Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/si7bSPTpt0Kh82QDt5Oc_AqlP0s.roa
File:                     si7bSPTpt0Kh82QDt5Oc_AqlP0s.roa (raw, json)
Hash identifier:          W756W2q9Uo4OIz6cW6EmdvSzWEInH/DkuueIKPPWQnY=
Subject key identifier:   B2:2E:DB:48:F4:E9:B7:42:A1:F3:64:03:B7:93:9C:FC:0A:A5:3F:4B
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       01856D386535334E0F0E65809F06CB5E2E0A
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/si7bSPTpt0Kh82QDt5Oc_AqlP0s.roa
Signing time:             Sun 01 Jan 2023 12:04:50 +0000
ROA not before:           Sun 01 Jan 2023 12:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12722
IP address blocks:        95.181.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 21:12:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:38:65:35:33:4e:0f:0e:65:80:9f:06:cb:5e:2e:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Jan  1 12:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b22edb48f4e9b742a1f36403b7939cfc0aa53f4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:11:0b:d5:3c:10:55:e5:f3:4f:44:fe:de:b1:
                    21:e9:10:da:76:7a:57:66:5b:91:c5:b5:6f:27:f6:
                    88:d5:d6:0b:1d:f9:48:3d:d9:d2:d4:c8:db:c9:bd:
                    a7:01:2e:d7:98:6d:24:e2:6a:46:14:f8:92:db:92:
                    1d:10:4e:55:29:60:c8:88:d6:71:6b:aa:f8:af:62:
                    a3:fd:47:76:17:b9:68:06:b4:8e:40:11:cd:2f:cc:
                    df:6f:50:65:c4:5d:69:5e:42:b6:59:55:4b:73:75:
                    01:4a:c7:0b:4a:1b:43:e8:8e:25:0b:9e:02:6d:3c:
                    5e:26:b0:cd:77:95:e5:c2:78:ec:5b:e5:c0:30:46:
                    37:73:f7:71:b1:77:bb:bc:0c:ec:53:f8:27:02:82:
                    f4:6b:d6:6b:0c:b2:ae:43:c5:d5:9f:3a:3f:33:66:
                    0f:a6:b9:7c:39:4a:7c:c4:de:a5:52:5d:d6:da:31:
                    89:91:55:6f:cf:af:c9:67:29:9f:43:c1:6c:8b:d8:
                    3b:74:e6:0c:77:5a:0e:f9:ee:fd:53:97:41:17:2f:
                    8b:b5:b9:c8:85:22:37:47:79:1e:3e:9d:10:6f:1e:
                    e4:b3:be:d4:1d:b5:eb:49:ab:0a:f6:31:55:60:8d:
                    80:9b:82:b8:d8:24:c2:51:4f:23:cb:07:94:e7:a7:
                    2c:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:2E:DB:48:F4:E9:B7:42:A1:F3:64:03:B7:93:9C:FC:0A:A5:3F:4B
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/si7bSPTpt0Kh82QDt5Oc_AqlP0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:b8:02:ab:7f:79:de:0f:5f:44:ba:f0:18:47:41:3e:c8:80:
         ed:4f:f7:f7:ee:14:9d:7d:d3:f1:b7:75:e1:58:64:b0:61:10:
         07:d5:a2:8c:3a:d9:f6:70:4b:8b:f6:7a:64:e4:0c:50:79:76:
         f8:f7:ba:28:f5:5e:b7:ba:3d:b9:17:c2:9d:cd:a9:47:71:2d:
         45:94:b9:d2:eb:d6:9c:58:59:f0:53:30:ed:a7:f2:c9:92:36:
         75:a9:9d:b8:75:cd:94:e8:8a:91:9a:79:26:17:aa:42:a3:83:
         f0:ad:5c:12:ba:a6:14:e1:9d:00:4a:ab:44:a4:68:d5:26:3d:
         96:21:85:d4:2c:1e:99:0d:7a:36:3b:7b:e3:0c:ca:e9:c6:47:
         ce:2f:cc:39:c1:7a:36:d1:01:0d:89:e6:e0:5f:69:1d:7a:5d:
         6d:ef:ba:c8:33:53:b5:a3:7f:9e:83:74:b2:ed:43:22:96:8d:
         9d:70:8c:eb:4a:1d:ab:6d:84:65:c6:09:54:c0:11:b5:5e:c2:
         44:23:c9:bf:b1:dc:6b:3f:00:55:33:36:9d:de:bc:97:2e:58:
         bc:88:23:9d:5b:29:47:99:23:43:4a:83:dc:ab:e4:9b:d7:f3:
         1a:02:bc:31:95:90:ee:f3:94:ca:12:87:a5:47:41:26:67:f7:
         c0:fc:92:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGU1M04PDmWAnwbLXi4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwMTAxMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjJlZGI0OGY0ZTliNzQyYTFmMzY0MDNiNzkzOWNmYzBhYTUzZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxEL1TwQVeXzT0T+3rEh6RDadnpX
ZluRxbVvJ/aI1dYLHflIPdnS1Mjbyb2nAS7XmG0k4mpGFPiS25IdEE5VKWDIiNZx
a6r4r2Kj/Ud2F7loBrSOQBHNL8zfb1BlxF1pXkK2WVVLc3UBSscLShtD6I4lC54C
bTxeJrDNd5XlwnjsW+XAMEY3c/dxsXe7vAzsU/gnAoL0a9ZrDLKuQ8XVnzo/M2YP
prl8OUp8xN6lUl3W2jGJkVVvz6/JZymfQ8Fsi9g7dOYMd1oO+e79U5dBFy+LtbnI
hSI3R3kePp0Qbx7ks77UHbXrSasK9jFVYI2Am4K42CTCUU8jyweU56cs7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIu20j06bdCofNkA7eTnPwKpT9LMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvc2k3YlNQVHB0MEtoODJRRHQ1T2NfQXFsUDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7WhMA0G
CSqGSIb3DQEBCwUAA4IBAQBPuAKrf3neD19EuvAYR0E+yIDtT/f37hSdfdPxt3Xh
WGSwYRAH1aKMOtn2cEuL9npk5AxQeXb497oo9V63uj25F8KdzalHcS1FlLnS69ac
WFnwUzDtp/LJkjZ1qZ24dc2U6IqRmnkmF6pCo4PwrVwSuqYU4Z0ASqtEpGjVJj2W
IYXULB6ZDXo2O3vjDMrpxkfOL8w5wXo20QENiebgX2kdel1t77rIM1O1o3+eg3Sy
7UMilo2dcIzrSh2rbYRlxglUwBG1XsJEI8m/sdxrPwBVMzad3ryXLli8iCOdWylH
mSNDSoPcq+Sb1/MaArwxlZDu85TKEoelR0EmZ/fA/JLP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org