Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aXlAFbedok_hcIIyzeRFwOiKrKQ.roa
File:                     aXlAFbedok_hcIIyzeRFwOiKrKQ.roa (raw, json)
Hash identifier:          MYJev7ceqsAVFIi3LJ/NcR1kSjHCIlydlRyjXhYICbM=
Subject key identifier:   69:79:40:15:B7:9D:A2:4F:E1:70:82:32:CD:E4:45:C0:E8:8A:AC:A4
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       01889AEB004417E36B1F0FDCB2D2D82B4E71
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aXlAFbedok_hcIIyzeRFwOiKrKQ.roa
Signing time:             Thu 08 Jun 2023 12:11:12 +0000
ROA not before:           Thu 08 Jun 2023 12:11:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211178
IP address blocks:        95.111.144.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:9a:eb:00:44:17:e3:6b:1f:0f:dc:b2:d2:d8:2b:4e:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Jun  8 12:11:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69794015b79da24fe1708232cde445c0e88aaca4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:45:6e:33:1f:f9:c3:c4:aa:48:0f:dc:74:91:
                    21:b6:d3:b5:bd:e5:8a:70:a1:24:7c:a4:eb:70:f3:
                    ef:8c:cb:b6:1d:59:b7:92:14:46:46:52:83:8d:f7:
                    e3:cf:1f:4c:e7:cf:35:3e:fc:d7:d0:b6:f6:2e:77:
                    fe:68:ca:b7:c4:0a:d7:b0:d6:c2:ed:47:8b:8e:fe:
                    5c:15:35:05:c4:7f:80:f4:9a:59:cd:5d:05:f9:46:
                    30:d9:12:af:f8:6c:ed:60:df:a9:79:5e:72:89:ac:
                    ab:74:58:d0:d2:4a:77:c0:0b:d0:7e:16:71:68:1b:
                    ff:25:fb:6c:49:e9:e1:64:22:9f:66:9f:2e:04:64:
                    bc:2d:9a:be:15:1c:f5:fa:d7:85:b2:fa:eb:6f:26:
                    30:2f:2b:83:bc:f2:ce:e7:6f:22:59:c9:62:82:bf:
                    5e:df:d5:bf:28:97:f8:73:96:94:49:34:9f:d6:31:
                    e3:4d:8b:33:fb:00:d7:5b:09:09:3e:c4:2f:87:05:
                    e8:58:98:a8:99:e1:ea:1a:8d:bc:a2:6f:e3:1d:7a:
                    bd:48:c2:08:44:c7:35:c5:7f:c1:b4:d4:0f:97:59:
                    b8:08:50:3e:9b:4f:c2:14:e6:04:4f:bb:5d:cd:92:
                    f7:66:ea:2f:ae:5a:22:da:82:d1:3e:3f:e1:a5:68:
                    17:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:79:40:15:B7:9D:A2:4F:E1:70:82:32:CD:E4:45:C0:E8:8A:AC:A4
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aXlAFbedok_hcIIyzeRFwOiKrKQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.111.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         10:01:17:61:a1:b7:c0:1d:b2:35:85:1f:f7:23:1d:08:5f:bc:
         1e:43:21:40:8e:c5:ac:cc:64:ff:9b:a0:a6:e5:17:dd:eb:b1:
         f0:81:a0:57:ca:40:a8:39:5c:3f:dd:2c:ac:b5:5b:26:57:2c:
         ff:3b:6c:fe:47:29:b2:19:af:f2:29:26:77:89:41:a5:2a:53:
         00:ab:a9:a9:d2:37:16:d5:9b:a3:72:25:a9:13:3a:99:ab:15:
         22:81:17:16:25:4a:0d:6f:8d:4e:17:05:da:29:13:2f:82:2c:
         4b:50:96:6c:b8:6a:bb:ae:f7:2b:b7:31:ab:87:78:7c:ba:4c:
         f5:7e:b4:30:e6:13:24:c4:31:ab:52:9e:4c:54:c0:dc:39:6e:
         c3:b5:ee:07:e2:66:20:83:92:2c:bb:37:23:23:8d:e3:cf:a9:
         64:69:8f:f2:d0:0f:3f:b4:87:2f:8a:81:c2:d4:1f:d2:5c:0f:
         7b:cd:27:3f:c7:c9:c2:cb:be:c6:26:cf:5a:21:d5:a4:fb:57:
         b2:ab:99:41:5e:a4:31:ff:8b:65:01:96:99:5c:41:e6:75:b6:
         a7:fc:e1:41:ae:72:1b:e8:63:d5:b7:a1:c9:00:9e:82:08:2c:
         58:b2:63:86:89:ff:24:5b:a7:8e:b4:a4:d2:a2:81:ce:0f:81:
         cc:b9:93:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYia6wBEF+NrHw/cstLYK05xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNjA4MTIxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc5NDAxNWI3OWRhMjRmZTE3MDgyMzJjZGU0NDVjMGU4OGFhY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkVuMx/5w8SqSA/cdJEhttO1veWK
cKEkfKTrcPPvjMu2HVm3khRGRlKDjffjzx9M5881PvzX0Lb2Lnf+aMq3xArXsNbC
7UeLjv5cFTUFxH+A9JpZzV0F+UYw2RKv+GztYN+peV5yiayrdFjQ0kp3wAvQfhZx
aBv/JftsSenhZCKfZp8uBGS8LZq+FRz1+teFsvrrbyYwLyuDvPLO528iWcligr9e
39W/KJf4c5aUSTSf1jHjTYsz+wDXWwkJPsQvhwXoWJiomeHqGo28om/jHXq9SMII
RMc1xX/BtNQPl1m4CFA+m0/CFOYET7tdzZL3Zuovrloi2oLRPj/hpWgXzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGl5QBW3naJP4XCCMs3kRcDoiqykMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvYVhsQUZiZWRva19oY0lJeXplUkZ3T2lLcktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEX2+QMA0G
CSqGSIb3DQEBCwUAA4IBAQAQARdhobfAHbI1hR/3Ix0IX7weQyFAjsWszGT/m6Cm
5Rfd67HwgaBXykCoOVw/3SystVsmVyz/O2z+RymyGa/yKSZ3iUGlKlMAq6mp0jcW
1ZujciWpEzqZqxUigRcWJUoNb41OFwXaKRMvgixLUJZsuGq7rvcrtzGrh3h8ukz1
frQw5hMkxDGrUp5MVMDcOW7Dte4H4mYgg5IsuzcjI43jz6lkaY/y0A8/tIcvioHC
1B/SXA97zSc/x8nCy77GJs9aIdWk+1eyq5lBXqQx/4tlAZaZXEHmdban/OFBrnIb
6GPVt6HJAJ6CCCxYsmOGif8kW6eOtKTSooHOD4HMuZN0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org