Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PT1BUptelumqrl7sI5DxNRUSRyY.roa
File:                     PT1BUptelumqrl7sI5DxNRUSRyY.roa (raw, json)
Hash identifier:          tgKUNVsfJvzs9W0522K3XE9gOEXigTs+EBk6icWc7YA=
Subject key identifier:   3D:3D:41:52:9B:5E:96:E9:AA:AE:5E:EC:23:90:F1:35:15:12:47:26
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       01856EA6C0DE98A79E9991EB804370FD5E1C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PT1BUptelumqrl7sI5DxNRUSRyY.roa
Signing time:             Sun 01 Jan 2023 18:45:00 +0000
ROA not before:           Sun 01 Jan 2023 18:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        188.215.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:c0:de:98:a7:9e:99:91:eb:80:43:70:fd:5e:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jan  1 18:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d3d41529b5e96e9aaae5eec2390f13515124726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:98:c1:e9:41:56:f4:09:26:4b:bc:15:36:0c:
                    ac:1b:66:3c:ee:f9:04:48:44:56:58:9d:66:d8:4e:
                    8c:72:07:bd:ae:68:2a:10:ea:12:21:94:05:f7:a3:
                    4b:77:57:e2:e4:94:78:c1:6d:ba:62:44:92:9c:d7:
                    23:2a:f1:26:d8:e0:29:48:0e:c6:58:f5:db:43:a9:
                    e9:9e:60:84:ed:79:f6:6f:bc:c3:79:19:2c:29:c2:
                    e5:03:35:3f:57:f3:54:e1:7b:00:08:ab:04:83:81:
                    d5:4b:21:c6:aa:05:fb:b9:31:60:b3:97:f4:25:b5:
                    af:b2:bc:47:22:64:d7:95:36:84:5f:a2:d3:67:2e:
                    0f:dc:79:94:ff:20:74:6c:55:08:42:82:ef:aa:7e:
                    a5:d4:6d:85:e1:86:d7:a0:21:6f:10:ac:b0:52:41:
                    7d:53:cd:24:af:2a:33:45:02:4b:f9:c0:d3:4a:16:
                    d8:eb:b7:3e:dc:1e:b6:12:91:5c:db:cc:51:9a:01:
                    b1:37:54:0d:5a:ec:43:7d:06:5f:4f:9a:34:ed:11:
                    93:be:62:fb:c0:46:ed:31:1f:29:60:da:c4:28:e6:
                    01:d4:bd:d8:1e:c1:31:e0:4f:a5:10:0c:bd:78:4b:
                    fa:ec:d9:61:38:9f:30:41:1e:5a:eb:28:f5:e0:33:
                    d7:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:3D:41:52:9B:5E:96:E9:AA:AE:5E:EC:23:90:F1:35:15:12:47:26
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PT1BUptelumqrl7sI5DxNRUSRyY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.215.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:b5:0b:03:63:63:86:7c:b8:e9:60:cc:18:6c:f1:32:7a:34:
         0f:49:7b:8b:54:d5:38:b1:42:ff:61:e0:1b:e8:2c:16:48:3a:
         1c:46:f3:94:c6:18:7b:d8:43:a3:20:76:8b:fc:ef:a8:c6:63:
         7e:a7:6b:04:14:2f:e6:95:1e:0c:3d:bf:4a:e5:dd:ac:2b:b1:
         c8:60:22:01:e4:d3:14:45:d5:d0:43:60:0e:38:c3:2a:99:34:
         22:4b:d7:01:1d:df:e4:03:7f:12:76:3a:b9:d5:65:19:7f:15:
         f6:53:29:78:b4:0f:f3:b7:5b:bd:cb:6e:94:38:42:b2:34:80:
         51:61:4a:c6:2b:5f:52:ff:31:23:47:d2:93:fb:52:e6:a0:be:
         b6:c6:30:33:e8:a0:d2:46:7e:cd:e7:51:3b:e3:6f:cb:70:1a:
         27:a9:80:7f:59:a0:82:64:62:95:c6:03:73:11:b9:aa:3a:49:
         ba:2e:e0:09:b5:18:fe:1d:ae:e6:5d:b5:88:8e:b1:e7:1d:e2:
         f7:bf:a8:21:b9:d9:31:49:4e:01:40:c1:54:75:ed:2d:13:00:
         a1:76:89:df:f7:ef:12:46:0d:26:54:74:df:e4:04:93:d8:5d:
         55:92:4e:81:ed:72:78:0e:48:df:3e:bd:53:6b:d2:79:11:0d:
         c0:99:32:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupsDemKeemZHrgENw/V4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDNkNDE1MjliNWU5NmU5YWFhZTVlZWMyMzkwZjEzNTE1MTI0NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppjB6UFW9AkmS7wVNgysG2Y87vkE
SERWWJ1m2E6Mcge9rmgqEOoSIZQF96NLd1fi5JR4wW26YkSSnNcjKvEm2OApSA7G
WPXbQ6npnmCE7Xn2b7zDeRksKcLlAzU/V/NU4XsACKsEg4HVSyHGqgX7uTFgs5f0
JbWvsrxHImTXlTaEX6LTZy4P3HmU/yB0bFUIQoLvqn6l1G2F4YbXoCFvEKywUkF9
U80kryozRQJL+cDTShbY67c+3B62EpFc28xRmgGxN1QNWuxDfQZfT5o07RGTvmL7
wEbtMR8pYNrEKOYB1L3YHsEx4E+lEAy9eEv67NlhOJ8wQR5a6yj14DPX7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD09QVKbXpbpqq5e7COQ8TUVEkcmMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvUFQxQlVwdGVsdW1xcmw3c0k1RHhOUlVTUnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNdfMA0G
CSqGSIb3DQEBCwUAA4IBAQBztQsDY2OGfLjpYMwYbPEyejQPSXuLVNU4sUL/YeAb
6CwWSDocRvOUxhh72EOjIHaL/O+oxmN+p2sEFC/mlR4MPb9K5d2sK7HIYCIB5NMU
RdXQQ2AOOMMqmTQiS9cBHd/kA38Sdjq51WUZfxX2Uyl4tA/zt1u9y26UOEKyNIBR
YUrGK19S/zEjR9KT+1LmoL62xjAz6KDSRn7N51E742/LcBonqYB/WaCCZGKVxgNz
EbmqOkm6LuAJtRj+Ha7mXbWIjrHnHeL3v6ghudkxSU4BQMFUde0tEwChdonf9+8S
Rg0mVHTf5AST2F1Vkk6B7XJ4DkjfPr1Ta9J5EQ3AmTJn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org