Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/847ee0-ba2a-4fd2-89d7-87fe2e54ba79/1/jQCCwNpKV3vNaslXenQqXLD7COQ.roa
File:                     jQCCwNpKV3vNaslXenQqXLD7COQ.roa (raw, json)
Hash identifier:          nc0kOvxC+eH4s81xaBvhNV5ak6mUCrbum0u74NCVnis=
Subject key identifier:   8D:00:82:C0:DA:4A:57:7B:CD:6A:C9:57:7A:74:2A:5C:B0:FB:08:E4
Certificate issuer:       /CN=60077f22c6428bc889b365b006cb5248d4bf61cf
Certificate serial:       01857303A5A4BF805E9334ADCF459680188C
Authority key identifier: 60:07:7F:22:C6:42:8B:C8:89:B3:65:B0:06:CB:52:48:D4:BF:61:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YAd_IsZCi8iJs2WwBstSSNS_Yc8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/847ee0-ba2a-4fd2-89d7-87fe2e54ba79/1/jQCCwNpKV3vNaslXenQqXLD7COQ.roa
Signing time:             Mon 02 Jan 2023 15:04:56 +0000
ROA not before:           Mon 02 Jan 2023 15:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41202
IP address blocks:        95.214.208.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:03:a5:a4:bf:80:5e:93:34:ad:cf:45:96:80:18:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60077f22c6428bc889b365b006cb5248d4bf61cf
        Validity
            Not Before: Jan  2 15:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d0082c0da4a577bcd6ac9577a742a5cb0fb08e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:9c:9c:fa:a1:3b:01:b9:a6:0f:0c:a3:23:a8:
                    47:8c:37:79:26:19:30:cb:7b:79:12:a9:59:98:b1:
                    22:dc:18:94:b3:60:b9:fd:d5:cd:77:38:ef:72:ae:
                    7a:1f:b4:c4:02:73:07:3c:4b:9a:7b:a7:8f:5f:9b:
                    d6:ca:8c:fe:d1:5c:54:06:34:db:2b:a3:1f:ca:55:
                    35:f6:f7:ca:63:3d:8c:d6:32:31:44:8f:0e:6d:83:
                    eb:2d:71:69:5b:0f:f1:57:03:e3:0d:5d:aa:72:be:
                    b1:f5:0e:56:30:e7:f1:78:7d:50:2b:de:e7:28:55:
                    88:f3:c9:3c:b8:13:6e:a2:a1:d2:45:b8:78:a2:64:
                    8f:bd:24:34:87:37:ee:52:9c:f3:c8:ce:dd:99:c6:
                    78:3d:1a:3d:97:59:50:33:38:90:b4:6c:65:bc:52:
                    84:a4:07:ff:fa:1b:95:a6:ba:c8:31:4a:bd:8f:01:
                    0b:07:ed:bb:99:13:9c:89:d3:ac:72:ab:fb:80:23:
                    c4:1b:ba:1d:7c:87:98:29:90:8e:70:3b:9e:6a:25:
                    b8:72:ac:3d:64:92:7c:bc:b1:06:fc:81:5f:50:bf:
                    78:ed:ff:07:72:97:89:19:a2:2b:47:9c:11:c5:38:
                    db:28:5d:6b:58:d6:86:fe:2d:08:d4:96:3b:88:48:
                    ee:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:00:82:C0:DA:4A:57:7B:CD:6A:C9:57:7A:74:2A:5C:B0:FB:08:E4
            X509v3 Authority Key Identifier:
