Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/wV2hMqn8--wHpBEbgaRSZAS6VEw.roa
File:                     wV2hMqn8--wHpBEbgaRSZAS6VEw.roa (raw, json)
Hash identifier:          NE7dVcimL4Aoaoq8ftpQKtBVb7Y7IQeKfPD0Yypog2U=
Subject key identifier:   C1:5D:A1:32:A9:FC:FB:EC:07:A4:11:1B:81:A4:52:64:04:BA:54:4C
Certificate issuer:       /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial:       018CC9BC3AC6F7427783C3E32B7E777BF080
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/wV2hMqn8--wHpBEbgaRSZAS6VEw.roa
Signing time:             Tue 02 Jan 2024 10:33:25 +0000
ROA not before:           Tue 02 Jan 2024 10:33:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34393
IP address blocks:        95.215.20.0/22 maxlen: 22
                          95.215.24.0/21 maxlen: 21
                          195.177.64.0/22 maxlen: 22
                          195.177.84.0/22 maxlen: 22
                          2001:67c:2f64::/48 maxlen: 48
                          2a0e:c980::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 01 Oct 2024 19:44:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:3a:c6:f7:42:77:83:c3:e3:2b:7e:77:7b:f0:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
        Validity
            Not Before: Jan  2 10:33:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c15da132a9fcfbec07a4111b81a4526404ba544c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:bc:1d:b3:bc:c3:4a:47:9e:d8:67:1a:46:19:
                    8e:c5:fb:ea:9a:db:4c:15:a6:82:96:62:9a:0a:c8:
                    de:af:81:8e:d2:13:7f:2d:e5:fc:e1:0c:e2:a2:c4:
                    46:11:b0:59:3c:fc:45:d9:fb:08:20:e4:01:d9:f4:
                    1f:53:19:f7:83:ec:66:b0:39:ac:55:23:5d:93:9c:
                    48:c6:29:2a:d7:31:22:0f:ec:7b:bd:82:00:bb:10:
                    6c:7e:99:2a:15:22:73:a2:de:3a:22:21:52:34:44:
                    5a:f5:3f:a4:20:3f:75:61:31:96:7f:55:96:c0:99:
                    e2:e5:72:d3:2f:8d:51:63:43:fe:40:de:54:87:cf:
                    27:42:66:3a:a2:dc:00:02:bb:01:a3:02:92:a4:85:
                    48:45:3d:a3:af:48:0f:8a:55:31:c0:0a:b7:27:29:
                    c6:79:fa:b1:db:49:26:57:70:ff:d5:72:a4:26:ed:
                    76:d3:55:66:0c:86:6d:e2:7a:9b:f7:73:61:59:30:
                    81:14:cb:41:c8:e7:39:b0:4d:b3:46:d6:42:e6:7a:
                    c0:03:b3:e6:1a:02:69:f6:17:45:36:34:e9:a1:df:
                    3b:44:e3:61:34:fb:ec:dd:b0:b9:86:09:d0:a1:b0:
                    25:d8:76:09:dc:04:cb:ac:fb:09:0f:ef:c4:22:35:
                    c6:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:5D:A1:32:A9:FC:FB:EC:07:A4:11:1B:81:A4:52:64:04:BA:54:4C
            X509v3 Authority Key Identifier:
                keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/wV2hMqn8--wHpBEbgaRSZAS6VEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.215.20.0-95.215.31.255
                  195.177.64.0/22
                  195.177.84.0/22
                IPv6:
                  2001:67c:2f64::/48
                  2a0e:c980::/29

    Signature Algorithm: sha256WithRSAEncryption
         14:f7:c1:c7:76:03:24:b1:31:41:29:e7:54:e5:5c:28:94:22:
         f7:52:3a:ee:33:39:a2:8c:e2:f5:b4:bf:25:c2:45:5f:f0:10:
         0a:ac:dd:47:ea:89:30:62:34:b7:6b:a2:66:b6:b9:3a:c1:26:
         b1:db:0f:62:e4:6f:4f:db:52:1d:e7:54:ea:1d:c8:8e:11:c0:
         e7:1b:e3:00:07:21:55:da:de:17:21:3d:e4:89:91:1f:e6:16:
         4e:02:bb:03:fd:3c:2b:ae:e2:0b:ae:20:bc:ea:2d:46:5a:78:
         6d:b7:1e:a6:8e:58:22:22:c7:fa:c4:19:eb:9e:c6:fd:df:04:
         ed:5a:9e:28:29:c6:59:02:6d:20:92:39:28:64:f7:4e:68:6e:
         6d:c7:09:b1:bf:1a:13:99:17:17:b7:f1:98:ea:55:f6:39:0e:
         d8:0d:c0:9c:08:11:d5:69:57:23:74:15:9c:95:05:c6:8a:ff:
         f8:4f:a9:f4:8b:54:1a:64:40:ed:af:96:29:7f:38:54:66:af:
         28:26:f7:9a:b9:7b:70:b9:ac:14:6f:39:0d:4a:0d:e4:08:94:
         e8:e2:55:a5:cd:28:00:ce:48:b6:ef:05:6e:db:ee:87:a5:df:
         b3:76:90:b0:c4:d2:57:11:bd:d3:58:ac:d1:e4:b6:e6:8c:a6:
         fd:24:31:91
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzJvDrG90J3g8PjK353e/CAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTVkYTEzMmE5ZmNmYmVjMDdhNDExMWI4MWE0NTI2NDA0YmE1NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLwds7zDSkee2GcaRhmOxfvqmttM
FaaClmKaCsjer4GO0hN/LeX84QziosRGEbBZPPxF2fsIIOQB2fQfUxn3g+xmsDms
VSNdk5xIxikq1zEiD+x7vYIAuxBsfpkqFSJzot46IiFSNERa9T+kID91YTGWf1WW
wJni5XLTL41RY0P+QN5Uh88nQmY6otwAArsBowKSpIVIRT2jr0gPilUxwAq3JynG
efqx20kmV3D/1XKkJu1201VmDIZt4nqb93NhWTCBFMtByOc5sE2zRtZC5nrAA7Pm
GgJp9hdFNjTpod87RONhNPvs3bC5hgnQobAl2HYJ3ATLrPsJD+/EIjXGDQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFMFdoTKp/PvsB6QRG4GkUmQEulRMMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvd1YyaE1xbjgtLXdIcEJFYmdhUlNaQVM2VkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAgBAIAATAaMAwDBAJf1xQD
BAVf1wADBALDsUADBALDsVQwFgQCAAIwEAMHACABBnwvZAMFAyoOyYAwDQYJKoZI
hvcNAQELBQADggEBABT3wcd2AySxMUEp51TlXCiUIvdSOu4zOaKM4vW0vyXCRV/w
EAqs3UfqiTBiNLdroma2uTrBJrHbD2Lkb0/bUh3nVOodyI4RwOcb4wAHIVXa3hch
PeSJkR/mFk4CuwP9PCuu4guuILzqLUZaeG23HqaOWCIix/rEGeuexv3fBO1anigp
xlkCbSCSOShk905obm3HCbG/GhOZFxe38ZjqVfY5DtgNwJwIEdVpVyN0FZyVBcaK
//hPqfSLVBpkQO2vlil/OFRmrygm95q5e3C5rBRvOQ1KDeQIlOjiVaXNKADOSLbv
BW7b7oel37N2kLDE0lcRvdNYrNHktuaMpv0kMZE=
-----END CERTIFICATE-----
Generated at Tue Oct 1 21:37:44 2024 by rpki-client on console-fra.rpki-client.org