Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/p2KVN37wMz_oqmRT-wFalYTRz-g.roa
File:                     p2KVN37wMz_oqmRT-wFalYTRz-g.roa (raw, json)
Hash identifier:          atGeH5FF/PyyBNr+vuIrql0Svew5UsNWATUYydNa4K0=
Subject key identifier:   A7:62:95:37:7E:F0:33:3F:E8:AA:64:53:FB:01:5A:95:84:D1:CF:E8
Certificate issuer:       /CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
Certificate serial:       0185715540B235EDFF136B49E370190C48FB
Authority key identifier: C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/p2KVN37wMz_oqmRT-wFalYTRz-g.roa
Signing time:             Mon 02 Jan 2023 07:14:50 +0000
ROA not before:           Mon 02 Jan 2023 07:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        188.95.140.0/24 maxlen: 24
                          188.95.141.0/24 maxlen: 24
                          188.95.142.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:55:40:b2:35:ed:ff:13:6b:49:e3:70:19:0c:48:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c255989d579c4b5eade852f97f62e9bf2cfbde3c
        Validity
            Not Before: Jan  2 07:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a76295377ef0333fe8aa6453fb015a9584d1cfe8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:17:36:c0:40:83:f9:12:50:f3:8b:c1:1b:1a:
                    40:e0:d2:d7:03:8a:f7:51:cc:a9:d5:34:c9:1c:0d:
                    52:17:bc:71:6a:a9:3f:24:48:e4:74:ae:4c:3b:de:
                    56:77:1a:95:f9:b2:ab:87:20:74:b5:95:e4:b3:74:
                    17:08:71:7c:b1:6e:10:91:ff:7e:d0:92:ee:bc:d8:
                    51:1f:c1:36:9d:8d:9a:95:5a:18:e0:8e:6c:7f:86:
                    78:be:bc:3c:2d:6f:fe:bb:89:e3:51:cd:2c:5b:72:
                    c5:d1:3a:3a:32:ff:c5:42:f1:2b:85:e1:7a:68:c3:
                    5d:95:65:73:c1:3a:7d:32:9f:18:c7:9f:30:0e:82:
                    09:88:b8:2c:5e:55:38:cf:8b:d0:20:e2:55:fc:5c:
                    dd:d0:7a:f4:91:cd:57:23:62:71:b0:84:d2:e1:02:
                    35:2f:87:e1:50:79:ad:5d:5f:d2:8e:bb:63:5f:c8:
                    38:a5:1f:1f:56:fe:36:fe:79:67:a4:80:7a:d0:27:
                    4a:b5:60:d7:e8:5f:9f:df:d6:e4:94:d7:34:6c:f0:
                    3e:60:27:2e:08:39:6d:9a:37:55:8c:57:e2:6d:6f:
                    44:e2:b1:06:76:a8:97:e9:70:f4:c3:68:dd:ee:8b:
                    13:ba:8d:75:ff:e4:0d:97:50:02:9a:91:40:09:e1:
                    3b:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:62:95:37:7E:F0:33:3F:E8:AA:64:53:FB:01:5A:95:84:D1:CF:E8
            X509v3 Authority Key Identifier:
                keyid:C2:55:98:9D:57:9C:4B:5E:AD:E8:52:F9:7F:62:E9:BF:2C:FB:DE:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wlWYnVecS16t6FL5f2Lpvyz73jw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/p2KVN37wMz_oqmRT-wFalYTRz-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/720394-cf71-40a3-a538-ed01ed7c129b/1/wlWYnVecS16t6FL5f2Lpvyz73jw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.95.140.0-188.95.142.255

