Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/ONdJeyW2MhaCgYn0G2goBTv8160.roa
File:                     ONdJeyW2MhaCgYn0G2goBTv8160.roa (raw, json)
Hash identifier:          l8Bqrf0S/rq2k+FmlP3mY5QLssFvO5FTVGy+INhCvmU=
Subject key identifier:   38:D7:49:7B:25:B6:32:16:82:81:89:F4:1B:68:28:05:3B:FC:D7:AD
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018572BA490D6FCD90780CAE32A30CF9D189
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/ONdJeyW2MhaCgYn0G2goBTv8160.roa
Signing time:             Mon 02 Jan 2023 13:44:49 +0000
ROA not before:           Mon 02 Jan 2023 13:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12389
IP address blocks:        95.182.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:49:0d:6f:cd:90:78:0c:ae:32:a3:0c:f9:d1:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  2 13:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38d7497b25b63216828189f41b6828053bfcd7ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ca:57:8a:db:eb:8c:07:dc:8a:59:7a:41:54:
                    4b:2c:e0:bb:94:e9:de:ae:f2:73:66:fa:0a:33:16:
                    db:28:aa:6a:8a:67:cb:89:c3:2e:21:85:01:d7:07:
                    ce:53:42:c3:bc:54:4c:c3:a4:73:cf:01:6f:48:f1:
                    a5:af:34:60:e5:d1:79:39:cd:bb:42:d0:5e:97:81:
                    1e:c1:1b:37:76:92:d7:c7:9b:d6:16:26:ec:ed:74:
                    68:69:46:9b:fb:07:0d:82:26:f3:56:bb:9a:ab:88:
                    ab:fc:6d:d3:d0:26:48:e0:4a:1d:1a:92:70:21:dc:
                    71:34:8a:3f:3d:98:70:e5:d9:66:7c:16:1a:40:3c:
                    20:24:e2:86:15:5c:e0:9e:5a:e8:5d:21:2f:5a:0c:
                    04:42:aa:56:e1:f1:8c:f1:35:25:47:fe:93:68:13:
                    30:c6:91:48:18:16:52:e8:b5:62:37:d7:27:2f:ed:
                    24:82:3f:09:4b:33:5b:6d:db:b6:6d:e6:ff:68:e2:
                    03:6f:7f:05:d7:3b:52:ca:49:e6:53:3a:8b:3e:50:
                    5b:05:4c:3c:a1:c5:c0:cf:be:1e:26:4e:18:9e:66:
                    ed:e0:1a:f3:2f:69:ae:9b:46:e2:d4:7f:48:f5:d2:
                    6a:ce:d6:d9:3f:f6:f6:66:f1:f4:b9:6e:90:a1:b4:
                    dc:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:D7:49:7B:25:B6:32:16:82:81:89:F4:1B:68:28:05:3B:FC:D7:AD
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/ONdJeyW2MhaCgYn0G2goBTv8160.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.182.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:f8:07:9f:09:87:28:5b:fd:fe:4e:e0:f6:5e:a1:07:14:be:
         84:bc:14:20:4b:74:f2:2b:08:ed:51:eb:35:81:f2:15:1f:66:
         4f:6e:e6:b2:38:be:e0:e7:1c:b9:64:59:e5:b1:91:98:82:23:
         f4:4f:60:ab:c5:99:5a:29:94:38:15:e4:5e:48:65:e3:fa:88:
         8e:d5:1c:eb:fc:08:57:62:ce:3f:f4:68:77:02:8c:9d:da:41:
         b5:6a:07:3d:14:e8:34:ff:db:df:24:eb:3f:22:9f:a6:a2:09:
         96:e7:cc:70:e9:cd:24:62:a0:37:05:ef:5f:d2:55:60:97:f2:
         05:7a:3c:ea:f3:ae:4d:88:7d:40:b6:70:16:6e:e5:73:7b:cf:
         b1:af:53:8f:7d:8a:79:67:77:97:1a:ad:e1:ad:34:06:11:f1:
         03:03:70:9b:7e:72:c7:52:29:21:e6:b5:7e:94:6f:5d:ed:8c:
         d8:14:d3:75:2d:e4:12:1d:f5:d0:9c:71:8d:40:80:24:3c:c6:
         74:a7:97:b9:f6:f2:ef:85:93:25:ae:bc:f9:49:9f:5b:6a:3b:
         27:67:7d:71:0c:b3:4b:50:4a:c8:5a:01:72:c3:dd:d0:a1:7f:
         f9:3a:ac:62:f4:b9:a1:25:fc:65:cb:04:56:e1:05:42:27:28:
         67:ae:bd:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyukkNb82QeAyuMqMM+dGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwMTAyMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ3NDk3YjI1YjYzMjE2ODI4MTg5ZjQxYjY4MjgwNTNiZmNkN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcpXitvrjAfcill6QVRLLOC7lOne
rvJzZvoKMxbbKKpqimfLicMuIYUB1wfOU0LDvFRMw6RzzwFvSPGlrzRg5dF5Oc27
QtBel4EewRs3dpLXx5vWFibs7XRoaUab+wcNgibzVruaq4ir/G3T0CZI4EodGpJw
IdxxNIo/PZhw5dlmfBYaQDwgJOKGFVzgnlroXSEvWgwEQqpW4fGM8TUlR/6TaBMw
xpFIGBZS6LViN9cnL+0kgj8JSzNbbdu2beb/aOIDb38F1ztSyknmUzqLPlBbBUw8
ocXAz74eJk4Ynmbt4BrzL2mum0bi1H9I9dJqztbZP/b2ZvH0uW6QobTc5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjXSXsltjIWgoGJ9BtoKAU7/NetMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvT05kSmV5VzJNaGFDZ1luMEcyZ29CVHY4MTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7ZvMA0G
CSqGSIb3DQEBCwUAA4IBAQAH+AefCYcoW/3+TuD2XqEHFL6EvBQgS3TyKwjtUes1
gfIVH2ZPbuayOL7g5xy5ZFnlsZGYgiP0T2CrxZlaKZQ4FeReSGXj+oiO1Rzr/AhX
Ys4/9Gh3Aoyd2kG1agc9FOg0/9vfJOs/Ip+mogmW58xw6c0kYqA3Be9f0lVgl/IF
ejzq865NiH1AtnAWbuVze8+xr1OPfYp5Z3eXGq3hrTQGEfEDA3CbfnLHUikh5rV+
lG9d7YzYFNN1LeQSHfXQnHGNQIAkPMZ0p5e59vLvhZMlrrz5SZ9bajsnZ31xDLNL
UErIWgFyw93QoX/5Oqxi9LmhJfxlywRW4QVCJyhnrr22
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org