Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/S-8KjHrL0ZhkxcXqU2SaFOF7UZY.roa
File:                     S-8KjHrL0ZhkxcXqU2SaFOF7UZY.roa (raw, json)
Hash identifier:          XeLeKQCenbTdQ+d6PzL06njfvSVvxd0aQvtJLkNZGnQ=
Subject key identifier:   4B:EF:0A:8C:7A:CB:D1:98:64:C5:C5:EA:53:64:9A:14:E1:7B:51:96
Certificate issuer:       /CN=0f47dc7ff485b8413be38f5bee80917330b31738
Certificate serial:       01856EA6B92EFA92E8607F15A4750C8FDDCF
Authority key identifier: 0F:47:DC:7F:F4:85:B8:41:3B:E3:8F:5B:EE:80:91:73:30:B3:17:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/S-8KjHrL0ZhkxcXqU2SaFOF7UZY.roa
Signing time:             Sun 01 Jan 2023 18:44:57 +0000
ROA not before:           Sun 01 Jan 2023 18:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44858
IP address blocks:        93.95.0.0/21 maxlen: 24
                          2a03:5d80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 13 Jul 2023 11:47:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:b9:2e:fa:92:e8:60:7f:15:a4:75:0c:8f:dd:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f47dc7ff485b8413be38f5bee80917330b31738
        Validity
            Not Before: Jan  1 18:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4bef0a8c7acbd19864c5c5ea53649a14e17b5196
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:bc:3a:69:c8:d6:63:7f:c9:ed:9c:02:f7:4e:
                    88:2d:1a:6a:b7:d9:2d:d6:d2:4b:02:90:c5:43:fb:
                    05:23:13:05:e7:20:31:85:00:2b:21:7d:8c:9c:21:
                    56:ab:24:8f:9d:7b:58:3c:55:0c:cf:32:d4:21:5c:
                    7c:a9:97:69:0f:bb:a3:e2:c1:57:98:07:de:92:b8:
                    3f:fd:a3:b7:e8:bd:75:50:a9:d7:76:7b:fe:30:39:
                    c1:9a:8b:4c:de:5b:63:b9:27:0c:a4:02:00:0e:ba:
                    61:00:ac:23:d8:6c:6f:5d:09:19:1b:d5:c5:07:62:
                    df:34:f1:b9:ab:a5:2b:fe:b4:e1:4e:1b:eb:70:8c:
                    90:fd:5f:53:20:c7:2e:ba:c2:55:9a:85:7a:8c:a4:
                    5b:52:fe:64:b0:29:08:da:f0:ed:82:aa:88:a5:1a:
                    e3:20:0d:c0:aa:8f:6f:29:d5:33:32:da:ab:a2:be:
                    3a:90:61:b2:6d:42:83:06:ce:1e:d3:d7:0c:68:17:
                    cf:28:c9:dd:13:24:07:4d:6f:05:90:d6:d1:d7:63:
                    ca:da:34:9a:b7:46:9f:61:64:e7:dd:6f:3c:94:be:
                    70:5d:4a:d6:9e:ab:78:42:f6:ec:aa:dc:15:b5:db:
                    d9:f8:ca:8d:a1:e0:66:01:ea:dd:1a:48:af:2d:ae:
                    8b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:EF:0A:8C:7A:CB:D1:98:64:C5:C5:EA:53:64:9A:14:E1:7B:51:96
            X509v3 Authority Key Identifier:
                keyid:0F:47:DC:7F:F4:85:B8:41:3B:E3:8F:5B:EE:80:91:73:30:B3:17:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/S-8KjHrL0ZhkxcXqU2SaFOF7UZY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/D0fcf_SFuEE7449b7oCRczCzFzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.95.0.0/21
