Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/h3YqOlM5CzVvpS3CKaFU-Cm9jbE.roa
File:                     h3YqOlM5CzVvpS3CKaFU-Cm9jbE.roa (raw, json)
Hash identifier:          J/6pd1BeWm6NLDInHrqTUL5y2ek3pG1DzTz3D3hA+gI=
Subject key identifier:   87:76:2A:3A:53:39:0B:35:6F:A5:2D:C2:29:A1:54:F8:29:BD:8D:B1
Certificate issuer:       /CN=a1c130072d2ce9cf562b83198edaadafa48f6db4
Certificate serial:       01856D78A48125E1B605566DC4170DD92EDF
Authority key identifier: A1:C1:30:07:2D:2C:E9:CF:56:2B:83:19:8E:DA:AD:AF:A4:8F:6D:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/h3YqOlM5CzVvpS3CKaFU-Cm9jbE.roa
Signing time:             Sun 01 Jan 2023 13:15:01 +0000
ROA not before:           Sun 01 Jan 2023 13:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210169
IP address blocks:        195.95.151.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:78:a4:81:25:e1:b6:05:56:6d:c4:17:0d:d9:2e:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1c130072d2ce9cf562b83198edaadafa48f6db4
        Validity
            Not Before: Jan  1 13:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87762a3a53390b356fa52dc229a154f829bd8db1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c4:ed:8e:1b:38:1c:fe:45:30:12:56:9f:6e:
                    61:05:0d:e4:16:a7:49:95:65:be:e0:31:27:b5:25:
                    ce:ca:f0:0d:10:c6:cb:0a:84:fe:17:91:fc:14:70:
                    c4:b8:84:37:b5:0c:22:78:a8:31:75:73:1d:1a:63:
                    2b:30:8a:ef:bc:07:0a:af:ce:50:26:19:98:c7:c5:
                    06:17:28:20:95:0a:94:36:58:80:36:d7:2b:c7:f7:
                    79:02:49:1b:d0:cd:69:c8:c3:86:09:58:09:d3:fd:
                    78:1b:3b:7a:95:e6:9c:9f:bb:46:a3:b3:e1:b4:a5:
                    25:ff:70:48:85:58:cf:0b:63:fa:d6:33:4b:10:f0:
                    90:75:d3:45:e4:87:78:78:41:0f:64:80:15:93:5a:
                    1b:35:30:c1:5b:ca:f1:16:70:e0:b5:6c:b3:04:21:
                    94:ee:f3:05:dd:d8:ba:7c:4d:21:3f:cc:41:03:ff:
                    9f:50:54:64:1e:26:ae:19:f6:5b:d1:35:47:20:4b:
                    22:a7:c2:93:d7:f4:37:ef:e9:69:75:94:7e:aa:98:
                    de:bf:c0:8e:47:30:86:0b:ea:47:34:4a:6e:6f:3c:
                    4c:eb:a6:66:19:62:be:5e:8f:33:a5:ce:65:01:d5:
                    8c:d1:4f:25:68:3d:90:cd:f7:51:18:b4:03:0b:69:
                    bf:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:76:2A:3A:53:39:0B:35:6F:A5:2D:C2:29:A1:54:F8:29:BD:8D:B1
            X509v3 Authority Key Identifier:
                keyid:A1:C1:30:07:2D:2C:E9:CF:56:2B:83:19:8E:DA:AD:AF:A4:8F:6D:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/h3YqOlM5CzVvpS3CKaFU-Cm9jbE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/f5bb51-708f-4dd2-880f-87d90561aa48/1/ocEwBy0s6c9WK4MZjtqtr6SPbbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:3b:95:b5:a9:64:d8:00:bb:81:90:f7:1a:ef:25:d3:65:5e:
