Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/FsMdL68HnFCif_pPilJ2zFckjdA.roa
File:                     FsMdL68HnFCif_pPilJ2zFckjdA.roa (raw, json)
Hash identifier:          iV6NnJNC/XcayUt6sguoXFj1OGeaRfQ5EFLXK2cZO4Q=
Subject key identifier:   16:C3:1D:2F:AF:07:9C:50:A2:7F:FA:4F:8A:52:76:CC:57:24:8D:D0
Certificate issuer:       /CN=9e57f843b17ffceaa9b8636581fe4d54e346ddcc
Certificate serial:       01856F14CBCB953E271BAC32562F1A1A77BC
Authority key identifier: 9E:57:F8:43:B1:7F:FC:EA:A9:B8:63:65:81:FE:4D:54:E3:46:DD:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nlf4Q7F__OqpuGNlgf5NVONG3cw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/FsMdL68HnFCif_pPilJ2zFckjdA.roa
Signing time:             Sun 01 Jan 2023 20:45:11 +0000
ROA not before:           Sun 01 Jan 2023 20:45:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34399
IP address blocks:        195.114.120.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:cb:cb:95:3e:27:1b:ac:32:56:2f:1a:1a:77:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e57f843b17ffceaa9b8636581fe4d54e346ddcc
        Validity
            Not Before: Jan  1 20:45:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16c31d2faf079c50a27ffa4f8a5276cc57248dd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:63:d7:da:d0:37:78:8f:c6:cd:64:52:df:f3:
                    65:df:2e:87:97:8e:9a:63:b3:68:17:3e:14:8b:6d:
                    8a:de:19:a0:34:b9:19:8b:5b:de:ef:3c:90:1f:0e:
                    44:32:e8:f9:e3:b9:d6:1f:80:53:84:09:3e:c5:19:
                    bb:bc:63:be:1f:1e:0d:99:ee:47:be:37:26:f8:db:
                    e8:92:4c:2b:50:1c:8c:24:fa:92:36:c8:24:43:7d:
                    db:b3:2e:8e:a1:17:3b:79:b6:4a:e1:4b:a9:99:4a:
                    67:57:59:c8:51:a3:57:99:26:9b:a0:b9:9d:ed:3b:
                    f7:2b:c4:58:37:4e:09:4e:86:54:09:9c:2a:fe:71:
                    cf:ee:a8:74:77:ff:08:15:65:3d:fc:10:fb:68:7b:
                    a7:28:3c:d1:3c:6f:49:35:71:67:30:96:2b:be:26:
                    83:07:9a:a4:da:7f:3f:da:d8:11:43:2f:f0:ae:35:
                    3e:22:a0:71:99:72:da:76:d3:d3:cc:cd:e2:bd:6e:
                    e9:27:e5:2a:28:a2:5e:4b:52:07:8d:45:15:4a:97:
                    d2:c3:02:77:78:dd:7d:89:1f:95:6f:cd:38:9d:2e:
                    8c:a7:4c:7d:dc:d8:a3:75:14:68:a8:b9:c6:bb:ab:
                    18:4f:f7:1a:04:06:34:fb:9f:84:df:fd:e9:c4:05:
                    48:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:C3:1D:2F:AF:07:9C:50:A2:7F:FA:4F:8A:52:76:CC:57:24:8D:D0
            X509v3 Authority Key Identifier:
                keyid:9E:57:F8:43:B1:7F:FC:EA:A9:B8:63:65:81:FE:4D:54:E3:46:DD:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlf4Q7F__OqpuGNlgf5NVONG3cw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/FsMdL68HnFCif_pPilJ2zFckjdA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/nlf4Q7F__OqpuGNlgf5NVONG3cw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.114.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         22:65:20:35:37:b7:43:c1:03:d5:80:5d:de:57:86:13:6f:bd:
