Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/Vn2FW47xa6AS3bJYQ9_AtAKeGAU.roa
File:                     Vn2FW47xa6AS3bJYQ9_AtAKeGAU.roa (raw, json)
Hash identifier:          XcpZQRufkB9/5A0rkeKrmzNRTaa7gSA9a00DUjHJEl0=
Subject key identifier:   56:7D:85:5B:8E:F1:6B:A0:12:DD:B2:58:43:DF:C0:B4:02:9E:18:05
Certificate issuer:       /CN=1aac7db5193c1b3b7487e847d41a383ed5b26671
Certificate serial:       018779C36625FC04A0A06B5E91BCB2C96F21
Authority key identifier: 1A:AC:7D:B5:19:3C:1B:3B:74:87:E8:47:D4:1A:38:3E:D5:B2:66:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/Vn2FW47xa6AS3bJYQ9_AtAKeGAU.roa
Signing time:             Thu 13 Apr 2023 08:37:41 +0000
ROA not before:           Thu 13 Apr 2023 08:37:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210991
IP address blocks:        195.66.96.0/24 maxlen: 24
                          2a12:7940::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:79:c3:66:25:fc:04:a0:a0:6b:5e:91:bc:b2:c9:6f:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aac7db5193c1b3b7487e847d41a383ed5b26671
        Validity
            Not Before: Apr 13 08:37:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=567d855b8ef16ba012ddb25843dfc0b4029e1805
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:12:00:2e:e8:f9:9a:66:30:17:af:ed:45:42:
                    9a:ee:fd:bb:c8:69:e6:44:32:ef:89:03:9a:0a:9d:
                    59:0b:22:78:8f:da:4b:55:69:b0:0c:bd:36:55:6d:
                    8c:cf:ed:8f:c6:62:7a:ac:1a:93:20:14:32:28:57:
                    d5:b9:cf:35:90:66:78:f2:18:f7:34:ec:e8:8d:88:
                    9e:4e:34:ef:ed:92:03:5e:69:78:bd:03:63:ed:86:
                    c7:1d:3b:b2:ab:1d:66:84:91:f3:68:d4:2c:96:0e:
                    e8:53:e5:07:eb:81:8e:7d:fd:6f:76:6d:7b:8b:2e:
                    38:55:ce:35:93:f1:41:21:76:3e:15:da:3f:85:40:
                    4a:69:e0:13:68:c3:2c:62:48:cf:51:13:2f:fb:35:
                    27:7f:f1:59:6d:31:11:c9:36:f0:53:3c:9f:82:33:
                    6d:4d:75:64:55:67:42:ba:da:3e:8e:d1:d1:bd:33:
                    5d:04:85:f7:08:61:3c:0f:b4:68:af:8f:8b:27:09:
                    ba:e7:97:a7:11:72:07:ce:88:1b:c7:d9:c9:c6:2f:
                    3b:ec:57:de:f3:9d:20:ba:9d:f5:f3:60:13:8d:7c:
                    e1:93:59:4c:21:cc:63:c2:20:18:49:0a:a5:4c:47:
                    fe:06:e8:ef:a5:ff:38:3b:61:0a:2e:83:e6:2d:ba:
                    e4:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:7D:85:5B:8E:F1:6B:A0:12:DD:B2:58:43:DF:C0:B4:02:9E:18:05
            X509v3 Authority Key Identifier:
                keyid:1A:AC:7D:B5:19:3C:1B:3B:74:87:E8:47:D4:1A:38:3E:D5:B2:66:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/Vn2FW47xa6AS3bJYQ9_AtAKeGAU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.66.96.0/24
