Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/p2hP7ExWtCNNUNicKC2iqYvEAxA.roa
File:                     p2hP7ExWtCNNUNicKC2iqYvEAxA.roa (raw, json)
Hash identifier:          hF0ixwJWzl1syowrZ7HTh34upMwpYe1BoqqPTkT8Yhs=
Subject key identifier:   A7:68:4F:EC:4C:56:B4:23:4D:50:D8:9C:28:2D:A2:A9:8B:C4:03:10
Certificate issuer:       /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial:       0189013F111C4CE42D2B23BC8A3A6CE633FE
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/p2hP7ExWtCNNUNicKC2iqYvEAxA.roa
Signing time:             Wed 28 Jun 2023 09:04:17 +0000
ROA not before:           Wed 28 Jun 2023 09:04:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36351
IP address blocks:        95.142.114.0/24 maxlen: 24
                          95.142.117.0/24 maxlen: 24
                          95.142.120.0/24 maxlen: 24
                          95.142.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 10:48:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:01:3f:11:1c:4c:e4:2d:2b:23:bc:8a:3a:6c:e6:33:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
        Validity
            Not Before: Jun 28 09:04:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a7684fec4c56b4234d50d89c282da2a98bc40310
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:0b:ba:7c:c8:1d:5c:13:fc:b0:ac:84:9e:0b:
                    b6:cc:a4:2c:14:28:7c:28:44:9b:a4:49:54:e6:16:
                    88:94:06:8e:1c:c1:be:ba:bb:57:5c:b7:20:d2:82:
                    01:d2:65:e5:f4:93:c5:42:21:ea:4f:e1:e4:f2:e5:
                    a4:6c:e8:38:82:66:4f:dd:f3:18:5f:02:57:2f:39:
                    85:a7:49:82:3f:11:18:b7:11:cf:09:7c:dc:ad:37:
                    4d:62:89:50:cb:82:1d:94:12:01:d2:6c:4c:9a:fd:
                    51:d8:76:aa:d0:33:73:7d:0e:f5:68:4e:07:16:33:
                    b5:c3:7f:6e:e9:58:b2:c9:59:fa:69:35:a2:01:37:
                    4d:67:73:62:59:9d:d8:7e:5e:32:ae:75:28:50:00:
                    5a:ca:44:34:c7:99:8f:34:9b:33:e8:6c:49:f0:bf:
                    52:b3:6b:9f:13:8d:00:4d:16:3f:ce:d9:76:c2:4a:
                    45:ca:94:6b:79:3e:63:6a:af:07:1d:f4:17:8a:24:
                    ba:b8:2f:9b:aa:11:99:58:45:b9:b3:3e:f2:a1:98:
                    fd:3f:4e:35:5d:54:90:71:07:8b:73:b4:75:08:04:
                    bc:84:aa:12:6d:6c:07:eb:21:b1:d9:72:fa:9e:ac:
                    c6:47:1e:d0:a0:6d:19:d6:68:4b:96:b5:29:c7:12:
                    76:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:68:4F:EC:4C:56:B4:23:4D:50:D8:9C:28:2D:A2:A9:8B:C4:03:10
            X509v3 Authority Key Identifier:
                keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/p2hP7ExWtCNNUNicKC2iqYvEAxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.142.114.0/24
                  95.142.117.0/24
                  95.142.120.0/24
                  95.142.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:8d:71:57:a0:68:80:4d:63:2f:de:b1:45:53:29:c4:00:42:
         16:c9:61:93:ef:f1:9a:0c:a8:b9:89:01:26:41:d3:32:e9:78:
         58:c0:da:dd:36:3b:0a:a1:56:fa:12:24:46:86:4a:4a:b8:4c:
         89:14:c2:f3:fb:aa:9a:97:56:29:01:ea:61:fa:2f:f2:90:10:
         35:a4:8f:15:8e:39:c0:ce:34:da:f1:d3:7e:1f:6d:be:7f:50:
         85:6c:10:87:ed:6f:d1:4d:9e:da:15:b0:a4:42:00:45:37:e1:
         37:0d:fe:79:b0:08:43:0e:f7:cb:2d:f0:c8:63:38:15:ab:e6:
         5b:b9:41:62:3c:8e:15:31:c1:9c:72:62:62:b1:68:92:38:65:
         90:db:bf:79:0c:fb:7d:cf:db:c3:79:3b:2b:e7:c1:ef:e8:02:
         2b:29:c8:29:d4:8f:34:09:b8:00:52:a3:92:73:04:61:3f:04:
         49:cf:6f:5f:4f:43:f1:ea:c8:81:44:d5:17:f5:67:6a:43:21:
         64:30:61:38:37:c2:46:38:33:6b:3e:b8:94:eb:fe:0f:ff:09:
         1e:50:37:a0:ee:5f:6f:18:d2:14:f2:31:b6:54:e3:43:cd:21:
         3d:32:3e:f0:07:ad:24:b3:57:8e:61:82:5d:7d:25:53:b0:3b:
         e4:4b:e1:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkBPxEcTOQtKyO8ijps5jP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjMwNjI4MDkwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzY4NGZlYzRjNTZiNDIzNGQ1MGQ4OWMyODJkYTJhOThiYzQwMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAu6fMgdXBP8sKyEngu2zKQsFCh8
KESbpElU5haIlAaOHMG+urtXXLcg0oIB0mXl9JPFQiHqT+Hk8uWkbOg4gmZP3fMY
XwJXLzmFp0mCPxEYtxHPCXzcrTdNYolQy4IdlBIB0mxMmv1R2Haq0DNzfQ71aE4H
FjO1w39u6ViyyVn6aTWiATdNZ3NiWZ3Yfl4yrnUoUABaykQ0x5mPNJsz6GxJ8L9S
s2ufE40ATRY/ztl2wkpFypRreT5jaq8HHfQXiiS6uC+bqhGZWEW5sz7yoZj9P041
XVSQcQeLc7R1CAS8hKoSbWwH6yGx2XL6nqzGRx7QoG0Z1mhLlrUpxxJ2RwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKdoT+xMVrQjTVDYnCgtoqmLxAMQMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvcDJoUDdFeFd0Q05OVU5pY0tDMmlxWXZFQXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX45yAwQA
X451AwQAX454AwQAX45+MA0GCSqGSIb3DQEBCwUAA4IBAQBgjXFXoGiATWMv3rFF
UynEAEIWyWGT7/GaDKi5iQEmQdMy6XhYwNrdNjsKoVb6EiRGhkpKuEyJFMLz+6qa
l1YpAeph+i/ykBA1pI8VjjnAzjTa8dN+H22+f1CFbBCH7W/RTZ7aFbCkQgBFN+E3
Df55sAhDDvfLLfDIYzgVq+ZbuUFiPI4VMcGccmJisWiSOGWQ2795DPt9z9vDeTsr
58Hv6AIrKcgp1I80CbgAUqOScwRhPwRJz29fT0Px6siBRNUX9WdqQyFkMGE4N8JG
ODNrPriU6/4P/wkeUDeg7l9vGNIU8jG2VONDzSE9Mj7wB60ks1eOYYJdfSVTsDvk
S+Hv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:51 2024 by rpki-client on console-fra.rpki-client.org