Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/KfDYgbqeUukrDuqJUqZ8iOX_jpU.roa
File:                     KfDYgbqeUukrDuqJUqZ8iOX_jpU.roa (raw, json)
Hash identifier:          YO2qsAEQyda8NddN81ul1WSaf0qC6I1+dgXcqMnAiAQ=
Subject key identifier:   29:F0:D8:81:BA:9E:52:E9:2B:0E:EA:89:52:A6:7C:88:E5:FF:8E:95
Certificate issuer:       /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial:       0187046BD1756C442EA2169E91635E765A66
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/KfDYgbqeUukrDuqJUqZ8iOX_jpU.roa
Signing time:             Tue 21 Mar 2023 13:46:27 +0000
ROA not before:           Tue 21 Mar 2023 13:46:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209279
IP address blocks:        195.182.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:04:6b:d1:75:6c:44:2e:a2:16:9e:91:63:5e:76:5a:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94846741139263388d984db1e97e031669c6486e
        Validity
            Not Before: Mar 21 13:46:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29f0d881ba9e52e92b0eea8952a67c88e5ff8e95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:10:39:f2:98:56:4f:bf:79:40:cd:ef:86:9b:
                    f0:9e:09:7c:e1:44:34:89:47:a9:08:b4:6a:4a:be:
                    e8:f7:11:96:68:a8:36:f2:fd:4c:9b:b4:92:64:32:
                    1c:a4:2d:d6:62:1c:b8:22:39:13:ab:fa:18:a1:f7:
                    b0:05:91:82:e0:a3:ef:ef:0a:d2:60:b7:cd:ae:cd:
                    25:1b:db:4c:9f:77:6e:31:ca:7f:e2:72:38:05:96:
                    a9:c3:4b:73:c3:63:f4:12:18:be:28:bd:75:f3:f2:
                    4e:b4:e6:d5:e8:a9:4a:02:30:7d:45:9e:24:24:d0:
                    70:c6:f8:d3:46:9a:02:49:f7:39:be:fc:aa:93:5f:
                    db:8b:8d:5c:59:d9:0d:6b:44:5c:cd:af:ab:8b:34:
                    71:29:98:9e:05:08:fc:42:b4:3b:92:52:2e:52:c2:
                    97:f2:5d:42:22:42:82:88:e6:ad:96:b9:b5:89:38:
                    4e:6c:18:a8:63:35:bc:f8:05:5b:d1:61:45:9c:e7:
                    53:2a:21:eb:71:20:de:16:68:03:dc:06:44:17:82:
                    22:49:d4:fb:65:f4:6f:77:f2:ff:fc:34:1d:80:bb:
                    87:d7:4f:db:e3:f8:95:3a:71:d2:32:ea:74:3d:75:
                    2c:13:3f:a4:8d:70:ef:51:54:31:c1:bb:d3:14:f7:
                    02:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:F0:D8:81:BA:9E:52:E9:2B:0E:EA:89:52:A6:7C:88:E5:FF:8E:95
            X509v3 Authority Key Identifier:
                keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/KfDYgbqeUukrDuqJUqZ8iOX_jpU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.182.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:61:95:99:8a:78:62:16:51:f6:c1:7a:e6:fc:76:0d:79:5c:
         72:29:3f:c5:6f:80:29:74:30:0c:d5:41:af:f6:38:39:16:b0:
         94:85:8c:9e:e0:6d:b6:8d:71:bd:c2:52:7d:9d:7c:55:13:a0:
         89:2f:0b:86:5b:4b:d4:e2:bc:4c:51:d5:5f:c3:58:45:94:90:
         3c:e9:03:f7:25:56:31:39:51:f0:84:0f:b3:26:ba:54:cf:fe:
         e2:4d:55:bb:cf:4f:18:38:52:ff:98:d0:1c:1f:1f:3c:22:64:
         78:25:11:a5:c5:f4:b4:77:9f:b5:47:fb:66:7e:3a:21:35:cf:
         5d:ca:e6:fe:40:f6:50:2e:d4:f4:c3:a7:90:0c:ca:0c:96:25:
         ba:e9:b7:a8:17:71:1e:df:8c:da:77:ba:9f:2a:88:3e:eb:92:
         9e:37:7f:da:97:53:cb:d6:8c:17:e2:4c:e4:97:35:50:98:08:
         34:d8:89:c3:ec:52:c0:65:8a:c0:0d:70:cc:64:18:b3:4f:0e:
         c3:2d:ab:f0:45:53:d1:98:bc:8f:4e:83:0b:3a:ca:41:5a:5a:
         1a:67:78:d3:e1:81:8b:e9:b3:80:b5:62:69:6d:da:3d:d6:3a:
         53:3c:3d:9d:7a:44:11:6b:fe:ef:64:f4:32:b1:17:f7:f3:db:
         ce:fd:e7:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcEa9F1bEQuohaekWNedlpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjMwMzIxMTM0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYwZDg4MWJhOWU1MmU5MmIwZWVhODk1MmE2N2M4OGU1ZmY4ZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhA58phWT795QM3vhpvwngl84UQ0
iUepCLRqSr7o9xGWaKg28v1Mm7SSZDIcpC3WYhy4IjkTq/oYofewBZGC4KPv7wrS
YLfNrs0lG9tMn3duMcp/4nI4BZapw0tzw2P0Ehi+KL118/JOtObV6KlKAjB9RZ4k
JNBwxvjTRpoCSfc5vvyqk1/bi41cWdkNa0Rcza+rizRxKZieBQj8QrQ7klIuUsKX
8l1CIkKCiOatlrm1iThObBioYzW8+AVb0WFFnOdTKiHrcSDeFmgD3AZEF4IiSdT7
ZfRvd/L//DQdgLuH10/b4/iVOnHSMup0PXUsEz+kjXDvUVQxwbvTFPcCbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnw2IG6nlLpKw7qiVKmfIjl/46VMB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvS2ZEWWdicWVVdWtyRHVxSlVxWjhpT1hfanBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7YmMA0G
CSqGSIb3DQEBCwUAA4IBAQAvYZWZinhiFlH2wXrm/HYNeVxyKT/Fb4ApdDAM1UGv
9jg5FrCUhYye4G22jXG9wlJ9nXxVE6CJLwuGW0vU4rxMUdVfw1hFlJA86QP3JVYx
OVHwhA+zJrpUz/7iTVW7z08YOFL/mNAcHx88ImR4JRGlxfS0d5+1R/tmfjohNc9d
yub+QPZQLtT0w6eQDMoMliW66beoF3Ee34zad7qfKog+65KeN3/al1PL1owX4kzk
lzVQmAg02InD7FLAZYrADXDMZBizTw7DLavwRVPRmLyPToMLOspBWloaZ3jT4YGL
6bOAtWJpbdo91jpTPD2dekQRa/7vZPQysRf389vO/edT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:51 2024 by rpki-client on console-fra.rpki-client.org