Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/CFMg9i9AWTJkmIgiGh0jrT4ER4I.roa
File:                     CFMg9i9AWTJkmIgiGh0jrT4ER4I.roa (raw, json)
Hash identifier:          +rZYA3dkDF0/PhU4KYeBR1M6NlDhGehknclF/vORqug=
Subject key identifier:   08:53:20:F6:2F:40:59:32:64:98:88:22:1A:1D:23:AD:3E:04:47:82
Certificate issuer:       /CN=f7af76989ed464fd9a5489fff7fb98cc2d2f93e4
Certificate serial:       018572DF0497B715FEA148C1D522BA51EBC7
Authority key identifier: F7:AF:76:98:9E:D4:64:FD:9A:54:89:FF:F7:FB:98:CC:2D:2F:93:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9692mJ7UZP2aVIn_9_uYzC0vk-Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/CFMg9i9AWTJkmIgiGh0jrT4ER4I.roa
Signing time:             Mon 02 Jan 2023 14:24:56 +0000
ROA not before:           Mon 02 Jan 2023 14:24:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29130
IP address blocks:        195.47.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:df:04:97:b7:15:fe:a1:48:c1:d5:22:ba:51:eb:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7af76989ed464fd9a5489fff7fb98cc2d2f93e4
        Validity
            Not Before: Jan  2 14:24:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=085320f62f405932649888221a1d23ad3e044782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:0d:82:a8:83:79:a6:bf:8e:9f:29:0b:cd:ef:
                    cd:6c:d8:54:db:d4:90:06:f3:d4:d1:08:43:d7:78:
                    56:02:2e:04:f8:5e:63:b5:96:fd:ae:0a:da:8f:d5:
                    33:55:19:d4:0b:2e:bf:86:2a:a8:75:94:1e:bb:9c:
                    98:a5:ea:2d:ce:12:f2:93:df:1b:3b:29:07:1a:12:
                    dc:af:1c:9d:53:8f:f5:eb:de:89:15:d7:1f:e9:73:
                    54:2e:38:be:1e:5d:93:de:eb:79:32:09:97:f1:cc:
                    0a:24:74:d4:43:0b:39:8f:f4:de:93:4c:2a:3a:9f:
                    13:7b:4d:be:0a:18:70:52:76:6d:a2:f8:0c:0b:6c:
                    5d:c9:db:8e:01:c9:28:4a:b2:e0:cd:d7:a8:eb:11:
                    7c:19:75:37:11:33:5e:82:2f:66:b2:e8:b0:60:b9:
                    c0:a4:79:62:c9:a7:be:df:0c:97:05:73:f4:8d:18:
                    68:0b:9a:0d:30:bf:5c:0b:61:83:24:f8:70:ef:8a:
                    d0:91:b8:e2:94:eb:30:d6:a5:bb:19:1f:ef:c7:43:
                    4d:8a:c5:40:74:57:39:ec:e3:b7:22:64:63:65:59:
                    65:58:6d:b6:83:2e:30:a6:78:34:b7:fa:a0:1b:c8:
                    12:46:b3:18:f6:e6:78:f4:5a:99:4b:a0:91:f3:ce:
                    a9:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:53:20:F6:2F:40:59:32:64:98:88:22:1A:1D:23:AD:3E:04:47:82
            X509v3 Authority Key Identifier:
                keyid:F7:AF:76:98:9E:D4:64:FD:9A:54:89:FF:F7:FB:98:CC:2D:2F:93:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9692mJ7UZP2aVIn_9_uYzC0vk-Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/CFMg9i9AWTJkmIgiGh0jrT4ER4I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/9692mJ7UZP2aVIn_9_uYzC0vk-Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.47.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:ff:b9:06:ae:03:e5:3f:bf:5e:c3:3b:e2:da:e3:ed:ef:36:
