Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/RCb6oHV3PPbvk3oHcNmjg7T0Ogg.roa
File:                     RCb6oHV3PPbvk3oHcNmjg7T0Ogg.roa (raw, json)
Hash identifier:          0y4NUy5bBrvqfSx5sJNnpKENn6mhywpOBQTt2simNK8=
Subject key identifier:   44:26:FA:A0:75:77:3C:F6:EF:93:7A:07:70:D9:A3:83:B4:F4:3A:08
Certificate issuer:       /CN=cced992030531e7e8b518aefd9e267cc528eda9a
Certificate serial:       01856FCB85AADC8AF51EBFEA95A76DF88EA6
Authority key identifier: CC:ED:99:20:30:53:1E:7E:8B:51:8A:EF:D9:E2:67:CC:52:8E:DA:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zO2ZIDBTHn6LUYrv2eJnzFKO2po.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/RCb6oHV3PPbvk3oHcNmjg7T0Ogg.roa
Signing time:             Mon 02 Jan 2023 00:04:46 +0000
ROA not before:           Mon 02 Jan 2023 00:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211975
IP address blocks:        195.170.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 16 Jul 2023 05:13:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:85:aa:dc:8a:f5:1e:bf:ea:95:a7:6d:f8:8e:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cced992030531e7e8b518aefd9e267cc528eda9a
        Validity
            Not Before: Jan  2 00:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4426faa075773cf6ef937a0770d9a383b4f43a08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:36:de:41:5d:bf:67:51:2c:01:76:82:9c:f4:
                    16:17:7a:8e:92:e1:f5:24:68:0f:36:01:a3:1a:61:
                    3c:c5:05:15:90:7d:a0:92:53:33:67:8c:17:f9:e5:
                    52:05:7d:60:a4:d1:dc:3a:5a:2a:9b:f0:77:c6:90:
                    b5:60:98:04:bc:d9:9a:e3:55:de:09:4d:1d:69:69:
                    9f:0f:e1:f9:c4:fa:40:e5:a6:60:6c:c1:06:d5:cc:
                    79:fd:d9:1d:83:18:3b:93:d2:45:d1:d9:7f:ae:b8:
                    8b:ec:6e:e4:96:42:9d:f2:4a:0a:f1:1d:cc:65:e9:
                    5c:15:34:76:f1:99:7d:8a:74:57:07:a7:59:90:80:
                    dd:e9:8a:24:0c:ee:a1:a3:8e:45:fa:21:a8:f6:38:
                    7c:a4:38:8f:76:fc:07:1f:36:c3:7e:30:78:bd:6a:
                    cc:9d:23:aa:53:e7:e9:ad:ec:46:5e:55:9e:f6:40:
                    22:82:e4:8b:67:3d:a3:38:23:f6:49:c0:20:10:43:
                    fa:5d:66:a4:cc:ea:f9:49:68:38:c7:5a:28:96:20:
                    db:cf:5f:d9:7f:66:2a:a4:ec:f1:79:c3:68:71:7f:
                    72:d8:66:64:10:fe:ad:42:c5:5b:59:92:96:da:85:
                    3b:a9:ed:a4:16:60:d8:87:b8:28:2b:5e:e3:56:ec:
                    1f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:26:FA:A0:75:77:3C:F6:EF:93:7A:07:70:D9:A3:83:B4:F4:3A:08
            X509v3 Authority Key Identifier:
