Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/DMmJxwz9p22WyKf8wiD0SwvvJzk.roa
File:                     DMmJxwz9p22WyKf8wiD0SwvvJzk.roa (raw, json)
Hash identifier:          xhhtO8Ad2FFLyHDfI/Z3079XlvA8upQUCk8LYUEmmsA=
Subject key identifier:   0C:C9:89:C7:0C:FD:A7:6D:96:C8:A7:FC:C2:20:F4:4B:0B:EF:27:39
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       018A983E3C6E4E52521519914756E4A56619
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/DMmJxwz9p22WyKf8wiD0SwvvJzk.roa
Signing time:             Fri 15 Sep 2023 09:48:50 +0000
ROA not before:           Fri 15 Sep 2023 09:48:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210644
IP address blocks:        95.181.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:98:3e:3c:6e:4e:52:52:15:19:91:47:56:e4:a5:66:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Sep 15 09:48:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0cc989c70cfda76d96c8a7fcc220f44b0bef2739
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:44:8a:6b:a5:08:26:34:a3:c2:4d:68:5b:0d:
                    89:9d:17:ba:cb:08:e0:37:3d:a8:58:88:37:87:7e:
                    13:c1:7b:d1:d1:75:f3:3b:d6:bf:60:3d:f6:52:bc:
                    f5:cf:4a:6f:bd:85:48:cc:97:da:98:1b:5e:d1:22:
                    bf:f1:91:1b:10:38:47:d3:b5:b0:08:ab:2a:74:ed:
                    36:61:c5:13:17:32:f4:d2:7f:12:be:20:b5:81:42:
                    d6:f4:0f:03:91:89:85:39:ef:10:d8:d0:21:4b:0a:
                    0f:30:ec:fe:02:da:72:0d:4f:43:2a:f3:d6:b5:38:
                    15:10:3e:52:89:54:72:4d:8e:9f:36:88:ea:21:4c:
                    52:70:25:4f:80:27:59:f5:ec:b2:92:84:57:08:15:
                    eb:db:10:9f:49:13:3c:04:dd:f4:00:12:2e:c7:60:
                    c3:7b:8f:f2:3d:33:b1:17:9d:1b:6e:7e:d0:d5:8b:
                    24:35:a0:c3:ac:2a:d8:82:23:ab:cc:4d:ad:cd:57:
                    1f:da:c2:a7:03:f3:d4:e7:f0:7f:c2:3f:01:b4:ef:
                    e6:1b:43:2c:af:50:3b:0c:05:7c:7d:94:82:c3:59:
                    6d:c4:53:ec:14:8b:18:c5:c5:f0:3a:84:b0:12:61:
                    cf:6b:a5:e2:9b:54:62:a6:04:59:e1:f1:64:2c:f2:
                    0e:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:C9:89:C7:0C:FD:A7:6D:96:C8:A7:FC:C2:20:F4:4B:0B:EF:27:39
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/DMmJxwz9p22WyKf8wiD0SwvvJzk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:f2:b9:c2:17:50:2c:82:4b:7d:c1:36:d9:8a:74:31:5d:36:
         54:59:d4:07:5b:4d:0f:e4:ad:e9:11:9c:fe:08:4f:55:4d:a6:
         d2:94:00:0d:80:79:1e:a9:61:38:e9:e6:6b:04:a0:5d:bb:68:
         2a:cb:66:27:01:97:c3:6b:da:d1:b6:71:d5:e9:44:1b:93:b9:
         49:2b:f9:76:e2:8b:37:7f:28:92:f1:4f:7a:14:c6:a0:40:b5:
         14:27:dd:c4:db:68:0f:8a:a7:31:d7:16:28:fc:b0:29:8b:17:
         60:3f:66:24:a3:8d:ed:70:ff:40:84:46:8c:8c:85:4b:0f:46:
         c6:d8:cd:c3:4f:55:b6:a9:44:b1:76:2e:65:d0:b8:be:39:81:
         29:41:78:d5:94:75:fd:58:f3:0b:c5:72:d1:aa:a2:b7:08:f4:
         1a:1c:4a:1b:98:ac:1c:f2:8a:78:4e:ee:a9:51:00:09:bf:b1:
         a0:29:73:ff:a4:0d:96:27:27:94:fe:87:c6:92:37:3a:6e:4e:
         e8:a0:eb:dd:9c:2f:20:97:7b:12:23:27:2e:16:0a:40:27:43:
         a9:23:7c:56:a6:1c:47:7e:97:2b:2e:90:20:01:48:0b:df:51:
         0c:80:61:fa:23:f2:34:05:f9:ea:1a:00:e3:fc:72:48:45:9a:
         80:98:af:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqYPjxuTlJSFRmRR1bkpWYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwOTE1MDk0ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2M5ODljNzBjZmRhNzZkOTZjOGE3ZmNjMjIwZjQ0YjBiZWYyNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0SKa6UIJjSjwk1oWw2JnRe6ywjg
Nz2oWIg3h34TwXvR0XXzO9a/YD32Urz1z0pvvYVIzJfamBte0SK/8ZEbEDhH07Ww
CKsqdO02YcUTFzL00n8SviC1gULW9A8DkYmFOe8Q2NAhSwoPMOz+AtpyDU9DKvPW
tTgVED5SiVRyTY6fNojqIUxScCVPgCdZ9eyykoRXCBXr2xCfSRM8BN30ABIux2DD
e4/yPTOxF50bbn7Q1YskNaDDrCrYgiOrzE2tzVcf2sKnA/PU5/B/wj8BtO/mG0Ms
r1A7DAV8fZSCw1ltxFPsFIsYxcXwOoSwEmHPa6Xim1RipgRZ4fFkLPIOqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzJiccM/adtlsin/MIg9EsL7yc5MB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvRE1tSnh3ejlwMjJXeUtmOHdpRDBTd3Z2SnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7WtMA0G
CSqGSIb3DQEBCwUAA4IBAQAW8rnCF1Asgkt9wTbZinQxXTZUWdQHW00P5K3pEZz+
CE9VTabSlAANgHkeqWE46eZrBKBdu2gqy2YnAZfDa9rRtnHV6UQbk7lJK/l24os3
fyiS8U96FMagQLUUJ93E22gPiqcx1xYo/LApixdgP2Yko43tcP9AhEaMjIVLD0bG
2M3DT1W2qUSxdi5l0Li+OYEpQXjVlHX9WPMLxXLRqqK3CPQaHEobmKwc8op4Tu6p
UQAJv7GgKXP/pA2WJyeU/ofGkjc6bk7ooOvdnC8gl3sSIycuFgpAJ0OpI3xWphxH
fpcrLpAgAUgL31EMgGH6I/I0BfnqGgDj/HJIRZqAmK9i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:35 2024 by rpki-client on console-ams.rpki-client.org