         28:2f:85:01:31:79:99:2a:cc:35:5c:7a:54:98:bf:eb:bb:ff:
         38:4c:d3:72:36:27:e8:d0:8e:75:ef:42:a1:bc:78:4c:13:63:
         63:07:b2:eb:2b:82:53:7c:d2:c9:c3:ab:44:e6:0a:ab:73:de:
         3b:85:26:b1:ad:d5:4e:83:93:65:6c:0c:b1:bc:70:c4:b8:b9:
         84:fa:4b:de:29:d6:5d:a0:54:28:01:eb:18:92:f5:6f:c6:1e:
         0f:ae:96:89:f5:a3:a0:d2:db:1c:7d:45:5e:73:04:5e:1a:54:
         ae:92:2c:92:e1:05:40:c8:97:e8:b5:8c:5e:59:d6:3b:2f:7a:
         62:4a:a7:a2:c1:bb:49:d5:97:b2:4d:07:a4:35:3f:11:62:1e:
         0c:14:f4:fb:77:6c:55:76:a1:e8:f7:92:69:a3:60:f7:b8:fa:
         28:5a:7f:00:f3:f1:db:3b:24:81:02:2d:a0:e1:2c:9a:fc:57:
         9c:76:d9:7d:71:53:f6:85:b4:f8:76:bd:77:d9:ff:2b:25:a8:
         e6:0a:7a:9e:49:25:f9:18:d8:82:42:c5:90:f3:2b:e0:7a:ee:
         b6:de:96:8b:6d:01:ab:46:fb:42:ed:14:d6:ea:ab:69:8a:6e:
         2b:eb:0c:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFMvLlT4nG6wyVi8aGne8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTdmODQzYjE3ZmZjZWFhOWI4NjM2NTgxZmU0ZDU0ZTM0
NmRkY2MwHhcNMjMwMTAxMjA0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmMzMWQyZmFmMDc5YzUwYTI3ZmZhNGY4YTUyNzZjYzU3MjQ4ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2PX2tA3eI/GzWRS3/Nl3y6Hl46a
Y7NoFz4Ui22K3hmgNLkZi1ve7zyQHw5EMuj547nWH4BThAk+xRm7vGO+Hx4Nme5H
vjcm+NvokkwrUByMJPqSNsgkQ33bsy6OoRc7ebZK4UupmUpnV1nIUaNXmSaboLmd
7Tv3K8RYN04JToZUCZwq/nHP7qh0d/8IFWU9/BD7aHunKDzRPG9JNXFnMJYrviaD
B5qk2n8/2tgRQy/wrjU+IqBxmXLadtPTzM3ivW7pJ+UqKKJeS1IHjUUVSpfSwwJ3
eN19iR+Vb804nS6Mp0x93NijdRRoqLnGu6sYT/caBAY0+5+E3/3pxAVIdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbDHS+vB5xQon/6T4pSdsxXJI3QMB8GA1UdIwQY
MBaAFJ5X+EOxf/zqqbhjZYH+TVTjRt3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxmNFE3Rl9fT3FwdUdObGdmNU5WT05HM2N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83ZDBlZmUtNzA5ZC00ZDExLWI2OTIt
MGUyMzA4MDZiNTc5LzEvRnNNZEw2OEhuRkNpZl9wUGlsSjJ6RmNramRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83ZDBlZmUtNzA5ZC00ZDExLWI2OTItMGUyMzA4MDZiNTc5
LzEvbmxmNFE3Rl9fT3FwdUdObGdmNU5WT05HM2N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw3J4MA0G
CSqGSIb3DQEBCwUAA4IBAQAiZSA1N7dDwQPVgF3eV4YTb70oL4UBMXmZKsw1XHpU
mL/ru/84TNNyNifo0I5170KhvHhME2NjB7LrK4JTfNLJw6tE5gqrc947hSaxrdVO
g5NlbAyxvHDEuLmE+kveKdZdoFQoAesYkvVvxh4PrpaJ9aOg0tscfUVecwReGlSu
kiyS4QVAyJfotYxeWdY7L3piSqeiwbtJ1ZeyTQekNT8RYh4MFPT7d2xVdqHo95Jp
o2D3uPooWn8A8/HbOySBAi2g4Sya/Fecdtl9cVP2hbT4dr132f8rJajmCnqeSSX5
GNiCQsWQ8yvgeu623paLbQGrRvtC7RTW6qtpim4r6wwV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:49 2024 by rpki-client on console-fra.rpki-client.org