Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/Am_USmKo4XX617nF52w85KBPwrE.roa
File:                     Am_USmKo4XX617nF52w85KBPwrE.roa (raw, json)
Hash identifier:          GH20P7+HkzYxNy9l6guLsmkjXSW7eDZ3LlY4v8pvoMw=
Subject key identifier:   02:6F:D4:4A:62:A8:E1:75:FA:D7:B9:C5:E7:6C:3C:E4:A0:4F:C2:B1
Certificate issuer:       /CN=1cbd5746e300091ded1a11a13b16807b4fd0f1fc
Certificate serial:       0185704BEAAE0B7EEA0F0ED52A0193A60D83
Authority key identifier: 1C:BD:57:46:E3:00:09:1D:ED:1A:11:A1:3B:16:80:7B:4F:D0:F1:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/Am_USmKo4XX617nF52w85KBPwrE.roa
Signing time:             Mon 02 Jan 2023 02:25:01 +0000
ROA not before:           Mon 02 Jan 2023 02:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8315
IP address blocks:        195.95.177.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:4b:ea:ae:0b:7e:ea:0f:0e:d5:2a:01:93:a6:0d:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cbd5746e300091ded1a11a13b16807b4fd0f1fc
        Validity
            Not Before: Jan  2 02:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=026fd44a62a8e175fad7b9c5e76c3ce4a04fc2b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:3a:03:a2:ba:33:2b:57:8b:94:ff:0d:49:80:
                    7e:0e:85:c7:1c:cc:5e:fc:6c:db:6c:49:b3:82:83:
                    62:17:da:90:86:84:00:c5:5b:24:82:37:b9:6e:ac:
                    eb:1d:3e:d6:37:2c:be:eb:c8:a6:6f:46:9f:7d:c5:
                    38:e1:a6:60:94:e2:1b:c3:a6:91:08:c6:3b:63:0a:
                    4c:2c:65:8e:95:05:6d:bc:b2:30:a6:b9:b2:da:6d:
                    6b:95:5c:c3:20:7f:ec:2a:64:40:63:ed:db:29:8a:
                    47:7a:90:80:de:ce:4d:64:6a:92:64:c9:d2:1f:48:
                    1e:f6:cd:e9:c2:5a:b3:db:44:9f:5a:16:13:28:72:
                    48:6c:2b:69:95:9a:6c:e5:bb:a5:b4:e3:fe:83:b5:
                    b5:9e:cf:61:6f:65:aa:5c:df:cd:3a:2d:cb:6a:79:
                    11:41:1c:58:f4:03:a1:48:c1:d5:a8:4a:17:01:db:
                    f1:64:7d:13:6b:45:a8:90:4d:33:34:ba:63:01:0d:
                    1a:b7:3e:cd:3c:70:17:32:d8:8b:73:1c:e7:44:19:
                    62:e4:31:a1:fd:72:a6:96:bb:48:e5:13:80:06:e2:
                    41:b9:53:9d:2c:de:69:5c:b5:69:c2:40:db:21:16:
                    09:f2:e2:ed:6c:94:f3:aa:53:41:4e:be:73:db:f5:
                    77:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:6F:D4:4A:62:A8:E1:75:FA:D7:B9:C5:E7:6C:3C:E4:A0:4F:C2:B1
            X509v3 Authority Key Identifier:
                keyid:1C:BD:57:46:E3:00:09:1D:ED:1A:11:A1:3B:16:80:7B:4F:D0:F1:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/Am_USmKo4XX617nF52w85KBPwrE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/HL1XRuMACR3tGhGhOxaAe0_Q8fw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:0c:66:1b:0b:54:64:11:aa:6f:25:54:11:40:a3:ea:6e:a3:
         21:a6:61:40:2a:09:d5:f9:a4:07:3a:08:bf:86:f5:b8:e3:3c:
         26:ca:db:85:85:37:43:58:d2:8e:36:b6:f5:b7:e1:b5:6c:39:
         b3:ec:ea:4a:2e:3e:ec:c0:ec:47:53:fa:49:46:6a:af:8c:41:
         1f:a2:2b:e3:14:cc:5e:3f:c5:b5:bd:d3:2b:28:d2:fd:74:7b:
         3e:75:3f:27:16:6d:f3:34:20:82:a2:ae:49:80:ef:da:e4:f0:
         ca:3d:48:02:24:6d:52:d9:05:b1:80:0f:8a:40:8e:da:19:fd:
         83:ac:5c:7b:02:73:b6:a0:a2:b5:57:1c:fe:ab:9f:71:7e:93:
         c0:ae:6d:cf:1f:19:ce:ba:94:59:d3:b7:3b:13:9c:9b:78:a2:
         a7:94:cd:c8:e0:0a:8b:72:39:fa:3f:ca:e6:d6:72:36:87:b7:
         1b:33:0b:fc:24:70:06:57:89:98:10:7f:3d:49:39:c1:c5:35:
         7f:4b:ae:d2:1a:e1:77:14:ff:97:2b:9e:77:f4:53:0c:f2:37:
         b5:71:25:74:55:3d:56:80:4e:24:39:0b:50:68:30:90:66:f0:
         f9:ec:53:2e:cf:2d:ed:dd:21:1a:c0:a5:0a:68:93:97:c2:41:
         cf:c8:fb:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS+quC37qDw7VKgGTpg2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYmQ1NzQ2ZTMwMDA5MWRlZDFhMTFhMTNiMTY4MDdiNGZk
MGYxZmMwHhcNMjMwMTAyMDIyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjZmZDQ0YTYyYThlMTc1ZmFkN2I5YzVlNzZjM2NlNGEwNGZjMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszoDorozK1eLlP8NSYB+DoXHHMxe
/GzbbEmzgoNiF9qQhoQAxVskgje5bqzrHT7WNyy+68imb0affcU44aZglOIbw6aR
CMY7YwpMLGWOlQVtvLIwprmy2m1rlVzDIH/sKmRAY+3bKYpHepCA3s5NZGqSZMnS
H0ge9s3pwlqz20SfWhYTKHJIbCtplZps5bultOP+g7W1ns9hb2WqXN/NOi3LankR
QRxY9AOhSMHVqEoXAdvxZH0Ta0WokE0zNLpjAQ0atz7NPHAXMtiLcxznRBli5DGh
/XKmlrtI5ROABuJBuVOdLN5pXLVpwkDbIRYJ8uLtbJTzqlNBTr5z2/V3eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJv1EpiqOF1+te5xedsPOSgT8KxMB8GA1UdIwQY
MBaAFBy9V0bjAAkd7RoRoTsWgHtP0PH8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEwxWFJ1TUFDUjN0R2hHaE94YUFlMF9ROGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lMzA4NmMtZDcyZi00MWVhLTk0NDQt
YmRlYTYzZTVhN2M0LzEvQW1fVVNtS280WFg2MTduRjUydzg1S0JQd3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9lMzA4NmMtZDcyZi00MWVhLTk0NDQtYmRlYTYzZTVhN2M0
LzEvSEwxWFJ1TUFDUjN0R2hHaE94YUFlMF9ROGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+xMA0G
CSqGSIb3DQEBCwUAA4IBAQCoDGYbC1RkEapvJVQRQKPqbqMhpmFAKgnV+aQHOgi/
hvW44zwmytuFhTdDWNKONrb1t+G1bDmz7OpKLj7swOxHU/pJRmqvjEEfoivjFMxe
P8W1vdMrKNL9dHs+dT8nFm3zNCCCoq5JgO/a5PDKPUgCJG1S2QWxgA+KQI7aGf2D
rFx7AnO2oKK1Vxz+q59xfpPArm3PHxnOupRZ07c7E5ybeKKnlM3I4AqLcjn6P8rm
1nI2h7cbMwv8JHAGV4mYEH89STnBxTV/S67SGuF3FP+XK5539FMM8je1cSV0VT1W
gE4kOQtQaDCQZvD57FMuzy3t3SEawKUKaJOXwkHPyPvO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:33 2024 by rpki-client on console-fra.rpki-client.org