Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/a0kmRcYDcM8aBXy7kfA71yuKf08.roa
File:                     a0kmRcYDcM8aBXy7kfA71yuKf08.roa (raw, json)
Hash identifier:          S5NaF46731ZVb5sUNuYEdo6d/TDa/vbyEhf+A+yPYYM=
Subject key identifier:   6B:49:26:45:C6:03:70:CF:1A:05:7C:BB:91:F0:3B:D7:2B:8A:7F:4F
Certificate issuer:       /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial:       01887820BEE6CC532475AAAED2804D172B24
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/a0kmRcYDcM8aBXy7kfA71yuKf08.roa
Signing time:             Thu 01 Jun 2023 18:03:11 +0000
ROA not before:           Thu 01 Jun 2023 18:03:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201703
IP address blocks:        195.190.130.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Dec 2023 17:22:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:78:20:be:e6:cc:53:24:75:aa:ae:d2:80:4d:17:2b:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94846741139263388d984db1e97e031669c6486e
        Validity
            Not Before: Jun  1 18:03:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b492645c60370cf1a057cbb91f03bd72b8a7f4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:8c:fc:d6:1f:81:00:a0:98:60:5e:4e:c7:cd:
                    a6:f3:c8:33:e7:67:d7:fe:5e:29:24:8a:e0:00:e3:
                    01:2a:0f:ea:e9:96:a2:5e:f5:f5:a8:d7:39:d7:cd:
                    3c:0a:a8:bc:fb:45:01:3d:75:86:69:8e:13:ed:47:
                    2c:d8:ef:94:3f:1e:cb:7d:5d:80:bb:32:c1:16:82:
                    a8:d1:75:f4:3c:db:17:04:ce:b4:4b:7f:4b:70:69:
                    0c:0f:91:04:dc:19:e9:f8:40:39:3b:6e:c6:e6:0e:
                    d7:b1:8e:d9:af:fb:93:47:76:c9:7b:6d:fa:82:a6:
                    8c:98:06:ed:a7:da:ab:a8:70:8b:5a:a6:79:22:2b:
                    ac:56:25:14:10:f6:db:23:98:b1:af:ea:3e:11:fd:
                    e7:da:de:09:da:ec:fa:b4:b9:0f:52:5c:ab:94:9d:
                    ca:8e:64:05:f4:83:47:91:c4:74:2e:60:a6:1d:13:
                    88:cc:9a:f5:54:89:35:c8:d5:dd:39:4c:65:42:54:
                    9e:80:59:73:64:3d:79:ab:a0:53:b5:ac:c8:8b:b6:
                    e1:9c:29:d9:99:d1:b0:7a:ac:8e:c8:97:cf:9a:3f:
                    b1:09:cf:1e:e1:6b:fc:57:0f:d8:4c:b0:14:18:61:
                    9d:59:c8:0d:ac:9d:2f:1a:78:9c:42:fc:42:fd:1c:
                    32:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:49:26:45:C6:03:70:CF:1A:05:7C:BB:91:F0:3B:D7:2B:8A:7F:4F
            X509v3 Authority Key Identifier:
                keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/a0kmRcYDcM8aBXy7kfA71yuKf08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.190.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cb:36:77:fb:32:45:e8:ec:17:be:55:e1:57:5e:84:12:8b:30:
         b8:af:73:d2:e7:0e:2b:96:56:a3:26:41:3f:70:ea:56:ad:91:
         78:81:73:17:5e:4b:6e:a2:9e:43:7c:c6:4c:a7:65:f6:b9:db:
         9e:ee:66:6f:c8:2f:1c:85:c5:e7:a6:cb:a8:ef:e6:89:9a:4c:
         1d:2f:e8:8e:ff:08:ca:15:0f:02:ab:f2:e9:bf:b2:5b:a0:70:
         25:1a:1a:79:4f:c2:ec:84:8b:a4:b8:77:d8:f2:3d:fe:be:75:
         4c:e7:c1:0b:db:68:21:b1:f6:84:6e:9f:5e:f8:ef:1c:84:7f:
         ee:20:e0:18:f0:22:58:75:5b:e3:fa:eb:2b:9b:db:80:fd:95:
         c8:80:98:22:79:49:5d:4b:f2:8a:6f:a1:4f:ae:30:b4:16:ec:
         51:97:62:a0:bf:b6:45:5c:c3:bc:b7:a7:57:6f:e5:c1:e1:9c:
         87:a2:fb:08:d9:88:57:29:fe:1e:74:ce:ab:b2:5f:42:9e:49:
         93:d9:19:93:58:2b:78:5f:83:d4:83:ea:d0:8a:a5:2a:eb:99:
         f9:a1:1b:e4:5c:dd:51:00:66:b0:55:48:3e:8a:93:fc:fa:30:
         4f:c4:b6:33:89:1e:1f:4d:42:63:e4:81:c1:5f:cf:d0:45:c9:
         a9:73:87:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh4IL7mzFMkdaqu0oBNFyskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjMwNjAxMTgwMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ5MjY0NWM2MDM3MGNmMWEwNTdjYmI5MWYwM2JkNzJiOGE3ZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Yz81h+BAKCYYF5Ox82m88gz52fX
/l4pJIrgAOMBKg/q6ZaiXvX1qNc51808Cqi8+0UBPXWGaY4T7Ucs2O+UPx7LfV2A
uzLBFoKo0XX0PNsXBM60S39LcGkMD5EE3Bnp+EA5O27G5g7XsY7Zr/uTR3bJe236
gqaMmAbtp9qrqHCLWqZ5IiusViUUEPbbI5ixr+o+Ef3n2t4J2uz6tLkPUlyrlJ3K
jmQF9INHkcR0LmCmHROIzJr1VIk1yNXdOUxlQlSegFlzZD15q6BTtazIi7bhnCnZ
mdGweqyOyJfPmj+xCc8e4Wv8Vw/YTLAUGGGdWcgNrJ0vGnicQvxC/RwyEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtJJkXGA3DPGgV8u5HwO9crin9PMB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvYTBrbVJjWURjTThhQlh5N2tmQTcxeXVLZjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw76CMA0G
CSqGSIb3DQEBCwUAA4IBAQDLNnf7MkXo7Be+VeFXXoQSizC4r3PS5w4rllajJkE/
cOpWrZF4gXMXXktuop5DfMZMp2X2udue7mZvyC8chcXnpsuo7+aJmkwdL+iO/wjK
FQ8Cq/Lpv7JboHAlGhp5T8LshIukuHfY8j3+vnVM58EL22ghsfaEbp9e+O8chH/u
IOAY8CJYdVvj+usrm9uA/ZXIgJgieUldS/KKb6FPrjC0FuxRl2Kgv7ZFXMO8t6dX
b+XB4ZyHovsI2YhXKf4edM6rsl9CnkmT2RmTWCt4X4PUg+rQiqUq65n5oRvkXN1R
AGawVUg+ipP8+jBPxLYziR4fTUJj5IHBX8/QRcmpc4cs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:51 2024 by rpki-client on console-fra.rpki-client.org