Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/dWFEj3P-boqu0mfwu8LqvMwIetk.roa
File:                     dWFEj3P-boqu0mfwu8LqvMwIetk.roa (raw, json)
Hash identifier:          Ee1//f3bSYTbhIGB2yRNbP6cZ3ygbzqvIQV7o6W1QNM=
Subject key identifier:   75:61:44:8F:73:FE:6E:8A:AE:D2:67:F0:BB:C2:EA:BC:CC:08:7A:D9
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       01856D386655E42A227307314795829C39DC
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/dWFEj3P-boqu0mfwu8LqvMwIetk.roa
Signing time:             Sun 01 Jan 2023 12:04:50 +0000
ROA not before:           Sun 01 Jan 2023 12:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41717
IP address blocks:        95.181.154.0/24 maxlen: 24
                          95.181.162.0/24 maxlen: 24
                          95.181.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:38:66:55:e4:2a:22:73:07:31:47:95:82:9c:39:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Jan  1 12:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7561448f73fe6e8aaed267f0bbc2eabccc087ad9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:3b:a9:24:df:0d:7e:fb:f6:7a:c3:60:2b:e5:
                    b3:e6:2c:0d:fe:7d:54:45:84:9e:ab:3d:81:3c:42:
                    e9:cc:6e:4a:fb:71:cb:23:24:25:7b:b0:03:05:06:
                    75:87:aa:59:08:73:12:6a:89:c1:5b:26:04:fb:6f:
                    3a:08:4c:80:dd:fe:a9:50:6c:54:7f:fa:04:ae:36:
                    93:95:ad:9c:00:15:68:91:2a:b7:6e:8b:d4:ba:21:
                    37:18:27:a7:f5:46:1b:7b:20:a7:b9:62:21:5a:f8:
                    da:71:2b:b2:33:e5:0d:68:96:b5:51:8b:52:e7:f1:
                    13:8c:bf:1d:33:b7:c5:0f:6f:df:6d:dd:4e:97:26:
                    ef:a4:a7:c7:a8:64:a9:2c:61:75:15:e8:22:86:ee:
                    64:89:e1:a6:96:f2:b3:eb:ee:ba:29:33:ae:57:b1:
                    06:22:82:5f:a0:6a:8a:d9:05:ee:e8:9e:7e:d1:5e:
                    76:7a:8f:95:a2:c2:4d:b6:36:13:ab:c4:e9:58:fa:
                    51:26:5a:c3:d0:41:c4:66:14:78:09:cb:c0:ae:5c:
                    3b:cd:80:27:5c:ca:0d:27:ba:66:41:51:f7:fc:e3:
                    92:69:1f:98:a6:3f:e7:29:ab:61:a0:96:30:74:06:
                    fb:bf:bd:3c:d8:ad:47:3d:0d:94:22:cb:26:86:37:
                    c1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:61:44:8F:73:FE:6E:8A:AE:D2:67:F0:BB:C2:EA:BC:CC:08:7A:D9
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/dWFEj3P-boqu0mfwu8LqvMwIetk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.154.0/24
                  95.181.162.0/24
                  95.181.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:88:10:27:fd:3a:b6:af:c3:a3:e6:a9:c8:aa:41:fd:a3:03:
         24:50:eb:c0:29:5f:b8:c1:7c:c7:ce:56:b3:e6:70:57:50:0c:
         16:aa:33:64:08:7d:8d:fb:f0:20:da:70:c0:19:d1:b3:b2:2b:
         53:e8:dd:55:84:d4:88:cb:7b:cc:fe:89:dd:a5:38:db:9e:ac:
         da:dd:91:70:6c:82:06:7e:d8:26:d8:25:b1:7f:c0:26:3d:89:
         7e:09:24:da:01:e1:81:b3:a0:23:cc:a8:02:73:fe:c1:30:58:
         df:06:68:00:81:89:e4:75:42:30:9b:b8:21:26:2a:40:9c:d9:
         4a:d6:f0:bd:8f:4e:24:93:dc:23:eb:69:af:db:a7:9d:d1:07:
         68:7a:57:81:88:12:4d:aa:04:55:aa:80:5d:e6:4b:53:93:5b:
         88:20:23:b7:42:40:77:35:51:69:20:ad:4b:7e:9f:b3:28:26:
         f0:c3:5e:8f:5a:fd:9e:c4:f4:fd:65:c3:af:ed:86:8d:3f:11:
         f3:a4:80:c2:5b:dd:81:af:77:83:e9:c0:1c:96:4a:1b:b9:7f:
         49:5b:6b:40:5d:e0:28:dd:e9:a1:48:83:42:e5:d6:f8:eb:0f:
         03:13:eb:33:0c:a1:d6:8d:55:82:79:cf:f6:5c:7e:c6:19:41:
         b0:65:32:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtOGZV5CoicwcxR5WCnDncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwMTAxMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTYxNDQ4ZjczZmU2ZThhYWVkMjY3ZjBiYmMyZWFiY2NjMDg3YWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jupJN8Nfvv2esNgK+Wz5iwN/n1U
RYSeqz2BPELpzG5K+3HLIyQle7ADBQZ1h6pZCHMSaonBWyYE+286CEyA3f6pUGxU
f/oErjaTla2cABVokSq3bovUuiE3GCen9UYbeyCnuWIhWvjacSuyM+UNaJa1UYtS
5/ETjL8dM7fFD2/fbd1OlybvpKfHqGSpLGF1Fegihu5kieGmlvKz6+66KTOuV7EG
IoJfoGqK2QXu6J5+0V52eo+VosJNtjYTq8TpWPpRJlrD0EHEZhR4CcvArlw7zYAn
XMoNJ7pmQVH3/OOSaR+Ypj/nKathoJYwdAb7v7082K1HPQ2UIssmhjfBLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHVhRI9z/m6KrtJn8LvC6rzMCHrZMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvZFdGRWozUC1ib3F1MG1md3U4THF2TXdJZXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX7WaAwQA
X7WiAwQAX7WnMA0GCSqGSIb3DQEBCwUAA4IBAQB6iBAn/Tq2r8Oj5qnIqkH9owMk
UOvAKV+4wXzHzlaz5nBXUAwWqjNkCH2N+/Ag2nDAGdGzsitT6N1VhNSIy3vM/ond
pTjbnqza3ZFwbIIGftgm2CWxf8AmPYl+CSTaAeGBs6AjzKgCc/7BMFjfBmgAgYnk
dUIwm7ghJipAnNlK1vC9j04kk9wj62mv26ed0QdoeleBiBJNqgRVqoBd5ktTk1uI
ICO3QkB3NVFpIK1Lfp+zKCbww16PWv2exPT9ZcOv7YaNPxHzpIDCW92Br3eD6cAc
lkobuX9JW2tAXeAo3emhSINC5db46w8DE+szDKHWjVWCec/2XH7GGUGwZTJG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org