Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/ahm-NFky_KWUScBBkU_x0reC1DI.roa
File:                     ahm-NFky_KWUScBBkU_x0reC1DI.roa (raw, json)
Hash identifier:          QYIuK3GueN/2sLn7yT6NQbscVpWS2D0x4oY+dW3J4As=
Subject key identifier:   6A:19:BE:34:59:32:FC:A5:94:49:C0:41:91:4F:F1:D2:B7:82:D4:32
Certificate issuer:       /CN=cced992030531e7e8b518aefd9e267cc528eda9a
Certificate serial:       018B6817403533EA72A651277D377A7A0DE1
Authority key identifier: CC:ED:99:20:30:53:1E:7E:8B:51:8A:EF:D9:E2:67:CC:52:8E:DA:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zO2ZIDBTHn6LUYrv2eJnzFKO2po.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/ahm-NFky_KWUScBBkU_x0reC1DI.roa
Signing time:             Wed 25 Oct 2023 18:27:16 +0000
ROA not before:           Wed 25 Oct 2023 18:27:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        195.170.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 04 Nov 2023 11:39:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:68:17:40:35:33:ea:72:a6:51:27:7d:37:7a:7a:0d:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cced992030531e7e8b518aefd9e267cc528eda9a
        Validity
            Not Before: Oct 25 18:27:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a19be345932fca59449c041914ff1d2b782d432
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:26:3c:8b:62:f5:5b:58:ba:1b:97:8c:fc:8c:
                    20:fa:2a:e8:66:92:6b:9f:fc:8a:89:cc:e2:2b:7a:
                    00:30:ad:e0:2c:68:e0:ed:41:b0:1c:43:85:9d:b3:
                    1e:ea:07:c2:5e:b7:72:5e:43:92:7a:8c:49:0f:db:
                    25:fa:92:a3:c5:36:6e:df:5d:4e:5b:db:2c:53:7e:
                    6a:b9:83:ae:82:f8:98:4a:20:85:31:34:bf:07:96:
                    a6:de:37:70:95:1e:0b:ac:9f:44:f2:ee:66:5f:6e:
                    f7:f9:45:1c:9b:c5:75:2d:91:38:fe:46:65:77:03:
                    96:59:cc:38:28:05:87:62:91:39:50:92:7f:01:23:
                    9e:3b:48:26:5e:bb:aa:33:ce:ed:08:e4:bc:e3:3d:
                    82:cf:f5:6d:6a:c8:9d:87:5e:56:ce:cc:00:9d:ae:
                    4f:5d:eb:96:15:48:9f:f5:4a:86:90:12:a4:21:bc:
                    be:2d:b0:08:c1:1d:b3:20:45:a3:86:bf:f8:56:cb:
                    9c:5b:1e:5f:96:7f:32:4c:2f:6b:86:ad:73:c8:fb:
                    17:96:82:34:55:47:73:24:8a:4a:9f:f4:ec:7b:e9:
                    8b:41:5d:1e:3e:e7:7f:8d:92:0b:c5:9e:ef:c8:a2:
                    91:9d:09:36:52:5a:c6:37:7c:cc:7d:98:51:2d:03:
                    e4:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:19:BE:34:59:32:FC:A5:94:49:C0:41:91:4F:F1:D2:B7:82:D4:32
            X509v3 Authority Key Identifier:
                keyid:CC:ED:99:20:30:53:1E:7E:8B:51:8A:EF:D9:E2:67:CC:52:8E:DA:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zO2ZIDBTHn6LUYrv2eJnzFKO2po.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/ahm-NFky_KWUScBBkU_x0reC1DI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/zO2ZIDBTHn6LUYrv2eJnzFKO2po.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.170.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:df:2f:02:9c:70:e2:fa:03:96:8d:de:d8:24:89:4d:fa:6b:
         7a:73:e9:fb:ac:79:86:47:03:c8:3a:38:d6:0d:59:7a:79:36:
         45:ab:61:96:14:25:88:9a:fe:05:2e:93:45:b2:d6:10:0d:d4:
         8e:d4:ef:6e:07:2d:62:59:4f:98:7d:c7:69:78:fd:21:29:9b:
         49:08:c3:2e:e1:65:e2:37:81:1e:b8:7a:90:c3:c5:4c:00:53:
         f1:1a:5e:93:5b:8c:51:39:57:84:32:ce:b4:a4:e0:b6:da:49:
         3f:2d:83:ba:87:79:ff:72:04:33:8d:e6:98:b6:3c:13:2a:b4:
         ce:49:2e:a9:70:89:ef:fc:a9:4c:0c:5c:a5:4c:7f:86:5a:97:
         ab:81:cc:ce:b0:77:ff:6c:f6:ba:d5:67:62:9e:e0:9c:4a:aa:
         34:06:f7:16:1f:80:ea:e7:3c:33:70:51:d9:59:25:4e:01:47:
         2b:1d:60:81:be:61:12:79:98:03:ac:40:ec:27:33:35:19:fe:
         af:e3:aa:40:3a:66:00:ce:2b:96:6b:fc:1c:c2:f8:c1:e7:1e:
         9b:49:31:d6:52:61:c1:3d:05:23:2f:af:6d:6b:ad:60:a7:12:
         e9:79:30:54:3c:73:9a:02:35:e0:58:6d:11:1c:a8:3d:0d:a5:
         5f:a6:86:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtoF0A1M+pyplEnfTd6eg3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZWQ5OTIwMzA1MzFlN2U4YjUxOGFlZmQ5ZTI2N2NjNTI4
ZWRhOWEwHhcNMjMxMDI1MTgyNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTE5YmUzNDU5MzJmY2E1OTQ0OWMwNDE5MTRmZjFkMmI3ODJkNDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yY8i2L1W1i6G5eM/Iwg+iroZpJr
n/yKicziK3oAMK3gLGjg7UGwHEOFnbMe6gfCXrdyXkOSeoxJD9sl+pKjxTZu311O
W9ssU35quYOugviYSiCFMTS/B5am3jdwlR4LrJ9E8u5mX273+UUcm8V1LZE4/kZl
dwOWWcw4KAWHYpE5UJJ/ASOeO0gmXruqM87tCOS84z2Cz/Vtasidh15WzswAna5P
XeuWFUif9UqGkBKkIby+LbAIwR2zIEWjhr/4VsucWx5fln8yTC9rhq1zyPsXloI0
VUdzJIpKn/Tse+mLQV0ePud/jZILxZ7vyKKRnQk2UlrGN3zMfZhRLQPkpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoZvjRZMvyllEnAQZFP8dK3gtQyMB8GA1UdIwQY
MBaAFMztmSAwUx5+i1GK79niZ8xSjtqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek8yWklEQlRIbjZMVVlydjJlSm56RktPMnBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMDVlNzctZjMwMS00MTI1LTkxMTgt
ZTRkMWYwYTI3YjIxLzEvYWhtLU5Ga3lfS1dVU2NCQmtVX3gwcmVDMURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMDVlNzctZjMwMS00MTI1LTkxMTgtZTRkMWYwYTI3YjIx
LzEvek8yWklEQlRIbjZMVVlydjJlSm56RktPMnBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qjMA0G
CSqGSIb3DQEBCwUAA4IBAQBG3y8CnHDi+gOWjd7YJIlN+mt6c+n7rHmGRwPIOjjW
DVl6eTZFq2GWFCWImv4FLpNFstYQDdSO1O9uBy1iWU+YfcdpeP0hKZtJCMMu4WXi
N4EeuHqQw8VMAFPxGl6TW4xROVeEMs60pOC22kk/LYO6h3n/cgQzjeaYtjwTKrTO
SS6pcInv/KlMDFylTH+GWpergczOsHf/bPa61WdinuCcSqo0BvcWH4Dq5zwzcFHZ
WSVOAUcrHWCBvmESeZgDrEDsJzM1Gf6v46pAOmYAziuWa/wcwvjB5x6bSTHWUmHB
PQUjL69ta61gpxLpeTBUPHOaAjXgWG0RHKg9DaVfpob9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:47 2024 by rpki-client on console-ams.rpki-client.org