnENa5TMXdDJXuXlHbDLaL4Tbb
ydzpRALzilQC48MZcGoHYU4ujxMHReIQuWPgHWH3+dssFTS2B94IDu+fTAXqnFC+
qnQ5sBlzsz5nF9aSjNsLuu4omnnZMgVp8B+UvDlai8gr8PftpjZCV3EGkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKzAJzOb4xGEDpwlKdeURGjPeX2MB8GA1UdIwQY
MBaAFBCD8/GVl08OkAhODjJ/9bZn5v2QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUlQejhaV1hUdzZRQ0U0T01uXzF0bWZtX1pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8xMWRjYTgtMjNkNC00MjRhLTg5NjUt
M2IxYzU1ZTNkZTk3LzEvb3JNQW5NNXZqRVlRT25DVXAxNVJFYU05NWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8xMWRjYTgtMjNkNC00MjRhLTg5NjUtM2IxYzU1ZTNkZTk3
LzEvRUlQejhaV1hUdzZRQ0U0T01uXzF0bWZtX1pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue1fMA0G
CSqGSIb3DQEBCwUAA4IBAQA1LsuG9IWlS5sOxqvnazY0xCLWSLN5EbdzHWg4bej/
lambaF08UaYUghMWaKEFuqG+iJv6wxb54yrkg9me66UHSxDmBbe6SGYspnbWsqii
veAruvO18gtFmZ9Bh/tBYHuSofABBxKq7VMWQFzfvnrDcGTZPmqvoYFSbk+746mQ
DB1hHRl7liZtDxTeXPNoBcspkZZbXBRyiUPrrlLrLgfuGdJjvmt99oBPiJeBWlXB
UXavAcGiMqpT2yBVuEe2K3FDTO03QvOK2JtCsFqqqAinf3iVinCU0YcWkXObPF+/
lzzLzexon+G5Gedj0YXYDwFEEPHLkOnRPkBnbGV3IQHl
-----END CERTIFICATE-----
Generated at Mon Dec 2 10:35:12 2024 by rpki-client on console-ams.rpki-client.org