Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H4IAVL6OTzEmqt5S9zfwUG3GzSI.roa
File:                     H4IAVL6OTzEmqt5S9zfwUG3GzSI.roa (raw, json)
Hash identifier:          /dOw2Foks/MdcTNdC4y1GCn7MyK0LVSNSktUZT0qmzE=
Subject key identifier:   1F:82:00:54:BE:8E:4F:31:26:AA:DE:52:F7:37:F0:50:6D:C6:CD:22
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018E9EEC3C0BEDE0D32A84B0D4E0461BC342
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H4IAVL6OTzEmqt5S9zfwUG3GzSI.roa
Signing time:             Tue 02 Apr 2024 13:07:45 +0000
ROA not before:           Tue 02 Apr 2024 13:07:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48347
IP address blocks:        195.43.142.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 12:28:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9e:ec:3c:0b:ed:e0:d3:2a:84:b0:d4:e0:46:1b:c3:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Apr  2 13:07:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1f820054be8e4f3126aade52f737f0506dc6cd22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:68:25:be:6c:6e:7c:21:20:69:bd:dd:ed:4d:
                    7a:34:d3:bc:d8:4c:40:ec:ea:4a:f3:20:02:05:bc:
                    c0:6b:df:22:b4:86:f9:25:21:35:05:36:e2:2b:96:
                    f6:59:c8:71:d1:f3:c1:e1:48:c7:b8:a3:bb:d2:43:
                    dc:a4:fd:75:75:c4:dd:0c:78:bc:60:c9:d9:1d:4f:
                    ae:df:ae:6f:d9:a3:ad:a4:f1:d1:e9:ba:b4:4f:da:
                    e3:c6:e8:bf:86:87:60:1b:88:ec:51:0b:58:e1:a5:
                    9c:54:e5:4f:1b:cb:41:47:e9:5c:69:d8:be:be:e8:
                    0d:27:6d:a1:8a:16:26:21:2c:05:7a:a1:a6:56:65:
                    70:5d:d4:d8:16:23:b0:36:c2:60:79:83:6f:52:de:
                    5c:33:69:39:44:c3:4e:d3:8a:51:1a:9a:5f:95:40:
                    c2:bf:e4:d0:fc:41:0e:cb:7a:53:42:6f:e0:93:ac:
                    bb:7a:17:21:e7:1a:65:3a:10:79:b0:87:9c:51:a4:
                    ff:47:a5:f2:be:77:ef:d8:f9:f7:ae:aa:00:7f:f9:
                    1e:97:16:7f:01:d2:2e:a9:3a:b4:fe:91:77:4e:8c:
                    b5:a4:a2:c7:7c:70:94:cf:88:3c:51:04:28:4d:ec:
                    b4:e2:a6:56:fb:10:fb:59:70:59:a2:5d:19:f9:20:
                    ed:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:82:00:54:BE:8E:4F:31:26:AA:DE:52:F7:37:F0:50:6D:C6:CD:22
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H4IAVL6OTzEmqt5S9zfwUG3GzSI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.43.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:bd:c4:b3:f9:18:c7:13:be:04:14:5b:f5:b5:64:53:63:3b:
         b7:26:11:04:7d:00:25:3d:26:a0:2c:90:08:99:62:9a:21:b8:
         29:bc:a5:fa:ed:c6:b3:ca:5c:5e:ac:97:76:63:68:51:d5:d2:
         4d:42:7e:db:c2:7a:5a:89:d5:6a:bc:e1:5e:62:aa:fa:d7:31:
         b4:bd:1c:5f:74:6b:bb:f9:5e:ed:ed:75:24:9f:0a:12:a1:6a:
         e4:49:a1:3a:7f:69:d4:bc:fb:74:09:9b:4b:e0:26:c5:e8:7f:
         01:ff:bf:04:8f:45:56:a8:c5:fd:db:0a:8e:1c:c8:7d:d9:d7:
         6c:17:e7:95:7d:ed:72:c2:6b:1d:a1:68:bc:52:44:33:72:43:
         78:55:6d:a0:22:ac:5e:f2:33:49:f0:96:2a:fd:0c:7c:de:4a:
         03:47:0a:0a:cf:d7:97:b8:c6:66:a1:9d:7b:43:90:c1:f6:b9:
         d9:a6:7a:79:de:0e:79:c6:c3:f9:47:8f:1b:44:9c:56:5a:69:
         f4:9f:d8:1c:70:6a:4d:63:ff:b6:4a:7a:3f:03:28:ce:c5:94:
         32:6f:14:ed:c9:51:b8:6d:d7:91:b2:a1:96:9c:38:54:bb:53:
         85:63:c6:91:6d:6d:dc:97:3f:0c:05:2a:42:68:3b:25:1f:d7:
         35:f8:d3:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6e7DwL7eDTKoSw1OBGG8NCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDAyMTMwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjgyMDA1NGJlOGU0ZjMxMjZhYWRlNTJmNzM3ZjA1MDZkYzZjZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGglvmxufCEgab3d7U16NNO82ExA
7OpK8yACBbzAa98itIb5JSE1BTbiK5b2Wchx0fPB4UjHuKO70kPcpP11dcTdDHi8
YMnZHU+u365v2aOtpPHR6bq0T9rjxui/hodgG4jsUQtY4aWcVOVPG8tBR+lcadi+
vugNJ22hihYmISwFeqGmVmVwXdTYFiOwNsJgeYNvUt5cM2k5RMNO04pRGppflUDC
v+TQ/EEOy3pTQm/gk6y7ehch5xplOhB5sIecUaT/R6Xyvnfv2Pn3rqoAf/kelxZ/
AdIuqTq0/pF3Toy1pKLHfHCUz4g8UQQoTey04qZW+xD7WXBZol0Z+SDtbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+CAFS+jk8xJqreUvc38FBtxs0iMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSDRJQVZMNk9UekVtcXQ1Uzl6ZndVRzNHelNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuOMA0G
CSqGSIb3DQEBCwUAA4IBAQB+vcSz+RjHE74EFFv1tWRTYzu3JhEEfQAlPSagLJAI
mWKaIbgpvKX67cazylxerJd2Y2hR1dJNQn7bwnpaidVqvOFeYqr61zG0vRxfdGu7
+V7t7XUknwoSoWrkSaE6f2nUvPt0CZtL4CbF6H8B/78Ej0VWqMX92wqOHMh92dds
F+eVfe1ywmsdoWi8UkQzckN4VW2gIqxe8jNJ8JYq/Qx83koDRwoKz9eXuMZmoZ17
Q5DB9rnZpnp53g55xsP5R48bRJxWWmn0n9gccGpNY/+2Sno/AyjOxZQybxTtyVG4
bdeRsqGWnDhUu1OFY8aRbW3clz8MBSpCaDslH9c1+NPz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org