    Signature Algorithm: sha256WithRSAEncryption
         b8:0e:81:40:d3:83:5f:e2:0b:cf:cd:5c:bf:6c:a3:77:a9:a6:
         f5:57:fd:a3:5f:4d:dc:3a:37:bd:83:e2:b7:7c:04:30:f5:8f:
         4c:f9:48:ec:5d:f2:ff:f6:63:ee:bb:61:79:da:d5:06:1c:0e:
         c0:49:76:ba:fe:d6:34:ac:65:b2:62:60:50:99:c3:7e:05:1f:
         59:ef:74:8c:20:2d:82:22:d5:db:77:13:8e:d9:a1:e5:ff:6f:
         61:55:b4:77:33:94:67:ea:24:e5:4c:19:93:7a:6e:38:e0:19:
         3e:06:28:c9:62:15:32:29:52:8e:b5:2d:17:8c:c3:9c:0c:5b:
         54:fd:a5:98:2d:2b:82:e9:b6:6b:11:e3:6f:10:e1:87:3e:6c:
         c0:20:ab:ec:fc:0d:1d:46:7a:82:e3:4d:c6:3d:40:8d:dd:4e:
         8c:fc:09:19:45:a1:a4:0d:47:bb:09:f7:2e:a0:1d:ed:f3:95:
         7b:3e:78:30:fa:98:2b:58:8a:15:91:f3:af:f0:7c:b5:f7:f0:
         a0:54:bb:4c:0e:10:81:f3:08:12:24:15:e1:7a:aa:f4:40:33:
         ec:53:05:df:4b:b9:87:3d:a5:bb:3a:f6:d9:03:d2:6d:64:c0:
         39:8f:62:cb:e7:a5:c4:96:6f:79:d1:cf:37:46:88:f4:6f:8f:
         60:f6:d8:57
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxVUCyNe3/E2tJ43AZDEj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNTU5ODlkNTc5YzRiNWVhZGU4NTJmOTdmNjJlOWJmMmNm
YmRlM2MwHhcNMjMwMTAyMDcxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzYyOTUzNzdlZjAzMzNmZThhYTY0NTNmYjAxNWE5NTg0ZDFjZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRc2wECD+RJQ84vBGxpA4NLXA4r3
Ucyp1TTJHA1SF7xxaqk/JEjkdK5MO95WdxqV+bKrhyB0tZXks3QXCHF8sW4Qkf9+
0JLuvNhRH8E2nY2alVoY4I5sf4Z4vrw8LW/+u4njUc0sW3LF0To6Mv/FQvErheF6
aMNdlWVzwTp9Mp8Yx58wDoIJiLgsXlU4z4vQIOJV/Fzd0Hr0kc1XI2JxsITS4QI1
L4fhUHmtXV/SjrtjX8g4pR8fVv42/nlnpIB60CdKtWDX6F+f39bklNc0bPA+YCcu
CDltmjdVjFfibW9E4rEGdqiX6XD0w2jd7osTuo11/+QNl1ACmpFACeE7TwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKdilTd+8DM/6KpkU/sBWpWE0c/oMB8GA1UdIwQY
MBaAFMJVmJ1XnEterehS+X9i6b8s+948MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2xXWW5WZWNTMTZ0NkZMNWYyTHB2eXo3M2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83MjAzOTQtY2Y3MS00MGEzLWE1Mzgt
ZWQwMWVkN2MxMjliLzEvcDJLVk4zN3dNel9vcW1SVC13RmFsWVRSei1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83MjAzOTQtY2Y3MS00MGEzLWE1MzgtZWQwMWVkN2MxMjli
LzEvd2xXWW5WZWNTMTZ0NkZMNWYyTHB2eXo3M2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK8X4wD
BAC8X44wDQYJKoZIhvcNAQELBQADggEBALgOgUDTg1/iC8/NXL9so3eppvVX/aNf
Tdw6N72D4rd8BDD1j0z5SOxd8v/2Y+67YXna1QYcDsBJdrr+1jSsZbJiYFCZw34F
H1nvdIwgLYIi1dt3E47ZoeX/b2FVtHczlGfqJOVMGZN6bjjgGT4GKMliFTIpUo61
LReMw5wMW1T9pZgtK4LptmsR428Q4Yc+bMAgq+z8DR1GeoLjTcY9QI3dToz8CRlF
oaQNR7sJ9y6gHe3zlXs+eDD6mCtYihWR86/wfLX38KBUu0wOEIHzCBIkFeF6qvRA
M+xTBd9LuYc9pbs69tkD0m1kwDmPYsvnpcSWb3nRzzdGiPRvj2D22Fc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:11 2024 by rpki-client on console-fra.rpki-client.org