Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/XQaqTPOxclifFOuQtn2VW5fj0ts.roa
File:                     XQaqTPOxclifFOuQtn2VW5fj0ts.roa (raw, json)
Hash identifier:          UeaEtLxjVd4UjMzPQ2Hu6fJWttLljACYmOv+01+aqTY=
Subject key identifier:   5D:06:AA:4C:F3:B1:72:58:9F:14:EB:90:B6:7D:95:5B:97:E3:D2:DB
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       01857355D929CD1C336CB15B50F47EAFA0DF
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/XQaqTPOxclifFOuQtn2VW5fj0ts.roa
Signing time:             Mon 02 Jan 2023 16:34:44 +0000
ROA not before:           Mon 02 Jan 2023 16:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24693
IP address blocks:        85.95.80.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:55:d9:29:cd:1c:33:6c:b1:5b:50:f4:7e:af:a0:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Jan  2 16:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d06aa4cf3b172589f14eb90b67d955b97e3d2db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:0d:e4:ff:3f:16:a9:7b:09:a6:60:d3:47:a2:
                    49:c0:45:d4:36:cb:4d:da:c8:0f:ad:be:39:a8:31:
                    e1:30:13:06:4a:3f:a6:e8:25:b9:06:52:f4:32:6f:
                    5c:4d:10:a0:22:27:21:c8:56:85:38:66:b1:df:b1:
                    5a:40:66:90:ce:90:52:ac:88:26:f0:aa:1b:3a:cd:
                    61:d5:64:7e:8a:46:67:bf:83:79:76:50:da:16:8c:
                    ad:f7:45:db:ea:37:9d:ba:a3:cb:d4:3e:a8:87:d6:
                    73:45:9e:24:15:f2:db:e3:be:0b:6a:87:36:a4:db:
                    8c:17:65:7a:a8:15:8d:87:a7:cb:6c:4d:03:50:4d:
                    23:33:14:e6:00:5f:32:62:c1:e9:fa:e0:35:5f:ff:
                    bc:4f:b8:28:51:bb:ad:ba:40:3c:98:02:e0:5b:1b:
                    d0:67:e4:6f:43:fc:ac:92:de:46:fb:93:8b:13:5a:
                    87:4c:71:91:14:20:ab:8a:aa:e1:9f:f8:10:9d:56:
                    95:c7:d7:72:4c:db:aa:3e:f3:1b:52:4f:9a:51:36:
                    5d:89:b9:7e:8c:a3:b1:3c:7e:99:be:e1:b6:29:1a:
                    1f:6e:b3:b9:bb:6c:d7:0d:8d:cf:0b:21:1f:02:1b:
                    30:20:05:70:53:16:ed:8c:ac:e8:4e:79:6b:15:c0:
                    48:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:06:AA:4C:F3:B1:72:58:9F:14:EB:90:B6:7D:95:5B:97:E3:D2:DB
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/XQaqTPOxclifFOuQtn2VW5fj0ts.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.95.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:05:05:06:03:7d:b4:35:59:07:f3:53:66:f7:6e:c8:94:7f:
         7e:0f:31:03:7c:47:a1:37:0b:38:b1:9d:73:b4:dd:a7:27:51:
         55:96:e1:73:6d:6e:09:d9:c2:48:b2:38:f7:26:86:74:a5:aa:
         d3:0b:93:9e:78:32:1d:4f:bf:d3:47:e7:9d:4e:12:36:67:4b:
         f4:83:14:62:13:24:02:6c:76:02:f2:6a:12:45:6b:f8:04:33:
         d3:d3:9c:4a:19:ef:39:16:0c:0a:b9:25:4d:bc:ca:72:e7:5c:
         69:b2:33:02:b4:13:d4:10:43:1f:5e:41:2e:e9:03:e5:c8:6d:
         d4:5a:64:88:cd:6f:10:9a:fe:05:51:c4:66:86:a3:15:64:1d:
         17:50:0d:78:55:8e:7b:29:07:5a:7c:af:93:c6:4d:96:75:2f:
         8c:23:9b:b3:37:d6:ac:8b:ca:0c:30:5e:f7:34:fa:4b:4a:02:
         05:e2:50:b2:2a:2b:e4:96:4d:cc:bb:e0:15:20:fb:35:e7:9d:
         da:d5:93:4b:2a:92:1e:d1:39:6c:a3:41:5f:e1:36:3e:7a:b0:
         20:3a:f8:7e:60:d5:76:8d:6d:0d:0b:c6:40:13:18:96:4e:00:
         2b:f7:ae:08:3d:a8:4b:5b:2b:5e:37:9e:89:3b:cb:12:16:ac:
         1a:23:83:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVdkpzRwzbLFbUPR+r6DfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTAyMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA2YWE0Y2YzYjE3MjU4OWYxNGViOTBiNjdkOTU1Yjk3ZTNkMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ3k/z8WqXsJpmDTR6JJwEXUNstN
2sgPrb45qDHhMBMGSj+m6CW5BlL0Mm9cTRCgIichyFaFOGax37FaQGaQzpBSrIgm
8KobOs1h1WR+ikZnv4N5dlDaFoyt90Xb6jeduqPL1D6oh9ZzRZ4kFfLb474Laoc2
pNuMF2V6qBWNh6fLbE0DUE0jMxTmAF8yYsHp+uA1X/+8T7goUbutukA8mALgWxvQ
Z+RvQ/yskt5G+5OLE1qHTHGRFCCriqrhn/gQnVaVx9dyTNuqPvMbUk+aUTZdibl+
jKOxPH6ZvuG2KRofbrO5u2zXDY3PCyEfAhswIAVwUxbtjKzoTnlrFcBIkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0GqkzzsXJYnxTrkLZ9lVuX49LbMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvWFFhcVRQT3hjbGlmRk91UXRuMlZXNWZqMHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVV9QMA0G
CSqGSIb3DQEBCwUAA4IBAQBMBQUGA320NVkH81Nm927IlH9+DzEDfEehNws4sZ1z
tN2nJ1FVluFzbW4J2cJIsjj3JoZ0parTC5OeeDIdT7/TR+edThI2Z0v0gxRiEyQC
bHYC8moSRWv4BDPT05xKGe85FgwKuSVNvMpy51xpsjMCtBPUEEMfXkEu6QPlyG3U
WmSIzW8Qmv4FUcRmhqMVZB0XUA14VY57KQdafK+Txk2WdS+MI5uzN9asi8oMMF73
NPpLSgIF4lCyKivklk3Mu+AVIPs1553a1ZNLKpIe0Tlso0Ff4TY+erAgOvh+YNV2
jW0NC8ZAExiWTgAr964IPahLWyteN56JO8sSFqwaI4P1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org