Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/sjkhwURqLNs_hJ9BEgpS9dOnYck.roa
File:                     sjkhwURqLNs_hJ9BEgpS9dOnYck.roa (raw, json)
Hash identifier:          noEvGGpV5MBBySSJDGop95w+gahN0lZXHEEYJv7NXbY=
Subject key identifier:   B2:39:21:C1:44:6A:2C:DB:3F:84:9F:41:12:0A:52:F5:D3:A7:61:C9
Certificate issuer:       /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial:       018570027966678037C2335297EF33024D66
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/sjkhwURqLNs_hJ9BEgpS9dOnYck.roa
Signing time:             Mon 02 Jan 2023 01:04:48 +0000
ROA not before:           Mon 02 Jan 2023 01:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44386
IP address blocks:        195.34.20.0/24 maxlen: 24
                          195.34.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 05 Dec 2023 16:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:79:66:67:80:37:c2:33:52:97:ef:33:02:4d:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
        Validity
            Not Before: Jan  2 01:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b23921c1446a2cdb3f849f41120a52f5d3a761c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9b:88:83:b1:6b:bf:cf:f2:16:29:1a:1e:9f:
                    e9:17:25:39:95:ac:4e:a2:d2:e9:5b:4a:5c:03:7c:
                    64:48:1e:79:90:1f:57:b2:15:11:c1:9b:27:4e:7a:
                    8f:51:79:13:24:7f:8a:49:63:4d:6d:cc:57:b7:ba:
                    26:f3:76:bd:09:fe:d2:89:82:4b:bf:8b:f2:67:c7:
                    1e:b9:bd:94:aa:53:33:da:a9:1e:ba:65:85:f6:86:
                    1e:a3:80:0d:21:9d:92:46:c6:15:cb:f0:75:18:fa:
                    44:38:9c:1c:60:62:ae:98:de:a8:42:c3:cc:50:94:
                    c8:be:1d:12:7a:61:7b:fd:2e:47:ef:d6:aa:83:7b:
                    64:2f:e4:6e:f5:65:40:82:45:8a:d0:c5:ce:3f:46:
                    2d:b4:59:4e:17:90:9b:6c:76:0a:df:b6:a6:7f:e2:
                    41:2f:a4:f5:4a:80:4c:a8:da:a1:3c:1b:66:62:e8:
                    7d:a2:1f:04:3c:3c:8a:8e:69:c0:f8:90:7d:f4:33:
                    22:dc:4f:61:67:85:2f:63:6c:00:a8:0b:de:da:69:
                    3a:44:80:9a:39:08:7f:c5:d0:f6:53:60:d3:bb:21:
                    90:94:ac:97:cc:17:ae:4f:4a:db:f2:36:10:d2:39:
                    4f:33:84:a9:9e:8d:4f:e6:b6:28:80:93:91:75:b1:
                    a3:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:39:21:C1:44:6A:2C:DB:3F:84:9F:41:12:0A:52:F5:D3:A7:61:C9
            X509v3 Authority Key Identifier:
                keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/sjkhwURqLNs_hJ9BEgpS9dOnYck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.34.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:a9:af:88:5b:8d:24:0b:84:85:fd:fa:0c:0c:7e:70:d8:23:
         0b:3e:7d:ac:ee:5b:05:94:37:d3:7f:00:72:19:78:39:6b:48:
         49:89:d2:b6:40:90:89:bb:ed:29:c4:d4:90:35:ac:56:df:d4:
         63:74:c5:88:9b:32:79:be:45:80:74:4e:ff:7d:23:dc:c4:57:
         b7:0d:49:56:09:a3:21:ca:98:31:88:87:72:e1:00:7a:a3:f2:
         ef:16:13:54:cc:50:24:1f:15:b8:c0:05:2f:f6:1e:71:4f:36:
         0a:b3:1f:d2:fe:80:97:95:72:12:d6:c9:00:0c:84:11:2e:49:
         d7:50:e2:54:32:0a:de:c5:a1:b0:bb:cf:0f:3e:05:7a:0c:23:
         cd:a8:aa:6d:dc:a5:b1:97:ee:53:58:4b:de:cc:ee:5a:07:f3:
         6e:94:78:b4:45:41:2e:0a:cd:94:cc:74:93:1c:f9:89:60:21:
         81:88:04:5d:10:93:13:8d:5b:a3:ef:ff:ff:60:9f:16:dd:0e:
         8e:a3:71:23:8d:6b:36:5d:1e:16:00:66:d3:ca:6b:99:6d:f9:
         6f:f0:3c:c1:d0:a6:0d:59:88:03:94:9a:0d:bb:32:d7:27:ba:
         a2:0a:7e:0c:a9:ac:54:3d:24:4a:b3:57:c2:4b:e1:98:37:f8:
         b6:65:da:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAnlmZ4A3wjNSl+8zAk1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjM5MjFjMTQ0NmEyY2RiM2Y4NDlmNDExMjBhNTJmNWQzYTc2MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZuIg7Frv8/yFikaHp/pFyU5laxO
otLpW0pcA3xkSB55kB9XshURwZsnTnqPUXkTJH+KSWNNbcxXt7om83a9Cf7SiYJL
v4vyZ8ceub2UqlMz2qkeumWF9oYeo4ANIZ2SRsYVy/B1GPpEOJwcYGKumN6oQsPM
UJTIvh0SemF7/S5H79aqg3tkL+Ru9WVAgkWK0MXOP0YttFlOF5CbbHYK37amf+JB
L6T1SoBMqNqhPBtmYuh9oh8EPDyKjmnA+JB99DMi3E9hZ4UvY2wAqAve2mk6RICa
OQh/xdD2U2DTuyGQlKyXzBeuT0rb8jYQ0jlPM4Spno1P5rYogJORdbGjbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLI5IcFEaizbP4SfQRIKUvXTp2HJMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvc2praHdVUnFMTnNfaEo5QkVncFM5ZE9uWWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwyIUMA0G
CSqGSIb3DQEBCwUAA4IBAQCJqa+IW40kC4SF/foMDH5w2CMLPn2s7lsFlDfTfwBy
GXg5a0hJidK2QJCJu+0pxNSQNaxW39RjdMWImzJ5vkWAdE7/fSPcxFe3DUlWCaMh
ypgxiIdy4QB6o/LvFhNUzFAkHxW4wAUv9h5xTzYKsx/S/oCXlXIS1skADIQRLknX
UOJUMgrexaGwu88PPgV6DCPNqKpt3KWxl+5TWEvezO5aB/NulHi0RUEuCs2UzHST
HPmJYCGBiARdEJMTjVuj7///YJ8W3Q6Oo3EjjWs2XR4WAGbTymuZbflv8DzB0KYN
WYgDlJoNuzLXJ7qiCn4MqaxUPSRKs1fCS+GYN/i2Zdrx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:45 2024 by rpki-client on console-fra.rpki-client.org