         06:55:9d:20:75:09:f8:de:74:df:ce:c3:70:df:c2:95:98:74:
         15:22:01:9e:63:bc:fe:6f:f4:7b:2a:aa:63:92:c9:88:40:76:
         a9:f3:27:2d:3f:fd:87:8b:7a:57:63:92:53:c3:70:7e:94:0d:
         64:d1:70:23:e5:06:c2:87:2b:69:11:88:6d:8a:b1:8f:52:5e:
         23:73:aa:a4:5f:cf:74:ba:cd:f2:7a:3e:51:88:61:a8:4b:f6:
         fc:32:0b:ad:9e:40:41:f4:b5:91:14:74:e2:8e:c4:18:bf:50:
         f7:ad:b9:24:3b:37:64:30:77:5e:38:16:68:a1:03:c2:e3:32:
         f0:f5:1b:63:4c:b2:3a:05:72:7f:08:d2:ba:a3:71:7b:d9:9c:
         a4:3e:87:cc:dd:0e:9f:c8:11:1a:c1:df:d9:de:0a:35:89:cc:
         fa:23:90:84:95:9c:e3:9f:31:03:36:5f:6a:39:13:3c:44:76:
         c3:55:0f:1c:c2:c2:71:c1:a6:20:fb:30:83:ad:e8:3f:6e:82:
         d2:2a:f7:4c:4c:3a:8b:ff:7b:da:83:3f:f8:d1:58:6f:69:5c:
         a1:64:b1:9b:ae:d3:a5:f7:f8:02:d0:a5:bb:f4:c3:0c:43:3f:
         34:af:e2:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy3wSXtxX+oUjB1SK6UevHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWY3Njk4OWVkNDY0ZmQ5YTU0ODlmZmY3ZmI5OGNjMmQy
ZjkzZTQwHhcNMjMwMTAyMTQyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUzMjBmNjJmNDA1OTMyNjQ5ODg4MjIxYTFkMjNhZDNlMDQ0NzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ2CqIN5pr+OnykLze/NbNhU29SQ
BvPU0QhD13hWAi4E+F5jtZb9rgraj9UzVRnUCy6/hiqodZQeu5yYpeotzhLyk98b
OykHGhLcrxydU4/1696JFdcf6XNULji+Hl2T3ut5MgmX8cwKJHTUQws5j/Tek0wq
Op8Te02+ChhwUnZtovgMC2xdyduOAckoSrLgzdeo6xF8GXU3ETNegi9msuiwYLnA
pHliyae+3wyXBXP0jRhoC5oNML9cC2GDJPhw74rQkbjilOsw1qW7GR/vx0NNisVA
dFc57OO3ImRjZVllWG22gy4wpng0t/qgG8gSRrMY9uZ49FqZS6CR886pywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhTIPYvQFkyZJiIIhodI60+BEeCMB8GA1UdIwQY
MBaAFPevdpie1GT9mlSJ//f7mMwtL5PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTY5Mm1KN1VaUDJhVkluXzlfdVl6QzB2ay1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kNjYzY2EtYWRmNi00MWMyLTkzYzEt
NjBiMWRlNmMzOGQxLzEvQ0ZNZzlpOUFXVEprbUlnaUdoMGpyVDRFUjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kNjYzY2EtYWRmNi00MWMyLTkzYzEtNjBiMWRlNmMzOGQx
LzEvOTY5Mm1KN1VaUDJhVkluXzlfdVl6QzB2ay1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/4MA0G
CSqGSIb3DQEBCwUAA4IBAQB5/7kGrgPlP79ewzvi2uPt7zYGVZ0gdQn43nTfzsNw
38KVmHQVIgGeY7z+b/R7KqpjksmIQHap8yctP/2Hi3pXY5JTw3B+lA1k0XAj5QbC
hytpEYhtirGPUl4jc6qkX890us3yej5RiGGoS/b8MgutnkBB9LWRFHTijsQYv1D3
rbkkOzdkMHdeOBZooQPC4zLw9RtjTLI6BXJ/CNK6o3F72ZykPofM3Q6fyBEawd/Z
3go1icz6I5CElZzjnzEDNl9qORM8RHbDVQ8cwsJxwaYg+zCDreg/boLSKvdMTDqL
/3vagz/40VhvaVyhZLGbrtOl9/gC0KW79MMMQz80r+Je
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:05 2024 by rpki-client on console-ams.rpki-client.org