Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/rg5UQMJGgjmJafpcBcQcMrm8v0k.roa
File:                     rg5UQMJGgjmJafpcBcQcMrm8v0k.roa (raw, json)
Hash identifier:          lZoHGGqVuvh271I1KMDxqStVX+B+JuM4rz2H+q3MEdA=
Subject key identifier:   AE:0E:54:40:C2:46:82:39:89:69:FA:5C:05:C4:1C:32:B9:BC:BF:49
Certificate issuer:       /CN=332293d0399160788b31e438760dc3bd1ed882eb
Certificate serial:       018FF1995080DAF5A2C737E3A720E350DD08
Authority key identifier: 33:22:93:D0:39:91:60:78:8B:31:E4:38:76:0D:C3:BD:1E:D8:82:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/rg5UQMJGgjmJafpcBcQcMrm8v0k.roa
Signing time:             Fri 07 Jun 2024 07:28:27 +0000
ROA not before:           Fri 07 Jun 2024 07:28:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50188
IP address blocks:        95.215.194.0/24 maxlen: 24
                          95.215.196.0/24 maxlen: 24
                          95.215.197.0/24 maxlen: 24
                          95.215.198.0/24 maxlen: 24
                          95.215.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 07:52:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:f1:99:50:80:da:f5:a2:c7:37:e3:a7:20:e3:50:dd:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=332293d0399160788b31e438760dc3bd1ed882eb
        Validity
            Not Before: Jun  7 07:28:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ae0e5440c24682398969fa5c05c41c32b9bcbf49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:11:70:53:3b:f8:9a:13:be:ea:f0:ea:73:58:
                    ba:88:cb:2e:94:0c:b4:95:09:fb:8c:39:e5:cd:90:
                    87:bb:88:93:aa:f1:25:f7:c4:52:4f:2c:a2:fe:71:
                    fe:0c:c9:df:a4:27:e3:6e:85:e7:42:96:44:c0:6c:
                    c5:8d:bf:20:bb:e7:b0:2f:b6:3c:f0:4f:32:14:46:
                    f8:79:3a:08:e0:1e:1b:9e:5b:71:69:42:01:98:fe:
                    7a:6c:1a:e4:7a:75:ed:36:82:13:00:52:a4:9b:96:
                    13:27:e6:0f:39:0d:bb:a1:49:98:9b:69:58:36:14:
                    dc:12:b7:95:72:97:50:f1:30:60:92:6d:f3:b1:aa:
                    8e:d7:e1:ff:92:8e:19:20:ad:f5:e9:60:37:e8:0c:
                    3c:53:f9:1d:42:6c:0b:23:fc:25:e4:40:c4:f9:d8:
                    08:be:51:64:91:20:fe:e1:82:80:40:0a:c8:9f:70:
                    3b:60:62:03:00:34:72:e3:89:67:d5:fa:ed:8a:46:
                    9c:2c:02:86:88:63:cd:1c:33:8c:c1:8f:af:37:5a:
                    62:83:7d:21:90:78:64:66:46:08:e4:d1:0f:e1:35:
                    e2:62:b5:c9:77:be:20:ff:12:78:15:a1:f6:83:d3:
                    5b:f2:15:a8:09:74:93:80:b0:4f:f7:03:c0:45:53:
                    cf:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:0E:54:40:C2:46:82:39:89:69:FA:5C:05:C4:1C:32:B9:BC:BF:49
            X509v3 Authority Key Identifier:
