Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/ed96c5-d633-402f-8e00-2b1d674595b7/1/c7sEn7L6qZoWYYyMZTv9h7twtwY.roa
File:                     c7sEn7L6qZoWYYyMZTv9h7twtwY.roa (raw, json)
Hash identifier:          x6z3iuoHHz78diHvzKKWLbX/GvUUY2Pwgrb2indyUJY=
Subject key identifier:   73:BB:04:9F:B2:FA:A9:9A:16:61:8C:8C:65:3B:FD:87:BB:70:B7:06
Certificate issuer:       /CN=62af1d7f36b1865802535e49a7331e035ad01008
Certificate serial:       01856EEFD00B47DBA25E5FE9057C4E18F05A
Authority key identifier: 62:AF:1D:7F:36:B1:86:58:02:53:5E:49:A7:33:1E:03:5A:D0:10:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yq8dfzaxhlgCU15JpzMeA1rQEAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/ed96c5-d633-402f-8e00-2b1d674595b7/1/c7sEn7L6qZoWYYyMZTv9h7twtwY.roa
Signing time:             Sun 01 Jan 2023 20:04:48 +0000
ROA not before:           Sun 01 Jan 2023 20:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47305
IP address blocks:        195.182.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:ef:d0:0b:47:db:a2:5e:5f:e9:05:7c:4e:18:f0:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62af1d7f36b1865802535e49a7331e035ad01008
        Validity
            Not Before: Jan  1 20:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=73bb049fb2faa99a16618c8c653bfd87bb70b706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:fd:54:a3:e7:1c:ce:1b:f1:1e:a8:95:77:8c:
                    c2:41:67:69:00:f8:bd:ee:97:56:6c:3a:fd:c8:33:
                    83:73:a4:d6:b6:10:63:90:de:f6:87:4e:f7:ce:4a:
                    15:f3:64:69:c4:13:d1:df:eb:7c:c0:82:9d:b2:fa:
                    42:f0:cd:d4:3e:c8:79:d7:92:0e:84:78:20:cb:34:
                    cb:4d:e3:c6:4a:39:5e:34:34:da:bd:2d:00:1f:52:
                    93:9b:e2:dc:8a:5b:58:0a:1d:2b:47:5c:44:fa:16:
                    08:d5:99:55:b8:24:c2:10:be:28:a7:33:ab:dc:9c:
                    7a:d6:76:26:01:35:98:d4:a0:2f:34:ec:51:01:94:
                    47:58:0d:76:d7:70:b3:cd:6a:be:9f:4a:16:6a:b8:
                    85:47:31:45:0a:2c:fc:6c:51:77:60:8d:2c:63:8f:
                    a7:77:80:25:74:a5:5e:54:ae:c8:28:d8:99:a4:b9:
                    af:74:3f:61:11:ee:fc:61:58:1c:63:01:d6:b4:c9:
                    23:85:41:f6:1b:e8:90:5f:b6:aa:00:75:7d:d8:33:
                    c1:50:82:e9:56:65:53:f7:6c:ea:b1:f3:a5:1f:67:
                    d1:dd:26:7a:a5:ba:28:e4:b6:d7:2f:f9:21:60:dd:
                    b4:4f:97:5d:7a:17:38:9f:ad:37:7a:fe:7f:b5:6c:
                    0c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:BB:04:9F:B2:FA:A9:9A:16:61:8C:8C:65:3B:FD:87:BB:70:B7:06
            X509v3 Authority Key Identifier:
