Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/07e9aa-a980-46a6-9e84-8a0102ae7a9f/1/Crs5uElaZtD5ITJkEP813MtEgBQ.roa
File:                     Crs5uElaZtD5ITJkEP813MtEgBQ.roa (raw, json)
Hash identifier:          8wOo+IT9VDxp5+VPOrum7npo/0C/8d2jKvMroFEYw74=
Subject key identifier:   0A:BB:39:B8:49:5A:66:D0:F9:21:32:64:10:FF:35:DC:CB:44:80:14
Certificate issuer:       /CN=b7850a9e5e7be3b4d2b642265f825b850c072366
Certificate serial:       018F77B59B384FE1E4B3BB07A67863B8C701
Authority key identifier: B7:85:0A:9E:5E:7B:E3:B4:D2:B6:42:26:5F:82:5B:85:0C:07:23:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t4UKnl5747TStkImX4JbhQwHI2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/07e9aa-a980-46a6-9e84-8a0102ae7a9f/1/Crs5uElaZtD5ITJkEP813MtEgBQ.roa
Signing time:             Tue 14 May 2024 15:25:41 +0000
ROA not before:           Tue 14 May 2024 15:25:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3257
IP address blocks:        195.14.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 16:12:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:77:b5:9b:38:4f:e1:e4:b3:bb:07:a6:78:63:b8:c7:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b7850a9e5e7be3b4d2b642265f825b850c072366
        Validity
            Not Before: May 14 15:25:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0abb39b8495a66d0f921326410ff35dccb448014
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:fa:3c:4a:01:a0:68:f4:94:ae:88:b1:d7:a3:
                    a8:9b:7f:1f:73:a1:97:2b:a5:e9:76:6b:92:c5:b6:
                    72:42:53:17:4f:5a:c6:d5:19:85:a8:18:ac:e6:4d:
                    5e:af:0f:0b:3a:08:14:01:de:79:d6:40:78:82:f1:
                    28:bc:64:8f:67:3c:72:09:e1:08:95:0e:28:89:6f:
                    03:37:d8:fb:a2:6f:be:41:61:f8:14:41:93:ba:ca:
                    05:8e:ed:f5:bb:21:f0:ca:d3:53:b5:d9:73:2c:f6:
                    0f:02:2b:a0:b4:20:7b:83:9d:af:0d:7f:41:07:38:
                    e5:b2:1f:1e:97:10:95:dd:1d:a4:01:ed:b5:67:5d:
                    4f:bd:e9:6e:7b:e4:40:3b:9e:81:e2:62:e1:b3:2e:
                    a0:8a:4d:37:07:39:46:ed:75:36:c9:cd:0d:bb:72:
                    bf:a7:d2:16:79:d9:2f:a7:e9:1c:b2:c7:90:e0:ef:
                    89:66:0a:90:86:c9:a5:97:20:af:b1:5c:93:ed:84:
                    df:b0:70:1a:d2:2a:91:79:b0:40:15:fe:ab:86:d4:
                    af:e9:b0:9b:76:2c:49:04:15:b8:98:40:a9:35:7c:
                    2a:b3:0b:1b:7d:ba:a8:27:48:a5:d6:19:c0:33:26:
                    a1:b3:a7:19:05:92:23:4c:36:66:e6:c9:c9:7c:03:
                    72:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:BB:39:B8:49:5A:66:D0:F9:21:32:64:10:FF:35:DC:CB:44:80:14
            X509v3 Authority Key Identifier:
                keyid:B7:85:0A:9E:5E:7B:E3:B4:D2:B6:42:26:5F:82:5B:85:0C:07:23:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4UKnl5747TStkImX4JbhQwHI2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/07e9aa-a980-46a6-9e84-8a0102ae7a9f/1/Crs5uElaZtD5ITJkEP813MtEgBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/07e9aa-a980-46a6-9e84-8a0102ae7a9f/1/t4UKnl5747TStkImX4JbhQwHI2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.14.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:85:5a:b3:ee:0b:c6:a2:1f:89:17:e8:5f:e3:17:5d:59:82:
         f9:4f:b6:ab:46:d2:5d:15:52:aa:df:cc:95:80:dc:57:17:09:
         22:d0:3d:6d:8f:75:bc:1f:db:40:1d:e4:45:65:6c:ba:fc:84:
         62:5a:3b:0a:06:be:c3:db:15:89:4c:31:b5:3f:7b:f1:0d:79:
         78:3d:f8:25:92:e7:76:61:13:68:25:dc:a4:f0:b9:84:f0:a6:
         61:f3:09:b7:23:f0:02:95:2b:35:c3:83:70:69:93:7c:c5:d8:
         ed:9d:fc:5a:c7:7a:bd:e8:12:dc:f4:3b:ee:d0:50:29:3e:44:
         1f:02:a9:19:d9:59:05:ae:7c:f5:46:c9:a1:c6:42:82:34:13:
         60:d5:60:5f:16:c5:d5:78:65:dc:36:68:db:97:db:66:2e:bb:
         20:2e:d1:b9:a5:30:7d:d8:c8:2e:92:62:d8:5d:1c:83:dd:ac:
         12:4c:1c:dc:26:23:55:bd:6b:e3:a6:06:1b:d2:37:ac:02:49:
         51:a8:ed:c6:03:fe:1f:e5:de:80:31:0f:e9:41:3b:8f:a5:7f:
         9b:9f:5b:82:94:fe:69:4b:70:24:a9:6f:84:2f:71:37:c8:88:
         f2:00:49:0e:0e:09:ed:5a:95:03:69:b9:03:e0:70:80:7a:8e:
         01:42:d8:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY93tZs4T+Hks7sHpnhjuMcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODUwYTllNWU3YmUzYjRkMmI2NDIyNjVmODI1Yjg1MGMw
NzIzNjYwHhcNMjQwNTE0MTUyNTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJiMzliODQ5NWE2NmQwZjkyMTMyNjQxMGZmMzVkY2NiNDQ4MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvo8SgGgaPSUroix16Oom38fc6GX
K6XpdmuSxbZyQlMXT1rG1RmFqBis5k1erw8LOggUAd551kB4gvEovGSPZzxyCeEI
lQ4oiW8DN9j7om++QWH4FEGTusoFju31uyHwytNTtdlzLPYPAiugtCB7g52vDX9B
Bzjlsh8elxCV3R2kAe21Z11Pvelue+RAO56B4mLhsy6gik03BzlG7XU2yc0Nu3K/
p9IWedkvp+kcsseQ4O+JZgqQhsmllyCvsVyT7YTfsHAa0iqRebBAFf6rhtSv6bCb
dixJBBW4mECpNXwqswsbfbqoJ0il1hnAMyahs6cZBZIjTDZm5snJfANyewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAq7ObhJWmbQ+SEyZBD/NdzLRIAUMB8GA1UdIwQY
MBaAFLeFCp5ee+O00rZCJl+CW4UMByNmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRVS25sNTc0N1RTdGtJbVg0SmJoUXdISTJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wN2U5YWEtYTk4MC00NmE2LTllODQt
OGEwMTAyYWU3YTlmLzEvQ3JzNXVFbGFadEQ1SVRKa0VQODEzTXRFZ0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wN2U5YWEtYTk4MC00NmE2LTllODQtOGEwMTAyYWU3YTlm
LzEvdDRVS25sNTc0N1RTdGtJbVg0SmJoUXdISTJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAww4JMA0G
CSqGSIb3DQEBCwUAA4IBAQC3hVqz7gvGoh+JF+hf4xddWYL5T7arRtJdFVKq38yV
gNxXFwki0D1tj3W8H9tAHeRFZWy6/IRiWjsKBr7D2xWJTDG1P3vxDXl4Pfglkud2
YRNoJdyk8LmE8KZh8wm3I/AClSs1w4NwaZN8xdjtnfxax3q96BLc9Dvu0FApPkQf
AqkZ2VkFrnz1RsmhxkKCNBNg1WBfFsXVeGXcNmjbl9tmLrsgLtG5pTB92MgukmLY
XRyD3awSTBzcJiNVvWvjpgYb0jesAklRqO3GA/4f5d6AMQ/pQTuPpX+bn1uClP5p
S3AkqW+EL3E3yIjyAEkODgntWpUDabkD4HCAeo4BQtiv
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:55 2024 by rpki-client on console-ams.rpki-client.org