Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/QbGH3vskU716SZplaCuAJOudCjs.roa
File:                     QbGH3vskU716SZplaCuAJOudCjs.roa (raw, json)
Hash identifier:          XJHDnLS46dgo2xldHYJaXxlMYfIOANFmli8CL56PFTQ=
Subject key identifier:   41:B1:87:DE:FB:24:53:BD:7A:49:9A:65:68:2B:80:24:EB:9D:0A:3B
Certificate issuer:       /CN=9e3533d662c3f0d6bb1e692f3fab6d7ba3824c28
Certificate serial:       01856F8244990487D8361AC0E39689F829BA
Authority key identifier: 9E:35:33:D6:62:C3:F0:D6:BB:1E:69:2F:3F:AB:6D:7B:A3:82:4C:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/njUz1mLD8Na7HmkvP6tte6OCTCg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/QbGH3vskU716SZplaCuAJOudCjs.roa
Signing time:             Sun 01 Jan 2023 22:44:46 +0000
ROA not before:           Sun 01 Jan 2023 22:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43350
IP address blocks:        195.13.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:82:44:99:04:87:d8:36:1a:c0:e3:96:89:f8:29:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e3533d662c3f0d6bb1e692f3fab6d7ba3824c28
        Validity
            Not Before: Jan  1 22:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=41b187defb2453bd7a499a65682b8024eb9d0a3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:cf:9f:75:00:29:ed:54:8e:fa:ee:e2:66:b3:
                    a2:bc:9f:ad:fc:4e:46:f1:cb:78:73:f0:81:0e:c6:
                    93:2d:17:7d:57:ae:c7:07:56:09:80:2b:1c:72:13:
                    72:74:4c:99:b6:27:2e:5c:10:c1:87:12:20:35:ff:
                    9c:28:36:20:4b:44:ae:d8:2c:b8:47:b4:57:8f:d8:
                    6a:b8:df:32:bc:ea:7b:06:bf:e9:d0:d7:02:9a:95:
                    68:83:fb:f9:7b:23:cf:29:f7:29:1f:bb:de:05:7c:
                    fb:55:e3:f1:b6:b7:da:e0:a8:f9:57:e6:1f:e5:6c:
                    f6:c1:4c:d2:36:de:e1:76:1b:7b:c8:eb:d7:3b:d3:
                    3d:f5:cf:93:8f:f2:8f:2c:42:32:b6:e8:cf:b2:44:
                    34:3d:cb:1c:7a:c4:ac:33:a2:d7:1a:2e:df:95:1c:
                    d8:72:00:b8:35:a7:d7:c7:61:98:f9:c3:40:5e:05:
                    65:6a:c3:fd:4f:e9:6f:54:b3:70:cb:d1:f8:90:c7:
                    fc:82:85:6a:cd:fd:23:c7:f4:74:61:24:36:f2:77:
                    ce:d7:3f:d5:1b:52:bd:fa:f7:f3:df:52:e1:81:c1:
                    6e:aa:b3:15:93:92:61:8b:64:3a:6b:e7:70:30:d6:
                    d2:ef:dc:8f:c3:f3:5d:7f:82:69:d9:2a:30:1c:92:
                    03:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:B1:87:DE:FB:24:53:BD:7A:49:9A:65:68:2B:80:24:EB:9D:0A:3B
            X509v3 Authority Key Identifier:
                keyid:9E:35:33:D6:62:C3:F0:D6:BB:1E:69:2F:3F:AB:6D:7B:A3:82:4C:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njUz1mLD8Na7HmkvP6tte6OCTCg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/QbGH3vskU716SZplaCuAJOudCjs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/njUz1mLD8Na7HmkvP6tte6OCTCg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.13.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:c1:25:5b:09:9f:9e:9e:7e:7d:26:b1:01:07:0d:d8:5e:ec:
         5a:2a:4a:f3:b5:46:08:dd:c7:b4:11:e4:ea:01:7b:12:a1:bd:
         6d:87:91:cd:99:fe:2d:42:18:e8:33:aa:bd:47:5d:c2:e9:65:
         46:28:32:d1:54:ca:d4:2d:13:c0:bf:8e:b3:37:ac:fd:7b:cb:
         6b:86:17:c6:f6:0f:36:cc:1d:9c:8b:02:da:5d:55:94:bb:d4:
         11:96:16:9b:ba:7b:57:d7:a9:b5:d0:b3:d4:59:9b:a0:39:83:
         69:28:74:97:87:bb:b4:fd:8a:99:06:3d:04:3e:89:74:c8:08:
         d8:8c:84:4f:8f:ef:4d:0e:ec:8c:90:a6:ad:05:4e:82:27:bc:
         c0:01:fb:6a:2c:f3:e8:f0:7f:4b:b6:93:c8:a0:86:aa:23:b5:
         c9:a7:47:06:12:cc:30:22:4a:aa:cc:36:45:43:ed:ba:62:8f:
         46:aa:b1:e6:3c:8e:11:a7:a3:2f:98:c7:6f:58:a9:15:8e:a2:
         b7:60:4d:2e:7c:cd:72:b7:9f:af:06:98:3f:4d:5d:86:05:40:
         a3:9a:cd:73:d9:c9:31:3e:3b:91:be:99:f2:4b:94:93:0e:80:
         76:ea:5d:dc:70:21:38:39:bf:cf:ea:66:70:f5:eb:ef:89:65:
         82:b9:fb:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgkSZBIfYNhrA45aJ+Cm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzUzM2Q2NjJjM2YwZDZiYjFlNjkyZjNmYWI2ZDdiYTM4
MjRjMjgwHhcNMjMwMTAxMjI0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWIxODdkZWZiMjQ1M2JkN2E0OTlhNjU2ODJiODAyNGViOWQwYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc+fdQAp7VSO+u7iZrOivJ+t/E5G
8ct4c/CBDsaTLRd9V67HB1YJgCscchNydEyZticuXBDBhxIgNf+cKDYgS0Su2Cy4
R7RXj9hquN8yvOp7Br/p0NcCmpVog/v5eyPPKfcpH7veBXz7VePxtrfa4Kj5V+Yf
5Wz2wUzSNt7hdht7yOvXO9M99c+Tj/KPLEIytujPskQ0PcscesSsM6LXGi7flRzY
cgC4NafXx2GY+cNAXgVlasP9T+lvVLNwy9H4kMf8goVqzf0jx/R0YSQ28nfO1z/V
G1K9+vfz31LhgcFuqrMVk5Jhi2Q6a+dwMNbS79yPw/Ndf4Jp2SowHJIDNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGxh977JFO9ekmaZWgrgCTrnQo7MB8GA1UdIwQY
MBaAFJ41M9Ziw/DWux5pLz+rbXujgkwoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpVejFtTEQ4TmE3SG1rdlA2dHRlNk9DVENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iZWJlNmQtMTZiMy00YjAyLWIyMDUt
YTc4MzQxMzA5OWQzLzEvUWJHSDN2c2tVNzE2U1pwbGFDdUFKT3VkQ2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iZWJlNmQtMTZiMy00YjAyLWIyMDUtYTc4MzQxMzA5OWQz
LzEvbmpVejFtTEQ4TmE3SG1rdlA2dHRlNk9DVENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAww08MA0G
CSqGSIb3DQEBCwUAA4IBAQB4wSVbCZ+enn59JrEBBw3YXuxaKkrztUYI3ce0EeTq
AXsSob1th5HNmf4tQhjoM6q9R13C6WVGKDLRVMrULRPAv46zN6z9e8trhhfG9g82
zB2ciwLaXVWUu9QRlhabuntX16m10LPUWZugOYNpKHSXh7u0/YqZBj0EPol0yAjY
jIRPj+9NDuyMkKatBU6CJ7zAAftqLPPo8H9LtpPIoIaqI7XJp0cGEswwIkqqzDZF
Q+26Yo9GqrHmPI4Rp6MvmMdvWKkVjqK3YE0ufM1yt5+vBpg/TV2GBUCjms1z2ckx
PjuRvpnyS5STDoB26l3ccCE4Ob/P6mZw9evviWWCufvv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:27 2024 by rpki-client on console-ams.rpki-client.org