Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/ZT8iB-PE7rcoaUAj8QwgGzYXFw4.roa
File:                     ZT8iB-PE7rcoaUAj8QwgGzYXFw4.roa (raw, json)
Hash identifier:          EOSbi8KpdlAf4SBIwlYvlEAe+4iu8DydSwVDtlUNCq8=
Subject key identifier:   65:3F:22:07:E3:C4:EE:B7:28:69:40:23:F1:0C:20:1B:36:17:17:0E
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       018A7FDE08C82703EA862DA5FCE413F8B5A1
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/ZT8iB-PE7rcoaUAj8QwgGzYXFw4.roa
Signing time:             Sun 10 Sep 2023 16:12:52 +0000
ROA not before:           Sun 10 Sep 2023 16:12:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210531
IP address blocks:        95.181.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Sep 2023 09:02:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:7f:de:08:c8:27:03:ea:86:2d:a5:fc:e4:13:f8:b5:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Sep 10 16:12:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=653f2207e3c4eeb728694023f10c201b3617170e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ae:db:9e:bb:02:d9:e5:a6:5f:d0:4f:f2:f2:
                    bf:65:e9:88:8f:ba:fa:1b:d4:14:f6:72:e9:19:08:
                    70:61:db:9d:d7:ff:06:92:e8:38:b9:36:02:7b:96:
                    90:6c:33:b5:b7:95:c8:ab:f3:c6:51:f4:27:c2:07:
                    95:6d:64:57:62:01:45:4e:ab:87:3f:7d:f2:24:22:
                    f2:09:a4:40:46:ac:20:02:66:68:0e:35:7d:7e:7f:
                    0b:55:77:cd:50:a2:1d:2d:20:2b:e6:25:0e:d9:4c:
                    9c:44:80:d0:92:59:65:3d:96:1a:1a:58:93:00:3d:
                    4f:93:c9:4d:f6:74:f0:58:44:7d:e0:5f:f7:02:8f:
                    b3:06:0a:2a:df:01:0c:71:fc:13:ed:ee:35:5b:54:
                    40:3c:35:e9:a7:ec:70:74:ff:5e:e5:08:91:0a:a7:
                    c7:cd:56:bc:71:e6:b0:95:36:e6:97:5d:27:34:98:
                    78:2e:b6:ee:94:fa:e3:cf:d3:bc:66:c3:34:61:32:
                    18:fb:a5:5b:da:cd:63:c0:5d:ff:c9:c8:ee:90:f4:
                    7a:f2:d7:81:7e:4f:ee:fe:e7:5f:93:f6:ec:82:5d:
                    64:e3:63:13:3a:76:70:6c:6d:67:47:e4:49:f7:d5:
                    d2:e1:19:d4:1d:a9:50:2c:d4:14:65:03:42:36:1c:
                    46:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:3F:22:07:E3:C4:EE:B7:28:69:40:23:F1:0C:20:1B:36:17:17:0E
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/ZT8iB-PE7rcoaUAj8QwgGzYXFw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:8a:ea:64:2f:a7:1e:99:48:cb:aa:aa:e7:18:5b:89:1e:8b:
         e0:c0:7d:07:b0:ab:52:a6:2f:c8:7c:a1:b5:82:e8:3b:41:f0:
         ae:a6:d6:8d:4e:a5:55:ab:2b:79:84:dd:6e:bf:8d:30:f9:07:
         17:b3:09:b5:c2:63:f1:a7:4e:86:f5:dd:98:0d:05:3b:a3:51:
         df:9f:95:49:b2:ec:d1:34:d0:b1:7a:65:a0:92:d3:2a:5d:ae:
         17:06:55:31:2e:bb:a4:8f:77:ff:54:a2:6e:3c:55:2a:89:09:
         d4:82:33:29:8d:22:45:21:fa:96:ce:ec:68:c5:33:76:67:f7:
         87:dc:26:ce:03:e9:72:b3:10:dd:2f:f4:8b:32:c8:cf:72:1d:
         c9:9b:0f:96:02:fb:e1:a1:9a:2d:0f:27:a7:b2:ab:24:fc:87:
         3e:e7:83:7f:a2:a8:44:9b:d3:c3:57:8c:af:60:11:24:c0:39:
         02:a3:43:08:18:14:01:a2:83:d0:fc:d3:e4:c3:e0:fd:d4:da:
         97:f0:81:a4:ba:a6:d6:f6:59:1e:56:c9:de:a5:51:2e:cc:14:
         7e:b3:55:04:8c:da:ee:8e:4b:c7:de:50:48:b9:73:4f:c7:1c:
         37:e3:ea:2a:e3:2d:b1:c8:77:f4:b9:b0:2a:38:4f:16:18:2a:
         14:29:ad:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYp/3gjIJwPqhi2l/OQT+LWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwOTEwMTYxMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNmMjIwN2UzYzRlZWI3Mjg2OTQwMjNmMTBjMjAxYjM2MTcxNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa7bnrsC2eWmX9BP8vK/ZemIj7r6
G9QU9nLpGQhwYdud1/8Gkug4uTYCe5aQbDO1t5XIq/PGUfQnwgeVbWRXYgFFTquH
P33yJCLyCaRARqwgAmZoDjV9fn8LVXfNUKIdLSAr5iUO2UycRIDQklllPZYaGliT
AD1Pk8lN9nTwWER94F/3Ao+zBgoq3wEMcfwT7e41W1RAPDXpp+xwdP9e5QiRCqfH
zVa8ceawlTbml10nNJh4LrbulPrjz9O8ZsM0YTIY+6Vb2s1jwF3/ycjukPR68teB
fk/u/udfk/bsgl1k42MTOnZwbG1nR+RJ99XS4RnUHalQLNQUZQNCNhxGdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGU/IgfjxO63KGlAI/EMIBs2FxcOMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvWlQ4aUItUEU3cmNvYVVBajhRd2dHellYRnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7WWMA0G
CSqGSIb3DQEBCwUAA4IBAQBaiupkL6cemUjLqqrnGFuJHovgwH0HsKtSpi/IfKG1
gug7QfCuptaNTqVVqyt5hN1uv40w+QcXswm1wmPxp06G9d2YDQU7o1Hfn5VJsuzR
NNCxemWgktMqXa4XBlUxLrukj3f/VKJuPFUqiQnUgjMpjSJFIfqWzuxoxTN2Z/eH
3CbOA+lysxDdL/SLMsjPch3Jmw+WAvvhoZotDyensqsk/Ic+54N/oqhEm9PDV4yv
YBEkwDkCo0MIGBQBooPQ/NPkw+D91NqX8IGkuqbW9lkeVsnepVEuzBR+s1UEjNru
jkvH3lBIuXNPxxw34+oq4y2xyHf0ubAqOE8WGCoUKa3M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org