Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/n7PFQ-mi-pzMglqh_1449Wugo14.roa
File:                     n7PFQ-mi-pzMglqh_1449Wugo14.roa (raw, json)
Hash identifier:          7UinTIU6Wq8s/Z3n5RihYKzLviMq+qn0vRr28ctAtdo=
Subject key identifier:   9F:B3:C5:43:E9:A2:FA:9C:CC:82:5A:A1:FF:5E:38:F5:6B:A0:A3:5E
Certificate issuer:       /CN=cced992030531e7e8b518aefd9e267cc528eda9a
Certificate serial:       018BB914E882C67C393894947AF57FC3CCDD
Authority key identifier: CC:ED:99:20:30:53:1E:7E:8B:51:8A:EF:D9:E2:67:CC:52:8E:DA:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zO2ZIDBTHn6LUYrv2eJnzFKO2po.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/n7PFQ-mi-pzMglqh_1449Wugo14.roa
Signing time:             Fri 10 Nov 2023 11:53:57 +0000
ROA not before:           Fri 10 Nov 2023 11:53:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210107
IP address blocks:        195.170.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Dec 2023 13:13:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b9:14:e8:82:c6:7c:39:38:94:94:7a:f5:7f:c3:cc:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cced992030531e7e8b518aefd9e267cc528eda9a
        Validity
            Not Before: Nov 10 11:53:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9fb3c543e9a2fa9ccc825aa1ff5e38f56ba0a35e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f4:57:30:58:72:b2:e9:d6:18:0a:c7:ad:1a:
                    d4:ca:82:6c:4d:6b:b3:8c:15:cc:3c:66:71:8d:2c:
                    f4:94:e3:68:2d:a1:f3:6d:19:0c:2b:5b:6f:d3:90:
                    60:cc:93:33:be:4d:ec:99:67:b1:3f:f6:f5:e4:84:
                    0c:ee:00:a0:2f:b6:4b:a5:7b:e7:c4:df:70:e2:06:
                    ca:3b:a1:bc:28:c2:c8:1a:ea:0b:a4:1e:ec:e6:b6:
                    5b:2d:71:27:f2:35:8d:2f:ba:92:fb:6d:86:ea:3d:
                    17:2a:bb:10:6c:03:bd:93:29:f9:0c:10:91:f5:d8:
                    7c:ad:9f:9a:2c:03:f4:ab:cf:bb:d9:bc:e6:f2:4f:
                    0f:37:b2:58:3b:72:7a:55:69:1c:6c:e0:02:dd:63:
                    6d:3d:7a:5b:33:cf:00:ea:c7:92:8f:91:d8:ee:ac:
                    89:d8:47:13:61:97:04:c8:0c:7a:7a:51:6e:bb:4d:
                    1c:a3:2a:97:b5:dc:b0:98:ca:33:c3:bb:ad:8d:2b:
                    1f:2c:ee:07:25:ba:cc:6e:7f:c2:f0:86:99:48:11:
                    20:cc:94:18:57:71:22:db:2e:b2:a8:fc:b3:24:a7:
                    10:80:4c:ae:8c:12:ad:b4:16:cc:15:b0:7b:7a:da:
                    1b:ab:09:8d:62:2c:c0:47:e7:09:1d:a4:fc:30:2a:
                    3b:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:B3:C5:43:E9:A2:FA:9C:CC:82:5A:A1:FF:5E:38:F5:6B:A0:A3:5E
            X509v3 Authority Key Identifier:
                keyid:CC:ED:99:20:30:53:1E:7E:8B:51:8A:EF:D9:E2:67:CC:52:8E:DA:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zO2ZIDBTHn6LUYrv2eJnzFKO2po.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/n7PFQ-mi-pzMglqh_1449Wugo14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/zO2ZIDBTHn6LUYrv2eJnzFKO2po.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.170.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:66:d7:fe:ee:06:71:53:14:ae:93:fc:8d:61:88:02:09:25:
         7e:ad:b8:86:3c:eb:49:58:9c:57:73:db:76:ae:de:2c:ff:6c:
         e0:8b:27:26:22:d3:43:a3:7e:16:e3:b5:da:f9:b8:cd:16:76:
         c5:be:f7:8c:37:46:e7:f3:7c:59:23:07:a6:d4:3d:27:28:bf:
         60:53:62:8a:b4:00:f0:cf:90:ae:59:fe:1d:b6:45:37:7f:85:
         95:65:93:c9:0b:50:b0:0c:b0:cb:62:68:a9:15:13:4c:68:05:
         78:61:63:c5:a6:6e:7d:9c:a3:5c:bf:83:86:cb:92:2b:56:45:
         db:a0:61:f3:7b:cf:ee:43:15:c1:90:88:b2:ef:22:81:47:de:
         12:1a:50:2f:6b:2f:4e:54:1c:2c:34:c2:2d:32:28:4a:e4:59:
         62:07:17:a0:7b:6a:00:8c:ca:10:12:03:07:33:36:ea:90:ea:
         97:b7:82:72:01:63:34:e3:ee:d0:a3:f5:d5:a2:be:a0:05:0b:
         74:c5:a3:31:0c:cb:58:f3:5a:02:cd:2a:12:f5:e2:05:0e:27:
         64:0b:35:4a:98:f7:30:bc:53:67:ad:16:18:fb:89:dc:1e:0c:
         0d:7e:dd:72:27:88:33:8a:49:63:13:fc:4a:1c:97:68:c6:39:
         59:83:e5:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu5FOiCxnw5OJSUevV/w8zdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZWQ5OTIwMzA1MzFlN2U4YjUxOGFlZmQ5ZTI2N2NjNTI4
ZWRhOWEwHhcNMjMxMTEwMTE1MzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmIzYzU0M2U5YTJmYTljY2M4MjVhYTFmZjVlMzhmNTZiYTBhMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvRXMFhysunWGArHrRrUyoJsTWuz
jBXMPGZxjSz0lONoLaHzbRkMK1tv05BgzJMzvk3smWexP/b15IQM7gCgL7ZLpXvn
xN9w4gbKO6G8KMLIGuoLpB7s5rZbLXEn8jWNL7qS+22G6j0XKrsQbAO9kyn5DBCR
9dh8rZ+aLAP0q8+72bzm8k8PN7JYO3J6VWkcbOAC3WNtPXpbM88A6seSj5HY7qyJ
2EcTYZcEyAx6elFuu00coyqXtdywmMozw7utjSsfLO4HJbrMbn/C8IaZSBEgzJQY
V3Ei2y6yqPyzJKcQgEyujBKttBbMFbB7etobqwmNYizAR+cJHaT8MCo7cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+zxUPpovqczIJaof9eOPVroKNeMB8GA1UdIwQY
MBaAFMztmSAwUx5+i1GK79niZ8xSjtqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek8yWklEQlRIbjZMVVlydjJlSm56RktPMnBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMDVlNzctZjMwMS00MTI1LTkxMTgt
ZTRkMWYwYTI3YjIxLzEvbjdQRlEtbWktcHpNZ2xxaF8xNDQ5V3VnbzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMDVlNzctZjMwMS00MTI1LTkxMTgtZTRkMWYwYTI3YjIx
LzEvek8yWklEQlRIbjZMVVlydjJlSm56RktPMnBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qjMA0G
CSqGSIb3DQEBCwUAA4IBAQBVZtf+7gZxUxSuk/yNYYgCCSV+rbiGPOtJWJxXc9t2
rt4s/2zgiycmItNDo34W47Xa+bjNFnbFvveMN0bn83xZIwem1D0nKL9gU2KKtADw
z5CuWf4dtkU3f4WVZZPJC1CwDLDLYmipFRNMaAV4YWPFpm59nKNcv4OGy5IrVkXb
oGHze8/uQxXBkIiy7yKBR94SGlAvay9OVBwsNMItMihK5FliBxege2oAjMoQEgMH
MzbqkOqXt4JyAWM04+7Qo/XVor6gBQt0xaMxDMtY81oCzSoS9eIFDidkCzVKmPcw
vFNnrRYY+4ncHgwNft1yJ4gzikljE/xKHJdoxjlZg+Xv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:53 2024 by rpki-client on console-fra.rpki-client.org