                IPv6:
                  2a12:7940::/29

    Signature Algorithm: sha256WithRSAEncryption
         39:90:78:76:bb:de:26:40:77:b7:88:f2:13:46:44:13:74:e6:
         5d:fb:87:3f:c5:ab:64:a3:a5:e5:8f:2e:4c:30:2f:56:ef:ab:
         24:90:2c:69:f2:08:4b:2f:5d:db:74:38:71:ba:c3:92:a2:29:
         5b:96:ea:6b:81:75:8b:36:38:65:91:81:e8:07:ee:9b:5d:90:
         0b:ce:6e:2c:88:ba:71:f0:26:8a:29:86:a4:6e:bf:93:2d:e8:
         a8:74:1d:96:0f:9f:cd:dc:25:31:dc:27:c1:e1:0b:2b:4f:a3:
         3b:01:d4:5c:e8:f6:dd:6b:89:1d:e0:91:40:4f:a5:43:c5:a6:
         bf:12:da:8a:8f:56:af:ba:64:93:17:7e:89:06:d8:57:70:ef:
         ac:15:a4:12:f9:9c:e6:5e:55:b9:f8:9e:3a:5d:18:11:6c:fe:
         0b:0f:1b:c2:62:27:d1:9a:d7:a3:45:78:4e:e3:cf:14:92:aa:
         e0:c0:ce:82:60:ca:c0:8f:d2:27:ad:9f:13:7d:2a:0d:85:39:
         db:5d:ae:e5:61:85:f2:3b:8d:d2:67:e5:12:e9:75:e4:bc:e2:
         92:3e:54:98:c2:86:2b:35:ce:84:cf:70:2f:11:ec:50:45:c7:
         b2:18:b2:cf:d3:5f:2d:8d:77:82:eb:80:e7:02:2e:27:61:7d:
         8f:b1:bc:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd5w2Yl/ASgoGtekbyyyW8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYWM3ZGI1MTkzYzFiM2I3NDg3ZTg0N2Q0MWEzODNlZDVi
MjY2NzEwHhcNMjMwNDEzMDgzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjdkODU1YjhlZjE2YmEwMTJkZGIyNTg0M2RmYzBiNDAyOWUxODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhIALuj5mmYwF6/tRUKa7v27yGnm
RDLviQOaCp1ZCyJ4j9pLVWmwDL02VW2Mz+2PxmJ6rBqTIBQyKFfVuc81kGZ48hj3
NOzojYieTjTv7ZIDXml4vQNj7YbHHTuyqx1mhJHzaNQslg7oU+UH64GOff1vdm17
iy44Vc41k/FBIXY+Fdo/hUBKaeATaMMsYkjPURMv+zUnf/FZbTERyTbwUzyfgjNt
TXVkVWdCuto+jtHRvTNdBIX3CGE8D7Ror4+LJwm655enEXIHzogbx9nJxi877Ffe
850gup3182ATjXzhk1lMIcxjwiAYSQqlTEf+Bujvpf84O2EKLoPmLbrkmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFZ9hVuO8WugEt2yWEPfwLQCnhgFMB8GA1UdIwQY
MBaAFBqsfbUZPBs7dIfoR9QaOD7VsmZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3F4OXRSazhHenQwaC1oSDFCbzRQdFd5Wm5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lNmYxYTQtYTQzZS00N2JkLWExNzgt
YzM2YTk2YzA0MTc3LzEvVm4yRlc0N3hhNkFTM2JKWVE5X0F0QUtlR0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lNmYxYTQtYTQzZS00N2JkLWExNzgtYzM2YTk2YzA0MTc3
LzEvR3F4OXRSazhHenQwaC1oSDFCbzRQdFd5Wm5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw0JgMA0E
AgACMAcDBQMqEnlAMA0GCSqGSIb3DQEBCwUAA4IBAQA5kHh2u94mQHe3iPITRkQT
dOZd+4c/xatko6Xljy5MMC9W76skkCxp8ghLL13bdDhxusOSoilbluprgXWLNjhl
kYHoB+6bXZALzm4siLpx8CaKKYakbr+TLeiodB2WD5/N3CUx3CfB4QsrT6M7AdRc
6Pbda4kd4JFAT6VDxaa/EtqKj1avumSTF36JBthXcO+sFaQS+ZzmXlW5+J46XRgR
bP4LDxvCYifRmtejRXhO488UkqrgwM6CYMrAj9InrZ8TfSoNhTnbXa7lYYXyO43S
Z+US6XXkvOKSPlSYwoYrNc6Ez3AvEexQRceyGLLP018tjXeC64DnAi4nYX2PsbwK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:45 2024 by rpki-client on console-fra.rpki-client.org