                keyid:62:AF:1D:7F:36:B1:86:58:02:53:5E:49:A7:33:1E:03:5A:D0:10:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yq8dfzaxhlgCU15JpzMeA1rQEAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/ed96c5-d633-402f-8e00-2b1d674595b7/1/c7sEn7L6qZoWYYyMZTv9h7twtwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/ed96c5-d633-402f-8e00-2b1d674595b7/1/Yq8dfzaxhlgCU15JpzMeA1rQEAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.182.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:c5:7f:7c:d5:96:c1:2f:f0:2c:cd:c6:ad:a9:a1:c2:82:33:
         d3:c8:54:cc:fd:a9:ba:20:01:d2:47:8c:39:79:72:2c:36:46:
         22:15:25:87:f2:33:80:79:7f:f5:07:26:6a:88:89:8d:47:7d:
         9d:32:5b:d8:e6:97:8c:60:0b:55:d3:77:fe:ea:be:25:50:3d:
         5c:c8:7a:12:d4:d8:20:6e:fe:42:77:4a:52:00:82:63:25:d6:
         d7:24:ed:16:d5:26:4e:f3:b0:d3:3a:f7:d3:8b:15:b0:9d:46:
         24:8f:88:46:4b:89:cd:61:e1:90:ef:6d:dc:aa:27:e3:4d:d4:
         50:93:49:7e:b2:da:fa:e2:ce:bf:d8:ab:c2:b7:0b:a8:68:bd:
         d0:5f:3d:fc:e9:9a:fa:21:45:78:bb:61:5f:19:f8:76:d3:ee:
         d1:13:59:ec:ad:aa:a4:35:ba:14:8d:24:6d:bc:dd:18:0f:6d:
         3d:9b:b9:9b:c5:e1:0d:fa:18:2b:1b:59:fe:46:d0:d9:b0:cd:
         a5:fc:2b:d0:97:f3:41:e9:52:bc:22:1d:25:8a:78:26:eb:48:
         72:ef:fb:a8:a2:e0:3b:cd:ae:3c:d3:30:83:d6:fe:a0:f4:28:
         b4:eb:8c:b4:0c:7b:c6:e2:54:64:8b:60:b4:6a:6d:82:3b:9d:
         b8:65:f8:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu79ALR9uiXl/pBXxOGPBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYWYxZDdmMzZiMTg2NTgwMjUzNWU0OWE3MzMxZTAzNWFk
MDEwMDgwHhcNMjMwMTAxMjAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2JiMDQ5ZmIyZmFhOTlhMTY2MThjOGM2NTNiZmQ4N2JiNzBiNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof1Uo+cczhvxHqiVd4zCQWdpAPi9
7pdWbDr9yDODc6TWthBjkN72h073zkoV82RpxBPR3+t8wIKdsvpC8M3UPsh515IO
hHggyzTLTePGSjleNDTavS0AH1KTm+LciltYCh0rR1xE+hYI1ZlVuCTCEL4opzOr
3Jx61nYmATWY1KAvNOxRAZRHWA1213CzzWq+n0oWariFRzFFCiz8bFF3YI0sY4+n
d4AldKVeVK7IKNiZpLmvdD9hEe78YVgcYwHWtMkjhUH2G+iQX7aqAHV92DPBUILp
VmVT92zqsfOlH2fR3SZ6pboo5LbXL/khYN20T5ddehc4n603ev5/tWwMcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHO7BJ+y+qmaFmGMjGU7/Ye7cLcGMB8GA1UdIwQY
MBaAFGKvHX82sYZYAlNeSaczHgNa0BAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXE4ZGZ6YXhobGdDVTE1SnB6TWVBMXJRRUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9lZDk2YzUtZDYzMy00MDJmLThlMDAt
MmIxZDY3NDU5NWI3LzEvYzdzRW43TDZxWm9XWVl5TVpUdjloN3R3dHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9lZDk2YzUtZDYzMy00MDJmLThlMDAtMmIxZDY3NDU5NWI3
LzEvWXE4ZGZ6YXhobGdDVTE1SnB6TWVBMXJRRUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7YoMA0G
CSqGSIb3DQEBCwUAA4IBAQBwxX981ZbBL/AszcatqaHCgjPTyFTM/am6IAHSR4w5
eXIsNkYiFSWH8jOAeX/1ByZqiImNR32dMlvY5peMYAtV03f+6r4lUD1cyHoS1Ngg
bv5Cd0pSAIJjJdbXJO0W1SZO87DTOvfTixWwnUYkj4hGS4nNYeGQ723cqifjTdRQ
k0l+str64s6/2KvCtwuoaL3QXz386Zr6IUV4u2FfGfh20+7RE1nsraqkNboUjSRt
vN0YD209m7mbxeEN+hgrG1n+RtDZsM2l/CvQl/NB6VK8Ih0lingm60hy7/uoouA7
za480zCD1v6g9Ci064y0DHvG4lRki2C0am2CO524ZfiA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:42 2024 by rpki-client on console-fra.rpki-client.org