         1e:3b:53:78:f4:ee:ab:2e:c0:03:8c:79:83:13:ef:d5:8a:a7:
         3b:ca:b0:b4:4a:a9:b2:c0:a1:63:d1:ca:aa:79:ba:7d:d8:cd:
         44:5c:5b:2f:38:58:14:09:6a:53:ee:da:e0:ed:94:50:09:35:
         36:2e:aa:7d:3d:c4:8f:d2:5d:1b:43:e7:67:f1:d6:ed:13:12:
         af:76:d1:2d:cf:a1:72:68:dd:ae:10:49:e1:89:89:2d:48:e9:
         da:86:05:77:89:c3:27:f7:71:97:d2:7f:31:48:24:d9:ee:25:
         9b:d2:a4:35:c0:6a:4d:6d:d0:42:a9:30:2a:b0:af:c7:a8:41:
         c9:82:5a:67:22:18:01:49:b4:39:a4:c1:35:00:9c:52:cd:d7:
         7c:21:3e:52:3c:39:84:76:32:17:2c:c8:49:25:ec:87:47:6e:
         58:34:25:b7:c9:39:ff:be:37:fd:8b:f1:8d:a2:3e:39:e9:96:
         6a:c6:97:51:13:7e:41:cf:85:a7:bb:54:f2:df:c2:22:0c:74:
         b0:a6:7e:70:81:4d:53:a3:83:34:32:1b:a7:4e:98:52:82:95:
         09:56:01:f5:38:d5:aa:3e:7c:a0:ec:cc:52:03:cf:6d:3c:ca:
         ca:df:19:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteKSBJeG2BVZtxBcN2S7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYzEzMDA3MmQyY2U5Y2Y1NjJiODMxOThlZGFhZGFmYTQ4
ZjZkYjQwHhcNMjMwMTAxMTMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzc2MmEzYTUzMzkwYjM1NmZhNTJkYzIyOWExNTRmODI5YmQ4ZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsTtjhs4HP5FMBJWn25hBQ3kFqdJ
lWW+4DEntSXOyvANEMbLCoT+F5H8FHDEuIQ3tQwieKgxdXMdGmMrMIrvvAcKr85Q
JhmYx8UGFygglQqUNliANtcrx/d5Akkb0M1pyMOGCVgJ0/14Gzt6leacn7tGo7Ph
tKUl/3BIhVjPC2P61jNLEPCQddNF5Id4eEEPZIAVk1obNTDBW8rxFnDgtWyzBCGU
7vMF3di6fE0hP8xBA/+fUFRkHiauGfZb0TVHIEsip8KT1/Q37+lpdZR+qpjev8CO
RzCGC+pHNEpubzxM66ZmGWK+Xo8zpc5lAdWM0U8laD2QzfdRGLQDC2m/7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFId2KjpTOQs1b6UtwimhVPgpvY2xMB8GA1UdIwQY
MBaAFKHBMActLOnPViuDGY7ara+kj220MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2NFd0J5MHM2YzlXSzRNWmp0cXRyNlNQYmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9mNWJiNTEtNzA4Zi00ZGQyLTg4MGYt
ODdkOTA1NjFhYTQ4LzEvaDNZcU9sTTVDelZ2cFMzQ0thRlUtQ205amJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9mNWJiNTEtNzA4Zi00ZGQyLTg4MGYtODdkOTA1NjFhYTQ4
LzEvb2NFd0J5MHM2YzlXSzRNWmp0cXRyNlNQYmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+XMA0G
CSqGSIb3DQEBCwUAA4IBAQBZO5W1qWTYALuBkPca7yXTZV4eO1N49O6rLsADjHmD
E+/Viqc7yrC0SqmywKFj0cqqebp92M1EXFsvOFgUCWpT7trg7ZRQCTU2Lqp9PcSP
0l0bQ+dn8dbtExKvdtEtz6FyaN2uEEnhiYktSOnahgV3icMn93GX0n8xSCTZ7iWb
0qQ1wGpNbdBCqTAqsK/HqEHJglpnIhgBSbQ5pME1AJxSzdd8IT5SPDmEdjIXLMhJ
JeyHR25YNCW3yTn/vjf9i/GNoj456ZZqxpdRE35Bz4Wnu1Ty38IiDHSwpn5wgU1T
o4M0MhunTphSgpUJVgH1ONWqPnyg7MxSA89tPMrK3xnJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:26 2024 by rpki-client on console-ams.rpki-client.org