                keyid:CC:ED:99:20:30:53:1E:7E:8B:51:8A:EF:D9:E2:67:CC:52:8E:DA:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zO2ZIDBTHn6LUYrv2eJnzFKO2po.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/RCb6oHV3PPbvk3oHcNmjg7T0Ogg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/zO2ZIDBTHn6LUYrv2eJnzFKO2po.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.170.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:2e:eb:e4:fd:14:09:e8:b6:05:38:83:fe:a7:8b:94:07:4f:
         26:8b:d5:bf:5a:62:b4:db:c2:42:95:c6:b3:d9:17:27:42:f0:
         bc:f6:4d:fb:7f:3d:63:6e:f2:3a:57:a5:be:dc:08:59:d0:da:
         ac:4f:47:3f:61:fe:e8:d1:57:94:67:18:6a:01:19:53:cd:d4:
         b5:15:49:c7:d6:4b:8c:42:11:dc:91:24:a2:81:ab:96:d5:a2:
         81:c4:60:d3:f7:f4:54:b5:c6:09:bc:d4:dd:26:e8:fd:ac:1d:
         7f:b1:97:dc:e7:9f:2d:ac:5f:a0:3e:4c:2d:1b:3d:be:e7:43:
         cf:09:19:42:64:a3:f8:54:cd:c9:09:38:ba:b0:23:45:b7:fe:
         45:a6:b3:e0:dc:14:f3:c7:58:39:e6:8a:5c:7f:65:4c:8b:8a:
         a7:df:f4:f1:6b:69:29:e2:39:9b:13:b0:ce:bf:cf:c2:b8:e8:
         4a:5b:5c:ec:b0:f2:56:5f:98:ee:fb:2a:a2:73:b6:67:c9:95:
         ee:20:a4:8b:d5:47:2e:b8:ee:1f:c6:ae:71:ed:aa:09:04:3d:
         b9:8a:c4:a5:60:25:83:ee:fa:48:9b:24:41:85:d5:56:d3:2c:
         f4:dd:cc:f5:bf:24:8c:88:fc:31:3c:a5:2c:2b:79:94:32:00:
         47:3f:2f:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy4Wq3Ir1Hr/qladt+I6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZWQ5OTIwMzA1MzFlN2U4YjUxOGFlZmQ5ZTI2N2NjNTI4
ZWRhOWEwHhcNMjMwMTAyMDAwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDI2ZmFhMDc1NzczY2Y2ZWY5MzdhMDc3MGQ5YTM4M2I0ZjQzYTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTbeQV2/Z1EsAXaCnPQWF3qOkuH1
JGgPNgGjGmE8xQUVkH2gklMzZ4wX+eVSBX1gpNHcOloqm/B3xpC1YJgEvNma41Xe
CU0daWmfD+H5xPpA5aZgbMEG1cx5/dkdgxg7k9JF0dl/rriL7G7klkKd8koK8R3M
ZelcFTR28Zl9inRXB6dZkIDd6YokDO6ho45F+iGo9jh8pDiPdvwHHzbDfjB4vWrM
nSOqU+fprexGXlWe9kAiguSLZz2jOCP2ScAgEEP6XWakzOr5SWg4x1ooliDbz1/Z
f2YqpOzxecNocX9y2GZkEP6tQsVbWZKW2oU7qe2kFmDYh7goK17jVuwfgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQm+qB1dzz275N6B3DZo4O09DoIMB8GA1UdIwQY
MBaAFMztmSAwUx5+i1GK79niZ8xSjtqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek8yWklEQlRIbjZMVVlydjJlSm56RktPMnBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMDVlNzctZjMwMS00MTI1LTkxMTgt
ZTRkMWYwYTI3YjIxLzEvUkNiNm9IVjNQUGJ2azNvSGNObWpnN1QwT2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMDVlNzctZjMwMS00MTI1LTkxMTgtZTRkMWYwYTI3YjIx
LzEvek8yWklEQlRIbjZMVVlydjJlSm56RktPMnBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qjMA0G
CSqGSIb3DQEBCwUAA4IBAQCYLuvk/RQJ6LYFOIP+p4uUB08mi9W/WmK028JClcaz
2RcnQvC89k37fz1jbvI6V6W+3AhZ0NqsT0c/Yf7o0VeUZxhqARlTzdS1FUnH1kuM
QhHckSSigauW1aKBxGDT9/RUtcYJvNTdJuj9rB1/sZfc558trF+gPkwtGz2+50PP
CRlCZKP4VM3JCTi6sCNFt/5FprPg3BTzx1g55opcf2VMi4qn3/Txa2kp4jmbE7DO
v8/CuOhKW1zssPJWX5ju+yqic7ZnyZXuIKSL1UcuuO4fxq5x7aoJBD25isSlYCWD
7vpImyRBhdVW0yz03cz1vySMiPwxPKUsK3mUMgBHPy95
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:53 2024 by rpki-client on console-fra.rpki-client.org