Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/AmE6AtxdebDd6gsjtMxWUfAzqag.roa
File:                     AmE6AtxdebDd6gsjtMxWUfAzqag.roa (raw, json)
Hash identifier:          oiPVeaKekzC8nQ+OR1SsYeHfBqlxopaVl4Kj9iZAQJQ=
Subject key identifier:   02:61:3A:02:DC:5D:79:B0:DD:EA:0B:23:B4:CC:56:51:F0:33:A9:A8
Certificate issuer:       /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial:       01856C53F6D1C5FA8F55905B8B21DA1810EC
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/AmE6AtxdebDd6gsjtMxWUfAzqag.roa
Signing time:             Sun 01 Jan 2023 07:55:20 +0000
ROA not before:           Sun 01 Jan 2023 07:55:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212790
IP address blocks:        195.114.136.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:f6:d1:c5:fa:8f:55:90:5b:8b:21:da:18:10:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
        Validity
            Not Before: Jan  1 07:55:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=02613a02dc5d79b0ddea0b23b4cc5651f033a9a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:fa:90:ac:67:07:c5:a5:11:ce:ee:d8:61:66:
                    bd:58:85:db:f2:25:e1:0f:04:56:80:29:a7:9d:fd:
                    aa:7a:01:3f:61:86:0b:5d:3a:ac:07:cc:67:64:98:
                    05:c0:5a:0a:ca:f1:06:05:7b:26:f3:14:b3:eb:00:
                    df:5c:34:0b:63:78:b9:42:05:d4:82:f7:4b:25:1a:
                    a1:3b:07:2b:d4:b2:37:1c:06:2c:b6:68:74:cf:03:
                    35:37:b2:2f:cc:27:92:9f:8c:dc:2f:5f:c7:22:8e:
                    54:e3:03:48:7f:82:a4:59:c6:2b:3e:d1:ea:c1:a8:
                    3b:80:8f:64:a3:bd:f5:9c:2f:65:11:c7:bc:f5:15:
                    fe:06:e9:3d:cf:c9:ba:81:3f:e4:63:79:8c:7c:47:
                    aa:71:76:20:73:35:b8:5e:b8:3b:db:1e:3f:cc:c4:
                    e7:f1:4f:9b:28:95:a3:1a:bd:1f:79:8e:7f:61:23:
                    25:d2:b4:d4:58:2e:3e:a8:73:9e:c2:ab:c2:58:66:
                    3e:2e:53:18:90:87:48:a1:ad:52:67:ff:c5:34:76:
                    1a:80:9a:49:35:af:0d:64:b9:a2:14:54:a6:85:c5:
                    88:69:46:05:fe:df:12:f8:52:25:bc:ee:f2:85:1e:
                    5c:87:82:9a:3c:a1:e4:16:62:cb:49:ae:33:85:26:
                    fa:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:61:3A:02:DC:5D:79:B0:DD:EA:0B:23:B4:CC:56:51:F0:33:A9:A8
            X509v3 Authority Key Identifier:
                keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/AmE6AtxdebDd6gsjtMxWUfAzqag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.114.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:dd:0b:6f:be:fa:28:4c:0f:59:50:d0:80:b2:c6:22:e9:2d:
         f1:4a:65:3b:4a:62:7b:b3:28:a3:9d:4e:c8:80:6c:e9:e3:1a:
         d9:85:5c:4e:43:31:65:19:14:6a:c5:74:39:2c:a4:be:4d:30:
         b7:07:a3:64:b6:37:6d:e9:70:ee:5b:0b:05:43:4f:5a:02:78:
         eb:27:46:62:b3:7f:26:00:b6:02:8e:7a:42:d2:50:46:cf:bf:
         85:cb:f5:df:8d:a4:2c:da:13:1e:70:a2:84:b3:c0:93:51:2b:
         06:2f:95:5d:22:f7:09:8d:48:3d:e1:51:a4:06:04:83:b5:76:
         0a:5e:20:ac:cf:a2:93:9a:bd:b2:7b:e7:d8:37:93:7a:78:1f:
         92:3f:73:79:ff:7b:49:29:84:3d:f8:69:4b:59:ca:b8:d2:99:
         8e:f0:90:ab:bd:08:fd:6c:d8:b4:34:17:7e:2d:76:0f:9e:2c:
         bd:d1:23:93:5e:1b:88:76:7f:64:ea:cd:54:76:e0:b8:cb:81:
         13:a0:5d:72:8c:58:32:32:fd:3b:b0:d5:c1:0b:9d:59:49:79:
         19:02:7d:a5:5b:a6:2a:60:e5:51:00:99:9e:a8:00:dd:aa:2b:
         39:5a:c6:1b:23:66:38:a4:9e:5e:c7:92:32:e0:34:10:6b:4f:
         24:fb:b1:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU/bRxfqPVZBbiyHaGBDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjMwMTAxMDc1NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjYxM2EwMmRjNWQ3OWIwZGRlYTBiMjNiNGNjNTY1MWYwMzNhOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/qQrGcHxaURzu7YYWa9WIXb8iXh
DwRWgCmnnf2qegE/YYYLXTqsB8xnZJgFwFoKyvEGBXsm8xSz6wDfXDQLY3i5QgXU
gvdLJRqhOwcr1LI3HAYstmh0zwM1N7IvzCeSn4zcL1/HIo5U4wNIf4KkWcYrPtHq
wag7gI9ko731nC9lEce89RX+Buk9z8m6gT/kY3mMfEeqcXYgczW4Xrg72x4/zMTn
8U+bKJWjGr0feY5/YSMl0rTUWC4+qHOewqvCWGY+LlMYkIdIoa1SZ//FNHYagJpJ
Na8NZLmiFFSmhcWIaUYF/t8S+FIlvO7yhR5ch4KaPKHkFmLLSa4zhSb6LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJhOgLcXXmw3eoLI7TMVlHwM6moMB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEvQW1FNkF0eGRlYkRkNmdzanRNeFdVZkF6cWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3KIMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ3QtvvvooTA9ZUNCAssYi6S3xSmU7SmJ7syijnU7I
gGzp4xrZhVxOQzFlGRRqxXQ5LKS+TTC3B6Nktjdt6XDuWwsFQ09aAnjrJ0Zis38m
ALYCjnpC0lBGz7+Fy/XfjaQs2hMecKKEs8CTUSsGL5VdIvcJjUg94VGkBgSDtXYK
XiCsz6KTmr2ye+fYN5N6eB+SP3N5/3tJKYQ9+GlLWcq40pmO8JCrvQj9bNi0NBd+
LXYPniy90SOTXhuIdn9k6s1UduC4y4EToF1yjFgyMv07sNXBC51ZSXkZAn2lW6Yq
YOVRAJmeqADdqis5WsYbI2Y4pJ5ex5Iy4DQQa08k+7FM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:04 2024 by rpki-client on console-ams.rpki-client.org