Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/jAEy3ucP-iukJ7akay5qfmohjU4.roa
File:                     jAEy3ucP-iukJ7akay5qfmohjU4.roa (raw, json)
Hash identifier:          Nqb+SxEeTxQykIdPtuROzCzuTmDk4saLTRzk/e16JwI=
Subject key identifier:   8C:01:32:DE:E7:0F:FA:2B:A4:27:B6:A4:6B:2E:6A:7E:6A:21:8D:4E
Certificate issuer:       /CN=0e6d8fd77dade3d3f96cb49931948c2729ada0de
Certificate serial:       018571DE947D72C9087591AA998B994AE0D1
Authority key identifier: 0E:6D:8F:D7:7D:AD:E3:D3:F9:6C:B4:99:31:94:8C:27:29:AD:A0:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dm2P132t49P5bLSZMZSMJymtoN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/jAEy3ucP-iukJ7akay5qfmohjU4.roa
Signing time:             Mon 02 Jan 2023 09:44:50 +0000
ROA not before:           Mon 02 Jan 2023 09:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59809
IP address blocks:        195.110.190.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:de:94:7d:72:c9:08:75:91:aa:99:8b:99:4a:e0:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e6d8fd77dade3d3f96cb49931948c2729ada0de
        Validity
            Not Before: Jan  2 09:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8c0132dee70ffa2ba427b6a46b2e6a7e6a218d4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:c2:ac:3e:1a:72:6f:9a:aa:ae:60:07:25:d5:
                    b6:d2:0b:69:73:aa:ca:88:66:80:c6:19:3c:62:e1:
                    59:36:5d:34:75:37:67:50:0d:23:c4:61:06:70:d7:
                    21:96:ba:80:df:20:63:be:96:f5:7e:85:86:69:bf:
                    b8:14:bb:d2:d1:4b:c2:d0:8d:8d:ef:60:60:7b:7e:
                    8d:47:a1:ae:ae:76:09:3d:66:08:35:2e:be:5a:d2:
                    e7:3f:39:45:3e:79:35:d9:c8:12:b0:64:98:8b:4e:
                    18:d0:c9:e7:90:44:83:ce:b4:78:e7:d7:b1:37:fb:
                    e0:14:72:43:06:a1:ff:52:74:90:7e:68:27:8e:37:
                    3c:11:14:17:1f:76:34:87:79:4a:78:57:31:99:b0:
                    df:ae:87:62:f2:ff:00:4c:c6:a3:82:70:42:4c:63:
                    7c:f3:d4:d7:5f:01:3f:4a:5c:a2:bf:c8:d3:a5:13:
                    5d:a4:53:99:c2:77:81:eb:1f:73:6c:23:72:58:4d:
                    3b:81:88:ef:86:97:77:06:d4:af:31:bd:1a:e7:aa:
                    4a:6f:b6:09:35:68:9d:f4:0a:5e:02:3f:fd:b8:f7:
                    3d:a3:11:9b:85:52:e6:0d:42:26:d6:f9:48:d3:82:
                    aa:01:24:66:af:c4:0b:04:aa:ef:f6:eb:6a:15:01:
                    22:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:01:32:DE:E7:0F:FA:2B:A4:27:B6:A4:6B:2E:6A:7E:6A:21:8D:4E
            X509v3 Authority Key Identifier:
                keyid:0E:6D:8F:D7:7D:AD:E3:D3:F9:6C:B4:99:31:94:8C:27:29:AD:A0:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dm2P132t49P5bLSZMZSMJymtoN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/jAEy3ucP-iukJ7akay5qfmohjU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/Dm2P132t49P5bLSZMZSMJymtoN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.110.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:49:f4:46:4f:f5:5c:51:bc:ef:28:24:1a:1e:c6:62:2d:44:
         49:b7:62:e9:5c:6b:88:a2:69:ae:e3:f6:b4:b7:d3:1a:0b:62:
         a7:c7:6c:80:df:a8:68:f4:2f:cd:6f:8f:31:ce:f5:99:b5:38:
         f3:b8:49:85:3a:1f:67:27:20:98:bf:9c:80:25:cb:76:1d:ff:
         e0:3d:0f:dd:cc:b5:d2:1e:b0:8f:d4:97:99:74:9b:70:d5:78:
         ba:ae:0e:c5:3a:81:dd:85:08:d5:bd:7e:0a:93:c7:de:01:41:
         0e:ef:37:3a:ca:cd:af:6a:e2:cb:b6:ca:56:9a:ae:1e:c7:83:
         a2:68:49:97:18:c6:ec:73:38:e0:a7:8f:62:b5:3f:f5:14:5d:
         d5:29:b2:da:e6:07:bb:18:dd:df:69:72:e1:bf:7d:b9:db:88:
         49:0e:54:be:73:23:89:31:62:f4:a4:2f:ae:78:6b:89:b8:fb:
         10:36:d2:2e:a0:60:5c:10:7a:7f:c3:5b:af:b4:f1:27:dd:f2:
         ab:be:cb:2d:7e:09:ae:6c:4b:9c:81:2a:bf:2a:91:25:ce:1e:
         4b:e7:bd:a8:12:bb:f4:af:a9:02:a5:8f:92:36:2c:09:8f:cc:
         57:ad:ab:79:00:42:cc:3f:d2:f7:83:16:32:89:f4:8c:48:a0:
         10:03:e7:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3pR9cskIdZGqmYuZSuDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmQ4ZmQ3N2RhZGUzZDNmOTZjYjQ5OTMxOTQ4YzI3Mjlh
ZGEwZGUwHhcNMjMwMTAyMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzAxMzJkZWU3MGZmYTJiYTQyN2I2YTQ2YjJlNmE3ZTZhMjE4ZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcKsPhpyb5qqrmAHJdW20gtpc6rK
iGaAxhk8YuFZNl00dTdnUA0jxGEGcNchlrqA3yBjvpb1foWGab+4FLvS0UvC0I2N
72Bge36NR6GurnYJPWYINS6+WtLnPzlFPnk12cgSsGSYi04Y0MnnkESDzrR459ex
N/vgFHJDBqH/UnSQfmgnjjc8ERQXH3Y0h3lKeFcxmbDfrodi8v8ATMajgnBCTGN8
89TXXwE/Slyiv8jTpRNdpFOZwneB6x9zbCNyWE07gYjvhpd3BtSvMb0a56pKb7YJ
NWid9ApeAj/9uPc9oxGbhVLmDUIm1vlI04KqASRmr8QLBKrv9utqFQEi7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwBMt7nD/orpCe2pGsuan5qIY1OMB8GA1UdIwQY
MBaAFA5tj9d9rePT+Wy0mTGUjCcpraDeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG0yUDEzMnQ0OVA1YkxTWk1aU01KeW10b040LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82OTc3Y2QtNDM0My00YjRjLThjZWEt
YmQzNWMwNDhiOTMwLzEvakFFeTN1Y1AtaXVrSjdha2F5NXFmbW9oalU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82OTc3Y2QtNDM0My00YjRjLThjZWEtYmQzNWMwNDhiOTMw
LzEvRG0yUDEzMnQ0OVA1YkxTWk1aU01KeW10b040LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw26+MA0G
CSqGSIb3DQEBCwUAA4IBAQCbSfRGT/VcUbzvKCQaHsZiLURJt2LpXGuIommu4/a0
t9MaC2Knx2yA36ho9C/Nb48xzvWZtTjzuEmFOh9nJyCYv5yAJct2Hf/gPQ/dzLXS
HrCP1JeZdJtw1Xi6rg7FOoHdhQjVvX4Kk8feAUEO7zc6ys2vauLLtspWmq4ex4Oi
aEmXGMbsczjgp49itT/1FF3VKbLa5ge7GN3faXLhv32524hJDlS+cyOJMWL0pC+u
eGuJuPsQNtIuoGBcEHp/w1uvtPEn3fKrvsstfgmubEucgSq/KpElzh5L572oErv0
r6kCpY+SNiwJj8xXrat5AELMP9L3gxYyifSMSKAQA+f7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:44 2024 by rpki-client on console-ams.rpki-client.org