Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/EX66jj0zqNFJdKKrz6F10rmTyyk.roa
File:                     EX66jj0zqNFJdKKrz6F10rmTyyk.roa (raw, json)
Hash identifier:          hjSyLvoZYY8kezRBKGRkuN2kip7QtdeSvZqFFBVKO+c=
Subject key identifier:   11:7E:BA:8E:3D:33:A8:D1:49:74:A2:AB:CF:A1:75:D2:B9:93:CB:29
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       0186F712263376F73EC3BEF9BC1BB110F0AC
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/EX66jj0zqNFJdKKrz6F10rmTyyk.roa
Signing time:             Sat 18 Mar 2023 23:33:27 +0000
ROA not before:           Sat 18 Mar 2023 23:33:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        95.111.144.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Thu 23 Mar 2023 23:20:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:f7:12:26:33:76:f7:3e:c3:be:f9:bc:1b:b1:10:f0:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Mar 18 23:33:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=117eba8e3d33a8d14974a2abcfa175d2b993cb29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:b2:2a:9c:e1:8a:96:20:e0:8f:f7:68:37:c4:
                    e1:26:d0:00:90:1b:7d:23:c9:60:f0:dc:44:51:ac:
                    a8:f7:59:a5:e3:f1:86:35:61:de:5e:05:77:0f:0c:
                    19:c4:e2:65:c2:18:1a:12:bd:14:b9:9b:01:01:40:
                    70:52:ca:92:77:39:a8:fa:a3:b4:27:0e:2f:46:dd:
                    a0:26:15:1f:3c:60:61:16:bd:62:05:47:7a:ce:83:
                    05:94:98:42:e5:c4:b4:31:a0:f4:2d:e2:c6:77:5b:
                    8c:85:4d:54:db:55:4c:a4:50:e8:bb:58:b7:fa:7b:
                    75:84:fb:36:60:08:02:6d:90:79:7e:5b:67:a5:7c:
                    2e:43:9e:3d:f7:47:38:57:c1:5f:15:bb:20:74:93:
                    4f:3f:16:d6:0a:57:77:6b:88:2b:64:e8:0d:b5:e3:
                    93:b2:dd:42:3f:c4:e6:33:59:de:33:a9:15:a4:8f:
                    e6:b0:e6:5a:0b:4c:67:e6:cf:02:c9:3a:6c:b3:90:
                    dd:f3:2e:c8:38:3f:bb:85:9b:86:64:92:0b:0c:43:
                    98:4c:bd:5e:b3:f2:d0:b2:2b:65:a9:7e:ae:6f:a3:
                    4e:0c:1e:2e:2c:03:d2:42:42:84:06:db:f9:75:77:
                    45:22:a3:1d:4c:c6:60:5e:8d:d1:22:72:88:c6:f1:
                    ba:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:7E:BA:8E:3D:33:A8:D1:49:74:A2:AB:CF:A1:75:D2:B9:93:CB:29
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/EX66jj0zqNFJdKKrz6F10rmTyyk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.111.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         81:68:42:f8:d9:93:b7:e6:82:91:01:5b:ad:92:b5:ce:51:23:
         12:73:e1:b2:90:ee:0c:fc:4c:b8:c6:ca:c1:08:54:fc:80:a9:
         32:49:8a:c6:38:8e:ac:27:02:85:7a:79:23:69:ea:79:3c:32:
         50:10:cb:25:9f:42:01:47:c1:74:53:28:96:b0:94:d0:57:e5:
         e5:0b:fb:06:b1:1e:79:ab:35:cf:06:94:f9:a8:f1:a6:fe:11:
         09:a7:f4:59:77:a0:9c:8e:19:42:72:f6:d6:a0:5a:cd:b2:af:
         85:5d:2a:8d:d1:d5:0e:46:e7:6b:19:4a:d8:73:d8:cb:ac:23:
         b7:ef:8e:26:59:a7:31:27:2f:25:e3:d5:7f:8c:8e:6b:14:e6:
         c2:39:ce:5d:d2:da:ea:97:2b:ec:4a:fc:aa:b0:7a:82:17:63:
         88:b4:71:cf:2c:f3:3f:21:13:4f:35:ea:3a:eb:c8:88:83:67:
         f8:c1:04:e8:08:fb:8e:62:08:d2:b5:f7:88:41:31:50:d5:96:
         c8:96:db:00:c8:f3:fc:04:fa:ab:e0:3a:33:d2:c2:9b:a6:f9:
         bc:3a:65:44:f4:9a:81:c2:76:85:c2:0a:ea:40:a3:02:61:91:
         d9:f8:89:30:b7:fb:c8:51:e5:90:cc:e7:d7:f0:f0:d1:b4:c5:
         da:71:f6:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb3EiYzdvc+w775vBuxEPCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwMzE4MjMzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTdlYmE4ZTNkMzNhOGQxNDk3NGEyYWJjZmExNzVkMmI5OTNjYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLIqnOGKliDgj/doN8ThJtAAkBt9
I8lg8NxEUayo91ml4/GGNWHeXgV3DwwZxOJlwhgaEr0UuZsBAUBwUsqSdzmo+qO0
Jw4vRt2gJhUfPGBhFr1iBUd6zoMFlJhC5cS0MaD0LeLGd1uMhU1U21VMpFDou1i3
+nt1hPs2YAgCbZB5fltnpXwuQ54990c4V8FfFbsgdJNPPxbWCld3a4grZOgNteOT
st1CP8TmM1neM6kVpI/msOZaC0xn5s8CyTpss5Dd8y7IOD+7hZuGZJILDEOYTL1e
s/LQsitlqX6ub6NODB4uLAPSQkKEBtv5dXdFIqMdTMZgXo3RInKIxvG6GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBF+uo49M6jRSXSiq8+hddK5k8spMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvRVg2NmpqMHpxTkZKZEtLcno2RjEwcm1UeXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEX2+QMA0G
CSqGSIb3DQEBCwUAA4IBAQCBaEL42ZO35oKRAVutkrXOUSMSc+GykO4M/Ey4xsrB
CFT8gKkySYrGOI6sJwKFenkjaep5PDJQEMsln0IBR8F0UyiWsJTQV+XlC/sGsR55
qzXPBpT5qPGm/hEJp/RZd6CcjhlCcvbWoFrNsq+FXSqN0dUORudrGUrYc9jLrCO3
744mWacxJy8l49V/jI5rFObCOc5d0trqlyvsSvyqsHqCF2OItHHPLPM/IRNPNeo6
68iIg2f4wQToCPuOYgjStfeIQTFQ1ZbIltsAyPP8BPqr4Doz0sKbpvm8OmVE9JqB
wnaFwgrqQKMCYZHZ+Ikwt/vIUeWQzOfX8PDRtMXacfYC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org