                keyid:33:22:93:D0:39:91:60:78:8B:31:E4:38:76:0D:C3:BD:1E:D8:82:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/rg5UQMJGgjmJafpcBcQcMrm8v0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.215.194.0/24
                  95.215.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9b:e6:b3:16:b8:12:6f:ea:38:bb:21:9f:95:c7:88:eb:bb:47:
         5e:aa:8d:bb:4a:80:6f:39:5c:00:05:f9:4b:69:a9:5b:b7:27:
         a5:9f:82:d2:df:ec:19:46:d4:73:7b:ad:58:09:e7:13:4e:40:
         79:0f:ce:3a:29:b3:c9:66:9d:7e:39:3c:49:59:6c:78:be:55:
         4c:7c:7c:07:47:c4:93:b6:dc:6e:25:3f:22:71:1f:d5:ce:c1:
         09:65:37:98:8c:96:a4:be:e3:82:03:37:f5:1c:cd:24:4f:95:
         2a:1a:11:1f:13:d9:5a:4f:80:29:44:a2:36:b9:5c:60:cf:d2:
         b7:17:fa:30:4c:cf:cc:83:ae:4b:ce:82:51:73:62:9b:43:e1:
         90:96:b7:3a:97:8c:15:82:2e:6f:c5:43:a0:89:be:eb:2e:a4:
         e7:11:42:59:57:07:ed:ac:99:0f:f4:e8:99:20:f1:c9:e1:c2:
         bc:85:6c:07:8a:7e:e2:83:57:25:11:ee:8a:23:a5:9b:3e:34:
         3d:b4:dc:fb:8a:27:f7:78:8e:a0:91:63:4e:04:ed:0d:39:28:
         db:b4:18:9a:15:e5:1f:f4:9d:c7:09:0b:4e:6c:34:c7:29:c3:
         75:bd:cd:e4:36:64:4f:96:9d:62:68:96:b7:6b:d7:d6:51:c4:
         54:34:07:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/xmVCA2vWixzfjpyDjUN0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMjI5M2QwMzk5MTYwNzg4YjMxZTQzODc2MGRjM2JkMWVk
ODgyZWIwHhcNMjQwNjA3MDcyODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBlNTQ0MGMyNDY4MjM5ODk2OWZhNWMwNWM0MWMzMmI5YmNiZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBFwUzv4mhO+6vDqc1i6iMsulAy0
lQn7jDnlzZCHu4iTqvEl98RSTyyi/nH+DMnfpCfjboXnQpZEwGzFjb8gu+ewL7Y8
8E8yFEb4eToI4B4bnltxaUIBmP56bBrkenXtNoITAFKkm5YTJ+YPOQ27oUmYm2lY
NhTcEreVcpdQ8TBgkm3zsaqO1+H/ko4ZIK316WA36Aw8U/kdQmwLI/wl5EDE+dgI
vlFkkSD+4YKAQArIn3A7YGIDADRy44ln1frtikacLAKGiGPNHDOMwY+vN1pig30h
kHhkZkYI5NEP4TXiYrXJd74g/xJ4FaH2g9Nb8hWoCXSTgLBP9wPARVPPCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4OVEDCRoI5iWn6XAXEHDK5vL9JMB8GA1UdIwQY
MBaAFDMik9A5kWB4izHkOHYNw70e2ILrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXlLVDBEbVJZSGlMTWVRNGRnM0R2UjdZZ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9jOGIxZTUtN2I5NS00Y2E3LWIyYmEt
MjIyZmUzNDgyNjhhLzEvcmc1VVFNSkdnam1KYWZwY0JjUWNNcm04djBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9jOGIxZTUtN2I5NS00Y2E3LWIyYmEtMjIyZmUzNDgyNjhh
LzEvTXlLVDBEbVJZSGlMTWVRNGRnM0R2UjdZZ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9fCAwQC
X9fEMA0GCSqGSIb3DQEBCwUAA4IBAQCb5rMWuBJv6ji7IZ+Vx4jru0deqo27SoBv
OVwABflLaalbtyeln4LS3+wZRtRze61YCecTTkB5D846KbPJZp1+OTxJWWx4vlVM
fHwHR8STttxuJT8icR/VzsEJZTeYjJakvuOCAzf1HM0kT5UqGhEfE9laT4ApRKI2
uVxgz9K3F/owTM/Mg65LzoJRc2KbQ+GQlrc6l4wVgi5vxUOgib7rLqTnEUJZVwft
rJkP9OiZIPHJ4cK8hWwHin7ig1clEe6KI6WbPjQ9tNz7iif3eI6gkWNOBO0NOSjb
tBiaFeUf9J3HCQtObDTHKcN1vc3kNmRPlp1iaJa3a9fWUcRUNAf9
-----END CERTIFICATE-----
Generated at Tue Jun 11 12:41:26 2024 by rpki-client on console-ams.rpki-client.org