Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/VSpVo2BcGB5lFZSm0ANO3_mRak0.roa
File:                     VSpVo2BcGB5lFZSm0ANO3_mRak0.roa (raw, json)
Hash identifier:          nL6M4DPzPCFxCbnNvB9cQT3PPZOUX+/ima94Vc9WWXI=
Subject key identifier:   55:2A:55:A3:60:5C:18:1E:65:15:94:A6:D0:03:4E:DF:F9:91:6A:4D
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       018AD0B9DEEA8AD3BE9ECDC7AD2342553AEE
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/VSpVo2BcGB5lFZSm0ANO3_mRak0.roa
Signing time:             Tue 26 Sep 2023 09:02:36 +0000
ROA not before:           Tue 26 Sep 2023 09:02:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205175
IP address blocks:        95.181.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 10:28:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d0:b9:de:ea:8a:d3:be:9e:cd:c7:ad:23:42:55:3a:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Sep 26 09:02:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=552a55a3605c181e651594a6d0034edff9916a4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:47:8f:8c:59:fd:2f:21:32:3e:b6:eb:a4:58:
                    69:d4:10:67:2e:1b:a6:33:d7:b0:52:f5:7e:8f:b9:
                    be:5f:41:6d:81:05:0b:08:6f:e4:df:36:f1:2d:2e:
                    3a:57:fb:d2:09:c5:82:4f:8a:67:36:58:dc:45:48:
                    5f:ce:6c:f6:ec:6f:5f:44:83:d8:fe:de:fb:f8:ca:
                    a1:4a:ff:f6:b1:1a:e3:e7:ef:9a:af:85:0d:85:49:
                    38:0d:c3:f0:ca:71:24:cc:e8:46:f8:f0:52:ca:2f:
                    2b:b7:e7:ef:c3:11:3c:3e:fa:34:02:dc:dc:f8:5d:
                    8d:d7:02:67:7b:44:bf:94:17:72:97:bc:a4:0c:bd:
                    83:d6:3c:bb:f3:c4:61:18:43:a7:d4:bf:c3:27:e8:
                    d3:aa:fb:47:bc:95:d2:15:c2:b2:f9:a1:57:ec:6c:
                    72:0a:98:3d:d0:28:a8:10:58:a1:1f:1d:f1:69:e0:
                    de:a3:a2:43:1d:17:e7:00:f5:ea:41:b4:1e:f9:e5:
                    e1:d2:82:f0:a6:f7:0c:f4:57:61:f4:69:2f:1b:cc:
                    60:f7:97:dc:d7:34:54:27:6e:9c:e7:3b:0f:e2:1a:
                    a1:10:61:77:db:45:7a:66:14:a4:0f:3e:2d:2e:a9:
                    ba:e4:e8:22:8f:d2:5d:0b:1b:bb:dc:2b:15:4a:e1:
                    dc:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:2A:55:A3:60:5C:18:1E:65:15:94:A6:D0:03:4E:DF:F9:91:6A:4D
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/VSpVo2BcGB5lFZSm0ANO3_mRak0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:8b:67:a9:9e:0a:71:d1:d7:2e:c6:6e:77:c1:ac:07:0e:4a:
         d6:a1:3a:4d:27:74:e2:a2:eb:ae:55:b5:f6:83:22:4a:5d:40:
         5d:aa:34:3a:05:57:dc:94:9c:89:97:b6:e4:f4:76:3e:74:d2:
         62:ee:ab:59:46:4b:0f:97:b5:c6:fc:a4:b0:a5:91:83:5d:d8:
         3f:b8:26:0a:91:97:db:7a:5e:16:84:00:b2:05:cb:5e:c1:60:
         07:88:53:2e:53:e0:e7:18:7f:de:e9:8f:42:43:d5:17:6d:f0:
         e2:bc:11:39:e5:8e:4b:93:21:49:14:6d:22:4c:df:8a:bc:d0:
         07:cd:9c:4e:6d:f5:89:c1:b2:30:31:b7:8c:59:4c:d9:d4:8a:
         26:24:08:8b:a6:4a:c4:47:58:44:18:c7:b4:cb:1e:d3:0a:4b:
         1e:3e:51:2e:f5:ce:49:70:9a:08:d1:14:a5:66:40:f4:62:cf:
         f4:15:38:1a:5e:1c:90:62:2a:c5:53:e9:d0:23:36:42:7b:69:
         90:6d:40:b0:92:9f:f8:3e:a2:fb:2a:69:48:d9:49:26:50:24:
         e8:a9:ae:bf:7e:b0:e2:ac:f4:a9:55:0e:5f:33:1f:22:3a:9c:
         d7:c3:10:b1:15:49:0f:d1:bd:8f:ac:a4:c4:cd:98:34:92:d9:
         61:d8:d9:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrQud7qitO+ns3HrSNCVTruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwOTI2MDkwMjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTJhNTVhMzYwNWMxODFlNjUxNTk0YTZkMDAzNGVkZmY5OTE2YTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0ePjFn9LyEyPrbrpFhp1BBnLhum
M9ewUvV+j7m+X0FtgQULCG/k3zbxLS46V/vSCcWCT4pnNljcRUhfzmz27G9fRIPY
/t77+MqhSv/2sRrj5++ar4UNhUk4DcPwynEkzOhG+PBSyi8rt+fvwxE8Pvo0Atzc
+F2N1wJne0S/lBdyl7ykDL2D1jy788RhGEOn1L/DJ+jTqvtHvJXSFcKy+aFX7Gxy
Cpg90CioEFihHx3xaeDeo6JDHRfnAPXqQbQe+eXh0oLwpvcM9Fdh9GkvG8xg95fc
1zRUJ26c5zsP4hqhEGF320V6ZhSkDz4tLqm65Ogij9JdCxu73CsVSuHc1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUqVaNgXBgeZRWUptADTt/5kWpNMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvVlNwVm8yQmNHQjVsRlpTbTBBTk8zX21SYWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7WWMA0G
CSqGSIb3DQEBCwUAA4IBAQBfi2epngpx0dcuxm53wawHDkrWoTpNJ3TiouuuVbX2
gyJKXUBdqjQ6BVfclJyJl7bk9HY+dNJi7qtZRksPl7XG/KSwpZGDXdg/uCYKkZfb
el4WhACyBctewWAHiFMuU+DnGH/e6Y9CQ9UXbfDivBE55Y5LkyFJFG0iTN+KvNAH
zZxObfWJwbIwMbeMWUzZ1IomJAiLpkrER1hEGMe0yx7TCksePlEu9c5JcJoI0RSl
ZkD0Ys/0FTgaXhyQYirFU+nQIzZCe2mQbUCwkp/4PqL7KmlI2UkmUCToqa6/frDi
rPSpVQ5fMx8iOpzXwxCxFUkP0b2PrKTEzZg0ktlh2NnM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org