                keyid:60:07:7F:22:C6:42:8B:C8:89:B3:65:B0:06:CB:52:48:D4:BF:61:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YAd_IsZCi8iJs2WwBstSSNS_Yc8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/847ee0-ba2a-4fd2-89d7-87fe2e54ba79/1/jQCCwNpKV3vNaslXenQqXLD7COQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/847ee0-ba2a-4fd2-89d7-87fe2e54ba79/1/YAd_IsZCi8iJs2WwBstSSNS_Yc8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:d4:ff:96:8b:dd:00:c3:7a:b0:fa:e3:14:b2:3c:47:8e:b4:
         5e:e3:1f:4a:39:74:df:2a:df:9a:15:25:71:95:54:87:a0:95:
         f1:24:13:20:95:ec:2b:07:4b:49:b4:94:ff:34:66:1f:9a:12:
         97:67:ce:40:ac:cf:40:d5:4c:34:99:f1:02:1c:75:11:fb:2e:
         fd:d0:bb:f3:85:4e:8c:1d:c4:04:55:a4:54:8e:56:ca:d6:d7:
         43:5a:cd:97:41:51:cc:39:41:5d:2c:30:bd:f7:bf:22:df:e9:
         dc:69:f2:6d:2c:6d:e0:39:99:69:9a:45:a2:a4:69:bf:33:8b:
         9d:e1:ef:10:eb:57:f0:a0:6a:99:f8:a7:32:27:30:df:04:e7:
         a6:3d:1a:a1:72:91:27:7d:a5:00:70:3e:6e:ac:8e:16:e8:0a:
         4c:db:87:ff:25:51:92:92:99:cc:53:c9:59:bd:49:ec:25:e7:
         a3:32:e7:d6:de:87:b3:c1:c9:5f:01:b9:4d:16:47:31:40:11:
         bb:93:bf:8f:db:9f:ce:b3:f0:79:93:37:43:ea:52:42:43:8c:
         26:ab:cb:2b:b0:a1:15:11:60:5d:91:64:7e:46:3b:88:6b:a3:
         af:11:9a:82:78:19:ed:c5:c4:bc:3c:5c:21:6d:fd:25:23:5f:
         37:dc:ff:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA6Wkv4BekzStz0WWgBiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMDc3ZjIyYzY0MjhiYzg4OWIzNjViMDA2Y2I1MjQ4ZDRi
ZjYxY2YwHhcNMjMwMTAyMTUwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDAwODJjMGRhNGE1NzdiY2Q2YWM5NTc3YTc0MmE1Y2IwZmIwOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5yc+qE7AbmmDwyjI6hHjDd5Jhkw
y3t5EqlZmLEi3BiUs2C5/dXNdzjvcq56H7TEAnMHPEuae6ePX5vWyoz+0VxUBjTb
K6MfylU19vfKYz2M1jIxRI8ObYPrLXFpWw/xVwPjDV2qcr6x9Q5WMOfxeH1QK97n
KFWI88k8uBNuoqHSRbh4omSPvSQ0hzfuUpzzyM7dmcZ4PRo9l1lQMziQtGxlvFKE
pAf/+huVprrIMUq9jwELB+27mROcidOscqv7gCPEG7odfIeYKZCOcDueaiW4cqw9
ZJJ8vLEG/IFfUL947f8HcpeJGaIrR5wRxTjbKF1rWNaG/i0I1JY7iEju8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0AgsDaSld7zWrJV3p0Klyw+wjkMB8GA1UdIwQY
MBaAFGAHfyLGQovIibNlsAbLUkjUv2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUFkX0lzWkNpOGlKczJXd0JzdFNTTlNfWWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC84NDdlZTAtYmEyYS00ZmQyLTg5ZDct
ODdmZTJlNTRiYTc5LzEvalFDQ3dOcEtWM3ZOYXNsWGVuUXFYTEQ3Q09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC84NDdlZTAtYmEyYS00ZmQyLTg5ZDctODdmZTJlNTRiYTc5
LzEvWUFkX0lzWkNpOGlKczJXd0JzdFNTTlNfWWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9bQMA0G
CSqGSIb3DQEBCwUAA4IBAQB11P+Wi90Aw3qw+uMUsjxHjrRe4x9KOXTfKt+aFSVx
lVSHoJXxJBMglewrB0tJtJT/NGYfmhKXZ85ArM9A1Uw0mfECHHUR+y790LvzhU6M
HcQEVaRUjlbK1tdDWs2XQVHMOUFdLDC9978i3+ncafJtLG3gOZlpmkWipGm/M4ud
4e8Q61fwoGqZ+KcyJzDfBOemPRqhcpEnfaUAcD5urI4W6ApM24f/JVGSkpnMU8lZ
vUnsJeejMufW3oezwclfAblNFkcxQBG7k7+P25/Os/B5kzdD6lJCQ4wmq8srsKEV
EWBdkWR+RjuIa6OvEZqCeBntxcS8PFwhbf0lI1833P9R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:38 2024 by rpki-client on console-ams.rpki-client.org