Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/36e382-2b62-44dc-8fb2-dd50be067401/1/5AzhUnHqSp4Qf_g3QE4o1e6gDxQ.roa
File:                     5AzhUnHqSp4Qf_g3QE4o1e6gDxQ.roa (raw, json)
Hash identifier:          EZg+3TX4EFDvq7/CKk+eCkHnrzfm0I4Itp8eelDDz1E=
Subject key identifier:   E4:0C:E1:52:71:EA:4A:9E:10:7F:F8:37:40:4E:28:D5:EE:A0:0F:14
Certificate issuer:       /CN=d77100a46cc46ae896bdc2e0e074e3055ab8867b
Certificate serial:       0186663ECE0453601287546506405C6BCF11
Authority key identifier: D7:71:00:A4:6C:C4:6A:E8:96:BD:C2:E0:E0:74:E3:05:5A:B8:86:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/13EApGzEauiWvcLg4HTjBVq4hns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/36e382-2b62-44dc-8fb2-dd50be067401/1/5AzhUnHqSp4Qf_g3QE4o1e6gDxQ.roa
Signing time:             Sat 18 Feb 2023 20:37:17 +0000
ROA not before:           Sat 18 Feb 2023 20:37:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8708
IP address blocks:        195.254.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Sep 2023 16:24:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:66:3e:ce:04:53:60:12:87:54:65:06:40:5c:6b:cf:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d77100a46cc46ae896bdc2e0e074e3055ab8867b
        Validity
            Not Before: Feb 18 20:37:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e40ce15271ea4a9e107ff837404e28d5eea00f14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2e:e2:e3:9e:5f:44:89:b9:67:aa:8e:21:b1:
                    28:a9:78:70:5f:0f:97:aa:7c:8b:dd:3f:a5:cf:99:
                    a6:f1:76:e8:9c:6b:a9:54:09:c2:13:50:bb:ec:58:
                    11:36:67:1b:90:52:95:35:d6:ca:88:8d:cf:99:8e:
                    7b:5c:24:77:d4:0f:56:ce:5a:67:b7:bc:e2:26:20:
                    55:58:ea:6f:4c:e0:9a:70:46:92:5b:45:f4:6c:c7:
                    16:2d:30:cc:40:ee:1a:fb:2a:d8:8b:2a:e8:7c:00:
                    be:f1:a9:50:52:5e:b1:7e:9b:17:f7:3c:e4:d8:a4:
                    42:b1:3c:a1:3c:31:ad:8b:38:c9:6e:ff:51:c4:79:
                    1c:e0:7d:68:61:22:12:7b:1a:b0:62:c4:21:62:17:
                    e9:80:d3:4f:7f:fe:e3:15:7b:8f:a2:3c:ba:94:d5:
                    6e:b7:ac:e0:84:9c:2f:d0:8d:6d:81:1f:83:dc:f4:
                    37:20:63:55:0e:6a:7d:7b:36:6e:38:0d:36:bc:c6:
                    2a:67:7a:a8:77:87:9d:19:5c:38:7a:9e:6c:bd:d1:
                    56:a5:95:59:fc:ee:03:22:5c:f3:74:fa:83:cc:30:
                    37:f6:39:77:85:51:94:5d:22:4c:b5:41:d7:40:77:
                    d6:16:81:be:fa:23:a1:bf:10:e9:83:1c:5b:f7:98:
                    b1:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:0C:E1:52:71:EA:4A:9E:10:7F:F8:37:40:4E:28:D5:EE:A0:0F:14
            X509v3 Authority Key Identifier:
                keyid:D7:71:00:A4:6C:C4:6A:E8:96:BD:C2:E0:E0:74:E3:05:5A:B8:86:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13EApGzEauiWvcLg4HTjBVq4hns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/36e382-2b62-44dc-8fb2-dd50be067401/1/5AzhUnHqSp4Qf_g3QE4o1e6gDxQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/36e382-2b62-44dc-8fb2-dd50be067401/1/13EApGzEauiWvcLg4HTjBVq4hns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.254.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:94:fb:62:79:72:61:6b:c6:5a:23:e3:76:b7:fd:e3:87:f7:
         8e:55:82:78:76:4c:1c:22:2d:02:01:82:47:64:51:87:38:16:
         aa:11:21:8c:b6:b6:2a:5d:91:27:d5:b4:1d:c7:b5:39:77:02:
         cc:43:9c:4c:43:77:9a:13:7a:52:59:8e:d4:a9:d1:ae:07:b7:
         a8:23:da:0f:81:a2:16:7a:2c:91:ef:38:ad:46:ea:70:5d:2a:
         af:7a:8f:ec:88:b5:2a:f9:50:28:b7:c4:0e:de:b3:56:dc:54:
         ee:32:c8:0b:8d:78:0a:18:0e:21:54:2d:80:fe:a6:bc:a9:2a:
         aa:6f:0f:05:b5:e6:61:d8:1f:09:bd:cb:0d:38:e0:09:4d:da:
         a7:61:84:12:13:24:a4:9d:bb:71:7f:7e:1f:91:d0:fa:a9:c3:
         a7:77:8a:e4:c8:bd:66:2f:0b:38:cb:6d:e6:bd:5f:54:db:10:
         66:ba:0d:9c:4b:47:9e:0d:4f:be:a3:aa:90:5c:29:51:f7:57:
         41:f0:99:6c:03:ae:9d:50:9c:d1:4c:4c:e3:2d:89:78:25:df:
         b2:88:f4:80:0d:e1:c9:05:7a:a7:f6:4b:34:bd:ff:a7:b9:13:
         cd:e6:ee:18:98:ae:77:82:7f:84:29:97:c6:3d:6c:38:33:3f:
         20:21:db:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZmPs4EU2ASh1RlBkBca88RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NzEwMGE0NmNjNDZhZTg5NmJkYzJlMGUwNzRlMzA1NWFi
ODg2N2IwHhcNMjMwMjE4MjAzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDBjZTE1MjcxZWE0YTllMTA3ZmY4Mzc0MDRlMjhkNWVlYTAwZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi7i455fRIm5Z6qOIbEoqXhwXw+X
qnyL3T+lz5mm8XbonGupVAnCE1C77FgRNmcbkFKVNdbKiI3PmY57XCR31A9Wzlpn
t7ziJiBVWOpvTOCacEaSW0X0bMcWLTDMQO4a+yrYiyrofAC+8alQUl6xfpsX9zzk
2KRCsTyhPDGtizjJbv9RxHkc4H1oYSISexqwYsQhYhfpgNNPf/7jFXuPojy6lNVu
t6zghJwv0I1tgR+D3PQ3IGNVDmp9ezZuOA02vMYqZ3qod4edGVw4ep5svdFWpZVZ
/O4DIlzzdPqDzDA39jl3hVGUXSJMtUHXQHfWFoG++iOhvxDpgxxb95ixuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQM4VJx6kqeEH/4N0BOKNXuoA8UMB8GA1UdIwQY
MBaAFNdxAKRsxGrolr3C4OB04wVauIZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNFQXBHekVhdWlXdmNMZzRIVGpCVnE0aG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8zNmUzODItMmI2Mi00NGRjLThmYjIt
ZGQ1MGJlMDY3NDAxLzEvNUF6aFVuSHFTcDRRZl9nM1FFNG8xZTZnRHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8zNmUzODItMmI2Mi00NGRjLThmYjItZGQ1MGJlMDY3NDAx
LzEvMTNFQXBHekVhdWlXdmNMZzRIVGpCVnE0aG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/6HMA0G
CSqGSIb3DQEBCwUAA4IBAQBQlPtieXJha8ZaI+N2t/3jh/eOVYJ4dkwcIi0CAYJH
ZFGHOBaqESGMtrYqXZEn1bQdx7U5dwLMQ5xMQ3eaE3pSWY7UqdGuB7eoI9oPgaIW
eiyR7zitRupwXSqveo/siLUq+VAot8QO3rNW3FTuMsgLjXgKGA4hVC2A/qa8qSqq
bw8FteZh2B8JvcsNOOAJTdqnYYQSEySknbtxf34fkdD6qcOnd4rkyL1mLws4y23m
vV9U2xBmug2cS0eeDU++o6qQXClR91dB8JlsA66dUJzRTEzjLYl4Jd+yiPSADeHJ
BXqn9ks0vf+nuRPN5u4YmK53gn+EKZfGPWw4Mz8gIdtY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:17 2024 by rpki-client on console-fra.rpki-client.org