Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/ToxvVTZbkAhYLwrkohzf1EyU0RE.roa
File:                     ToxvVTZbkAhYLwrkohzf1EyU0RE.roa (raw, json)
Hash identifier:          Hm+shL9uxTjvP8SR07DRip3bdVQ0lhm1FhuDqi+ded0=
Subject key identifier:   4E:8C:6F:55:36:5B:90:08:58:2F:0A:E4:A2:1C:DF:D4:4C:94:D1:11
Certificate issuer:       /CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Certificate serial:       01856ED4D762F74254F3A0F48460E46BE5FE
Authority key identifier: 84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/ToxvVTZbkAhYLwrkohzf1EyU0RE.roa
Signing time:             Sun 01 Jan 2023 19:35:20 +0000
ROA not before:           Sun 01 Jan 2023 19:35:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203461
IP address blocks:        195.110.108.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:d7:62:f7:42:54:f3:a0:f4:84:60:e4:6b:e5:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
        Validity
            Not Before: Jan  1 19:35:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e8c6f55365b9008582f0ae4a21cdfd44c94d111
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:95:e7:5b:a5:58:72:3c:39:77:4c:36:47:1a:
                    ef:a4:59:fd:78:90:5e:8b:d0:8a:df:14:b6:31:0c:
                    c9:6a:d6:b9:35:bc:3a:26:06:4b:26:69:66:db:2e:
                    c1:76:75:b0:57:c1:45:c8:c0:e1:c9:f3:65:d5:e7:
                    65:ad:9d:a6:8b:24:1d:86:1e:c7:a6:6f:bc:d1:8f:
                    f0:4a:1a:3c:3e:f1:38:79:da:10:81:00:0f:3e:be:
                    84:f9:49:5f:b4:4e:6f:e9:2f:f9:44:fc:1c:86:71:
                    65:6e:d8:21:05:ca:f3:67:4c:46:62:4b:d5:14:d2:
                    c6:41:f0:f2:57:fe:94:94:fd:e0:b8:db:0c:25:7d:
                    dd:9c:bd:5b:dd:af:e4:d3:9f:2a:a5:b6:2e:af:30:
                    62:f9:27:41:22:6d:71:e2:e6:88:6d:31:fc:2b:3a:
                    7f:72:23:3c:cc:fa:69:df:fa:f8:42:b8:fc:c9:90:
                    2c:4c:5b:8d:eb:9b:2f:cf:4e:fe:f6:3f:a4:fa:1e:
                    ec:c1:f6:79:63:fc:97:d2:19:e0:aa:24:c8:16:8e:
                    43:9d:0b:4f:a0:1c:0a:7a:be:83:0c:49:dc:5d:c1:
                    63:6e:02:7c:c3:31:74:18:41:eb:df:8e:a2:04:0d:
                    09:90:f5:e4:ff:cd:9b:e1:bc:e1:30:a0:5b:db:0b:
                    2b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:8C:6F:55:36:5B:90:08:58:2F:0A:E4:A2:1C:DF:D4:4C:94:D1:11
            X509v3 Authority Key Identifier:
                keyid:84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/ToxvVTZbkAhYLwrkohzf1EyU0RE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.110.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:99:bf:6c:be:49:31:07:a7:72:09:10:47:e6:a9:ee:e5:e3:
         c1:38:80:11:aa:b3:58:dc:65:6b:f4:44:73:2a:c3:44:f1:0f:
         11:0a:23:ec:5b:a9:09:af:59:aa:f6:01:c1:00:df:cd:60:5d:
         c5:87:8e:28:fd:f6:57:1f:cd:5f:f3:48:61:d0:1c:ea:bb:1c:
         64:c2:ec:82:e6:2e:7e:0b:c4:3c:61:01:cb:bf:0b:7c:94:db:
         94:0e:cd:87:d7:2a:06:a8:f9:5d:ca:e0:63:07:26:f4:cd:8e:
         92:1e:10:a1:f8:be:69:aa:84:2d:ce:70:56:43:93:70:3b:7e:
         b1:30:fc:af:64:6b:61:0a:bc:27:1d:61:13:d2:71:39:63:f4:
         d7:20:b8:93:64:7f:8e:f6:fd:26:c8:12:d5:72:fc:5e:52:d7:
         43:3c:91:5b:b6:a1:1d:c6:66:9a:27:4a:4f:84:0f:32:0e:44:
         88:6a:3c:30:80:1f:6e:cd:37:4a:d7:0b:73:43:99:6c:ce:3c:
         58:f2:a0:fe:07:0c:61:78:90:cd:e0:c9:df:8a:ea:4e:99:d5:
         cc:02:be:40:c2:47:cf:6a:85:a9:eb:67:b9:f9:ce:49:36:da:
         40:2d:aa:d8:89:ca:86:b9:2a:6e:84:38:17:bf:94:a8:c3:e3:
         1f:96:d8:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1Ndi90JU86D0hGDka+X+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZGI3NDdiMjg5NzE3YTA2ODRjZDZhYzgyMzA3YWE2N2Ji
MmQ3YmIwHhcNMjMwMTAxMTkzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZThjNmY1NTM2NWI5MDA4NTgyZjBhZTRhMjFjZGZkNDRjOTRkMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5XnW6VYcjw5d0w2RxrvpFn9eJBe
i9CK3xS2MQzJata5Nbw6JgZLJmlm2y7BdnWwV8FFyMDhyfNl1edlrZ2miyQdhh7H
pm+80Y/wSho8PvE4edoQgQAPPr6E+UlftE5v6S/5RPwchnFlbtghBcrzZ0xGYkvV
FNLGQfDyV/6UlP3guNsMJX3dnL1b3a/k058qpbYurzBi+SdBIm1x4uaIbTH8Kzp/
ciM8zPpp3/r4Qrj8yZAsTFuN65svz07+9j+k+h7swfZ5Y/yX0hngqiTIFo5DnQtP
oBwKer6DDEncXcFjbgJ8wzF0GEHr346iBA0JkPXk/82b4bzhMKBb2wsrMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6Mb1U2W5AIWC8K5KIc39RMlNERMB8GA1UdIwQY
MBaAFITbdHsolxegaEzWrIIweqZ7ste7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQt
OWZlN2VlOWMwMzY4LzEvVG94dlZUWmJrQWhZTHdya29oemYxRXlVMFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQtOWZlN2VlOWMwMzY4
LzEvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw25sMA0G
CSqGSIb3DQEBCwUAA4IBAQAqmb9svkkxB6dyCRBH5qnu5ePBOIARqrNY3GVr9ERz
KsNE8Q8RCiPsW6kJr1mq9gHBAN/NYF3Fh44o/fZXH81f80hh0BzquxxkwuyC5i5+
C8Q8YQHLvwt8lNuUDs2H1yoGqPldyuBjByb0zY6SHhCh+L5pqoQtznBWQ5NwO36x
MPyvZGthCrwnHWET0nE5Y/TXILiTZH+O9v0myBLVcvxeUtdDPJFbtqEdxmaaJ0pP
hA8yDkSIajwwgB9uzTdK1wtzQ5lszjxY8qD+BwxheJDN4MnfiupOmdXMAr5AwkfP
aoWp62e5+c5JNtpALarYicqGuSpuhDgXv5Sow+Mfltjx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:02 2024 by rpki-client on console-fra.rpki-client.org