                IPv6:
                  2a03:5d80::/32

    Signature Algorithm: sha256WithRSAEncryption
         94:fe:be:e5:72:67:9a:fe:58:80:2f:9a:a0:33:89:46:77:05:
         3e:d3:2d:e8:b1:88:ff:4b:3f:84:54:d0:01:cf:cf:9d:07:48:
         09:44:4d:59:04:2b:1a:2a:87:15:d6:61:a7:6b:c9:90:b3:66:
         76:ad:0b:51:7e:ad:04:e3:2e:47:f9:b6:4f:25:33:b7:f6:7c:
         54:29:43:76:25:cc:95:e9:4f:96:2b:e7:8c:a9:4c:ed:10:3a:
         62:f4:5d:b6:15:f2:02:b1:fc:c4:16:e0:73:09:9b:ec:88:d4:
         d6:93:cf:5e:e8:bc:7d:8b:b0:f5:67:af:2e:0f:55:78:1b:d1:
         5d:04:e0:ee:83:33:82:a4:7d:9c:bd:99:29:e8:51:47:f0:4c:
         d6:03:fb:a5:28:89:21:d0:59:26:10:25:e0:35:ea:5c:ad:40:
         1b:03:df:ec:0e:f5:c7:74:35:de:b5:5c:09:55:b7:c1:72:68:
         4b:cd:f3:e9:4b:f8:4d:40:0d:ec:ea:0b:c2:f2:fb:75:c0:03:
         a0:1a:6d:6f:17:f2:f0:23:de:eb:dd:76:a1:2e:61:56:dd:82:
         24:28:4b:33:1a:24:02:5e:e3:2c:cb:7c:40:af:47:2c:67:bb:
         0a:18:a1:8f:2e:fd:b9:a1:9e:36:4d:5e:9d:33:dd:b9:0e:e8:
         7c:0f:fc:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuprku+pLoYH8VpHUMj93PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDdkYzdmZjQ4NWI4NDEzYmUzOGY1YmVlODA5MTczMzBi
MzE3MzgwHhcNMjMwMTAxMTg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmVmMGE4YzdhY2JkMTk4NjRjNWM1ZWE1MzY0OWExNGUxN2I1MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrw6acjWY3/J7ZwC906ILRpqt9kt
1tJLApDFQ/sFIxMF5yAxhQArIX2MnCFWqySPnXtYPFUMzzLUIVx8qZdpD7uj4sFX
mAfekrg//aO36L11UKnXdnv+MDnBmotM3ltjuScMpAIADrphAKwj2GxvXQkZG9XF
B2LfNPG5q6Ur/rThThvrcIyQ/V9TIMcuusJVmoV6jKRbUv5ksCkI2vDtgqqIpRrj
IA3Aqo9vKdUzMtqror46kGGybUKDBs4e09cMaBfPKMndEyQHTW8FkNbR12PK2jSa
t0afYWTn3W88lL5wXUrWnqt4QvbsqtwVtdvZ+MqNoeBmAerdGkivLa6LqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEvvCox6y9GYZMXF6lNkmhThe1GWMB8GA1UdIwQY
MBaAFA9H3H/0hbhBO+OPW+6AkXMwsxc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBmY2ZfU0Z1RUU3NDQ5YjdvQ1JjekN6RnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZjUwNzgtMjI0My00ZmRiLWFiMmIt
MmQ4NDdhM2Y3ZDJmLzEvUy04S2pIckwwWmhreGNYcVUyU2FGT0Y3VVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZjUwNzgtMjI0My00ZmRiLWFiMmItMmQ4NDdhM2Y3ZDJm
LzEvRDBmY2ZfU0Z1RUU3NDQ5YjdvQ1JjekN6RnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXV8AMA0E
AgACMAcDBQAqA12AMA0GCSqGSIb3DQEBCwUAA4IBAQCU/r7lcmea/liAL5qgM4lG
dwU+0y3osYj/Sz+EVNABz8+dB0gJRE1ZBCsaKocV1mGna8mQs2Z2rQtRfq0E4y5H
+bZPJTO39nxUKUN2JcyV6U+WK+eMqUztEDpi9F22FfICsfzEFuBzCZvsiNTWk89e
6Lx9i7D1Z68uD1V4G9FdBODugzOCpH2cvZkp6FFH8EzWA/ulKIkh0FkmECXgNepc
rUAbA9/sDvXHdDXetVwJVbfBcmhLzfPpS/hNQA3s6gvC8vt1wAOgGm1vF/LwI97r
3XahLmFW3YIkKEszGiQCXuMsy3xAr0csZ7sKGKGPLv25oZ42TV6dM925Duh8D/y+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:41 2024 by rpki-client on console-ams.rpki-client.org