Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/8MFK3nptddXrR83OfFV2D6YnNMg.roa
File:                     8MFK3nptddXrR83OfFV2D6YnNMg.roa (raw, json)
Hash identifier:          7SWz9tB5a0T5IVhs6fL9loM0kKtEihxnyK+xNFt3hoo=
Subject key identifier:   F0:C1:4A:DE:7A:6D:75:D5:EB:47:CD:CE:7C:55:76:0F:A6:27:34:C8
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       01856D3867F865A8D707546CF0A22DF73763
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/8MFK3nptddXrR83OfFV2D6YnNMg.roa
Signing time:             Sun 01 Jan 2023 12:04:51 +0000
ROA not before:           Sun 01 Jan 2023 12:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210993
IP address blocks:        95.181.153.0/24 maxlen: 24
                          95.181.158.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:38:67:f8:65:a8:d7:07:54:6c:f0:a2:2d:f7:37:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Jan  1 12:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f0c14ade7a6d75d5eb47cdce7c55760fa62734c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f2:97:e7:92:55:25:b7:7f:01:fd:2a:f0:d3:
                    a2:2d:f0:89:1f:d9:5a:4e:11:a4:d8:2d:be:67:08:
                    69:79:47:e4:c4:bb:c9:f1:89:69:1a:38:85:4d:a5:
                    82:35:7c:3a:48:f7:63:e0:bc:9f:43:75:67:ce:da:
                    e4:51:e7:c9:96:f9:b5:77:72:4e:b9:e3:b4:8a:de:
                    1f:cd:87:ca:35:e0:f5:c6:9b:85:f0:c1:4e:14:8b:
                    8b:37:99:7b:f8:c3:a5:f2:17:fc:90:b2:25:ef:b2:
                    36:aa:dc:fe:34:67:6e:da:31:5f:f1:5c:f7:b2:45:
                    ee:8e:5c:8e:ea:9d:d5:1c:f9:61:8b:6a:ab:0e:20:
                    f0:2d:b2:73:49:13:60:cd:d1:7c:dc:9e:83:22:08:
                    62:02:20:d0:91:09:d7:ed:34:e2:12:7a:e3:b1:f2:
                    db:98:1e:8d:59:08:d7:ca:7d:9f:fb:a5:a9:e7:47:
                    ba:08:27:41:f1:61:7e:92:a1:10:7c:aa:0e:cd:00:
                    2d:d7:8f:1d:98:0a:37:da:0c:04:79:61:38:17:66:
                    f6:ad:03:4e:07:78:84:cc:3f:d8:cc:fa:cd:86:9e:
                    78:ed:80:df:5b:6c:1a:fa:3d:d9:65:64:06:e0:2a:
                    12:9b:8d:86:fd:67:4e:a0:34:89:f7:57:42:1b:fc:
                    9d:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:C1:4A:DE:7A:6D:75:D5:EB:47:CD:CE:7C:55:76:0F:A6:27:34:C8
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/8MFK3nptddXrR83OfFV2D6YnNMg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.153.0/24
                  95.181.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:b0:83:f1:12:5b:7b:98:e6:38:f6:03:b3:1f:b0:2f:0f:26:
         36:fa:0d:2c:8a:a2:75:42:c4:15:de:7a:a5:8d:4c:5a:5f:ac:
         c5:3b:7a:7a:40:2b:41:82:54:1d:19:00:84:29:f0:df:95:42:
         98:7f:ba:56:a9:ef:03:81:64:77:88:4d:4c:7e:54:9e:73:b4:
         32:f3:dc:de:15:9d:fe:e7:3f:f6:3d:a6:fb:69:1e:a9:c5:8e:
         f3:f9:53:dd:4a:c0:45:73:f3:21:cb:dc:a8:de:64:e0:c7:47:
         3b:5a:29:e1:72:0b:49:8c:44:12:81:62:67:dc:80:2d:54:86:
         23:15:fe:d4:74:cd:c3:17:2d:67:29:cd:6f:04:97:8a:a7:46:
         b1:88:02:d0:11:4c:3d:9d:4f:5a:c6:df:5e:7c:79:a3:dc:64:
         1d:ea:21:dc:64:1d:43:b6:62:57:ee:c3:e3:a8:97:9e:2f:c9:
         fe:56:e7:5b:7c:0e:e0:0a:29:03:9a:4d:57:cb:90:5d:eb:21:
         61:6d:ed:bc:4a:ec:5d:03:44:f8:71:58:23:b7:d6:3c:b1:e6:
         b9:f6:87:40:54:df:07:cc:e0:f8:d5:e9:6e:f8:d9:ba:42:e4:
         b7:14:9d:b8:63:74:94:25:65:ea:20:81:55:e4:7f:1f:dd:80:
         b6:ca:3d:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtOGf4ZajXB1Rs8KIt9zdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwMTAxMTIwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGMxNGFkZTdhNmQ3NWQ1ZWI0N2NkY2U3YzU1NzYwZmE2MjczNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfKX55JVJbd/Af0q8NOiLfCJH9la
ThGk2C2+ZwhpeUfkxLvJ8YlpGjiFTaWCNXw6SPdj4LyfQ3VnztrkUefJlvm1d3JO
ueO0it4fzYfKNeD1xpuF8MFOFIuLN5l7+MOl8hf8kLIl77I2qtz+NGdu2jFf8Vz3
skXujlyO6p3VHPlhi2qrDiDwLbJzSRNgzdF83J6DIghiAiDQkQnX7TTiEnrjsfLb
mB6NWQjXyn2f+6Wp50e6CCdB8WF+kqEQfKoOzQAt148dmAo32gwEeWE4F2b2rQNO
B3iEzD/YzPrNhp547YDfW2wa+j3ZZWQG4CoSm42G/WdOoDSJ91dCG/yd9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPDBSt56bXXV60fNznxVdg+mJzTIMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvOE1GSzNucHRkZFhyUjgzT2ZGVjJENlluTk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX7WZAwQA
X7WeMA0GCSqGSIb3DQEBCwUAA4IBAQBKsIPxElt7mOY49gOzH7AvDyY2+g0siqJ1
QsQV3nqljUxaX6zFO3p6QCtBglQdGQCEKfDflUKYf7pWqe8DgWR3iE1MflSec7Qy
89zeFZ3+5z/2Pab7aR6pxY7z+VPdSsBFc/Mhy9yo3mTgx0c7WinhcgtJjEQSgWJn
3IAtVIYjFf7UdM3DFy1nKc1vBJeKp0axiALQEUw9nU9axt9efHmj3GQd6iHcZB1D
tmJX7sPjqJeeL8n+VudbfA7gCikDmk1Xy5Bd6yFhbe28SuxdA0T4cVgjt9Y8sea5
9odAVN8HzOD41elu+Nm6QuS3FJ24Y3SUJWXqIIFV5H8f3YC2yj0u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org