Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/Ifihay80ab4TqpsTMysjLhgOW-Q.roa
File:                     Ifihay80ab4TqpsTMysjLhgOW-Q.roa (raw, json)
Hash identifier:          8q0q03i65rsa7x9ibghlXt2rIM5na/UWh6PYzQcYtw4=
Subject key identifier:   21:F8:A1:6B:2F:34:69:BE:13:AA:9B:13:33:2B:23:2E:18:0E:5B:E4
Certificate issuer:       /CN=0f47dc7ff485b8413be38f5bee80917330b31738
Certificate serial:       01894F1407B75A99254B7B00F053A2F29183
Authority key identifier: 0F:47:DC:7F:F4:85:B8:41:3B:E3:8F:5B:EE:80:91:73:30:B3:17:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/Ifihay80ab4TqpsTMysjLhgOW-Q.roa
Signing time:             Thu 13 Jul 2023 11:47:39 +0000
ROA not before:           Thu 13 Jul 2023 11:47:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44858
IP address blocks:        93.95.0.0/21 maxlen: 21
                          93.95.2.0/24 maxlen: 24
                          93.95.0.0/24 maxlen: 24
                          93.95.1.0/24 maxlen: 24
                          93.95.3.0/24 maxlen: 24
                          93.95.4.0/24 maxlen: 24
                          93.95.7.0/24 maxlen: 24
                          93.95.5.0/24 maxlen: 24
                          93.95.6.0/24 maxlen: 24
                          2a03:5d80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 07 Nov 2023 11:46:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:4f:14:07:b7:5a:99:25:4b:7b:00:f0:53:a2:f2:91:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f47dc7ff485b8413be38f5bee80917330b31738
        Validity
            Not Before: Jul 13 11:47:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=21f8a16b2f3469be13aa9b13332b232e180e5be4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b0:33:4e:2f:c1:59:ee:b7:b4:cb:92:24:d6:
                    36:94:05:cb:33:52:65:85:a1:6e:da:fd:3a:1a:b1:
                    47:a5:be:44:02:48:2e:a5:14:62:fd:75:81:26:b7:
                    e4:21:61:ae:e3:0f:c2:d2:06:e4:e3:c3:8d:78:76:
                    7a:4b:41:72:d8:48:f2:20:34:80:ae:ee:89:05:a4:
                    1a:93:7b:13:8f:62:64:b1:15:41:76:01:8b:c7:50:
                    88:f2:8b:40:9c:03:50:df:1c:93:c9:e9:e6:9b:9c:
                    fa:04:f5:bf:d3:e0:77:34:ba:0d:d3:3b:b4:fd:e7:
                    19:90:76:51:04:2d:30:27:df:c7:52:ec:aa:18:59:
                    2d:31:20:35:e3:e9:92:41:5c:03:77:69:9a:77:06:
                    46:9b:0d:2e:e3:1b:f2:be:68:4d:97:7e:23:21:c3:
                    e8:d2:0a:43:6a:43:cc:aa:68:eb:7d:67:2c:50:c5:
                    7a:5b:f3:ca:18:86:39:56:a6:01:1d:f0:f7:00:be:
                    92:a1:d6:b2:57:dd:95:a2:98:f0:4c:47:5c:cf:94:
                    21:7e:e8:aa:1c:00:e8:b7:11:ce:ce:cc:2b:ac:f4:
                    0e:38:5a:ed:59:49:a1:a3:3a:5b:e6:2f:af:fe:3b:
                    a8:c1:99:1e:1c:3c:c5:de:ac:b4:ea:63:71:90:87:
                    9b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:F8:A1:6B:2F:34:69:BE:13:AA:9B:13:33:2B:23:2E:18:0E:5B:E4
            X509v3 Authority Key Identifier:
                keyid:0F:47:DC:7F:F4:85:B8:41:3B:E3:8F:5B:EE:80:91:73:30:B3:17:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/Ifihay80ab4TqpsTMysjLhgOW-Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/D0fcf_SFuEE7449b7oCRczCzFzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.95.0.0/21
                IPv6:
                  2a03:5d80::/32

    Signature Algorithm: sha256WithRSAEncryption
         39:60:76:eb:ac:99:b5:ad:1c:64:04:d9:75:54:ce:cf:5b:b0:
         9c:ca:1c:4c:66:66:30:08:01:04:f1:44:49:db:61:2b:3b:99:
         5c:86:fd:15:c5:cc:8d:5f:0c:30:9b:bd:df:f0:69:e1:bd:cf:
         b5:96:0a:3c:d4:c8:f9:b0:18:dc:3e:67:38:2f:2a:4d:5e:9d:
         92:35:8e:13:ec:4d:2d:32:72:9f:32:d6:25:af:39:68:33:ab:
         46:19:43:d9:0b:cb:32:9b:bc:9f:55:59:5b:5c:11:b9:24:e6:
         25:f9:3e:7b:7c:43:54:ec:5f:60:19:17:16:02:00:21:38:ba:
         c5:17:7b:c7:01:62:89:3c:03:5b:19:8f:dd:32:19:9f:e4:6b:
         0f:a3:a8:a4:50:59:5a:68:18:9b:9f:95:c7:9a:7d:14:17:df:
         26:cf:57:5e:17:97:e0:4a:52:11:cd:0c:30:88:db:26:f1:8c:
         7b:da:d1:6d:fb:4c:e5:c4:e4:ce:91:45:6b:70:53:ca:a6:01:
         c0:92:74:76:56:4f:3f:d5:fe:19:98:5d:dd:0f:2a:cb:73:9d:
         df:88:97:d3:b7:ab:37:6f:02:a3:4d:e9:c6:a9:b9:47:ea:0b:
         f5:c8:41:ac:84:38:ff:00:76:14:0b:74:6b:b4:ff:70:d9:af:
         4e:44:22:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlPFAe3WpklS3sA8FOi8pGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDdkYzdmZjQ4NWI4NDEzYmUzOGY1YmVlODA5MTczMzBi
MzE3MzgwHhcNMjMwNzEzMTE0NzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWY4YTE2YjJmMzQ2OWJlMTNhYTliMTMzMzJiMjMyZTE4MGU1YmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrAzTi/BWe63tMuSJNY2lAXLM1Jl
haFu2v06GrFHpb5EAkgupRRi/XWBJrfkIWGu4w/C0gbk48ONeHZ6S0Fy2EjyIDSA
ru6JBaQak3sTj2JksRVBdgGLx1CI8otAnANQ3xyTyenmm5z6BPW/0+B3NLoN0zu0
/ecZkHZRBC0wJ9/HUuyqGFktMSA14+mSQVwDd2madwZGmw0u4xvyvmhNl34jIcPo
0gpDakPMqmjrfWcsUMV6W/PKGIY5VqYBHfD3AL6SodayV92VopjwTEdcz5Qhfuiq
HADotxHOzswrrPQOOFrtWUmhozpb5i+v/juowZkeHDzF3qy06mNxkIebwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCH4oWsvNGm+E6qbEzMrIy4YDlvkMB8GA1UdIwQY
MBaAFA9H3H/0hbhBO+OPW+6AkXMwsxc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBmY2ZfU0Z1RUU3NDQ5YjdvQ1JjekN6RnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZjUwNzgtMjI0My00ZmRiLWFiMmIt
MmQ4NDdhM2Y3ZDJmLzEvSWZpaGF5ODBhYjRUcXBzVE15c2pMaGdPVy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZjUwNzgtMjI0My00ZmRiLWFiMmItMmQ4NDdhM2Y3ZDJm
LzEvRDBmY2ZfU0Z1RUU3NDQ5YjdvQ1JjekN6RnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXV8AMA0E
AgACMAcDBQAqA12AMA0GCSqGSIb3DQEBCwUAA4IBAQA5YHbrrJm1rRxkBNl1VM7P
W7CcyhxMZmYwCAEE8URJ22ErO5lchv0VxcyNXwwwm73f8Gnhvc+1lgo81Mj5sBjc
Pmc4LypNXp2SNY4T7E0tMnKfMtYlrzloM6tGGUPZC8sym7yfVVlbXBG5JOYl+T57
fENU7F9gGRcWAgAhOLrFF3vHAWKJPANbGY/dMhmf5GsPo6ikUFlaaBibn5XHmn0U
F98mz1deF5fgSlIRzQwwiNsm8Yx72tFt+0zlxOTOkUVrcFPKpgHAknR2Vk8/1f4Z
mF3dDyrLc53fiJfTt6s3bwKjTenGqblH6gv1yEGshDj/AHYUC3RrtP9w2a9ORCJ6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:41 2024 by rpki-client on console-ams.rpki-client.org