Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/KhZvkO488vdx6di01cFT9-F3SXI.roa
File:                     KhZvkO488vdx6di01cFT9-F3SXI.roa (raw, json)
Hash identifier:          yvDV5jcddQ1uZGnaDY/wA/69LCy4voW6tVkSCRJfQPA=
Subject key identifier:   2A:16:6F:90:EE:3C:F2:F7:71:E9:D8:B4:D5:C1:53:F7:E1:77:49:72
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       0189BD400A9A31B75EAE708B21BFFA267569
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/KhZvkO488vdx6di01cFT9-F3SXI.roa
Signing time:             Thu 03 Aug 2023 21:13:58 +0000
ROA not before:           Thu 03 Aug 2023 21:13:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201671
IP address blocks:        95.181.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 03 Sep 2023 14:12:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:bd:40:0a:9a:31:b7:5e:ae:70:8b:21:bf:fa:26:75:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Aug  3 21:13:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a166f90ee3cf2f771e9d8b4d5c153f7e1774972
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:aa:8b:ee:5f:5a:41:4d:c0:52:ab:9c:3e:ad:
                    9e:1b:7f:c7:9a:ed:6d:3a:9f:e4:af:53:ed:d8:7d:
                    68:8e:87:18:9c:5b:6f:08:80:46:79:ad:30:7a:4b:
                    b8:a4:4e:36:d8:bd:aa:e7:5f:ed:fa:a9:b1:4b:18:
                    9c:f9:36:16:be:26:b1:40:79:2d:18:a1:41:5f:9f:
                    cb:6d:82:a3:7a:47:b9:2e:d6:13:f5:7a:01:fc:22:
                    d6:c5:7f:62:0f:83:8d:3e:63:92:0a:e1:01:93:39:
                    97:9b:da:9a:11:2b:1f:e7:e3:37:92:2b:34:a9:ba:
                    6c:82:8b:d2:cf:8c:44:1e:87:5a:8c:5a:b6:1c:da:
                    c3:d4:00:5e:2e:43:68:60:44:86:79:92:1d:07:6e:
                    d7:9c:8d:be:0f:bf:bb:c5:de:21:d4:86:87:f6:96:
                    7a:28:1f:f0:83:19:03:51:6a:82:16:a3:20:86:ef:
                    ec:40:25:e6:cf:2b:5d:6e:38:91:c6:de:4f:4f:99:
                    cd:f8:7f:dc:c3:8a:0a:b2:6c:29:c1:0c:fa:1c:68:
                    56:1f:93:24:7a:65:43:75:a6:e5:22:16:0a:13:f9:
                    49:b1:29:ab:32:e6:e9:5e:23:ad:6f:8c:fd:43:97:
                    1b:99:6a:25:c6:db:88:a5:cc:f9:20:c7:f4:3d:21:
                    8f:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:16:6F:90:EE:3C:F2:F7:71:E9:D8:B4:D5:C1:53:F7:E1:77:49:72
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/KhZvkO488vdx6di01cFT9-F3SXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:44:fb:7c:0e:cf:b8:58:8c:49:8b:f9:06:5b:af:bd:d1:06:
         06:a1:28:21:b9:84:c0:8e:99:90:bb:39:84:8a:05:53:6b:19:
         83:38:1b:3a:9f:d4:fa:89:46:74:7f:c1:dd:2b:29:7c:cd:db:
         bd:e0:0e:5a:61:ae:11:fa:ad:60:2f:fe:c2:a4:4c:64:b7:46:
         e8:1a:1d:24:c9:8e:6b:74:35:95:68:69:66:3a:1c:bf:c9:06:
         38:dc:21:8d:ae:2e:fb:a4:f6:2e:ce:0e:cc:05:1a:ec:dc:da:
         d8:c7:12:43:55:b1:0b:59:8c:13:ab:1c:d5:e3:8e:87:50:f0:
         8b:5a:8f:3a:c7:74:e8:07:db:65:70:92:ae:20:53:e3:5c:55:
         e6:9b:02:d2:d0:de:33:cf:df:12:75:38:dc:04:ca:79:1d:a0:
         e8:c0:ad:de:34:9f:64:bc:67:8e:1c:68:35:8b:bc:b9:32:69:
         03:10:3a:a2:3b:04:e3:29:b6:12:62:12:d9:11:74:48:d5:b8:
         0f:90:8d:da:cf:97:38:ec:70:c3:ae:35:f2:93:3c:d1:fb:3b:
         63:21:43:cc:2b:a2:27:4a:b8:9a:6e:bd:f6:37:ec:73:21:a4:
         47:8b:6b:0d:14:2d:9b:22:01:a5:16:03:55:0a:0c:44:77:ad:
         ea:d0:ab:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm9QAqaMbdernCLIb/6JnVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwODAzMjExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE2NmY5MGVlM2NmMmY3NzFlOWQ4YjRkNWMxNTNmN2UxNzc0OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaqL7l9aQU3AUqucPq2eG3/Hmu1t
Op/kr1Pt2H1ojocYnFtvCIBGea0weku4pE422L2q51/t+qmxSxic+TYWviaxQHkt
GKFBX5/LbYKjeke5LtYT9XoB/CLWxX9iD4ONPmOSCuEBkzmXm9qaESsf5+M3kis0
qbpsgovSz4xEHodajFq2HNrD1ABeLkNoYESGeZIdB27XnI2+D7+7xd4h1IaH9pZ6
KB/wgxkDUWqCFqMghu/sQCXmzytdbjiRxt5PT5nN+H/cw4oKsmwpwQz6HGhWH5Mk
emVDdablIhYKE/lJsSmrMubpXiOtb4z9Q5cbmWolxtuIpcz5IMf0PSGP2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoWb5DuPPL3cenYtNXBU/fhd0lyMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvS2hadmtPNDg4dmR4NmRpMDFjRlQ5LUYzU1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7WhMA0G
CSqGSIb3DQEBCwUAA4IBAQB5RPt8Ds+4WIxJi/kGW6+90QYGoSghuYTAjpmQuzmE
igVTaxmDOBs6n9T6iUZ0f8HdKyl8zdu94A5aYa4R+q1gL/7CpExkt0boGh0kyY5r
dDWVaGlmOhy/yQY43CGNri77pPYuzg7MBRrs3NrYxxJDVbELWYwTqxzV446HUPCL
Wo86x3ToB9tlcJKuIFPjXFXmmwLS0N4zz98SdTjcBMp5HaDowK3eNJ9kvGeOHGg1
i7y5MmkDEDqiOwTjKbYSYhLZEXRI1bgPkI3az5c47HDDrjXykzzR+ztjIUPMK6In
Sriabr32N+xzIaRHi2sNFC2bIgGlFgNVCgxEd63q0Kt1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org