Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/2tpHWzCwMZ38mQ-VM1cE2R0QXi4.roa
File:                     2tpHWzCwMZ38mQ-VM1cE2R0QXi4.roa (raw, json)
Hash identifier:          7QkrRRfYJ+ZiX3aOJO1rNHu++xUZatE+ofPl5J+eWlk=
Subject key identifier:   DA:DA:47:5B:30:B0:31:9D:FC:99:0F:95:33:57:04:D9:1D:10:5E:2E
Certificate issuer:       /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial:       018EC6FD1EA11BDB9C14B2914D18023301CD
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/2tpHWzCwMZ38mQ-VM1cE2R0QXi4.roa
Signing time:             Wed 10 Apr 2024 07:51:00 +0000
ROA not before:           Wed 10 Apr 2024 07:51:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50225
IP address blocks:        195.24.232.0/24 maxlen: 24
                          2a12:2500::/29 maxlen: 29
                          2a12:2700::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 09 Jul 2024 13:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:c6:fd:1e:a1:1b:db:9c:14:b2:91:4d:18:02:33:01:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
        Validity
            Not Before: Apr 10 07:51:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dada475b30b0319dfc990f95335704d91d105e2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:2f:78:1c:45:92:e4:4a:f1:6c:c2:6a:85:d8:
                    01:08:a6:39:fb:93:22:6e:88:50:e4:bb:8e:a4:fe:
                    1c:4a:f5:aa:ba:98:a7:2e:55:f7:10:20:91:b1:e1:
                    60:b5:20:5b:0f:d0:58:4b:d5:88:27:d6:b5:c7:50:
                    c5:cc:69:5c:4b:6f:80:b0:fc:d9:35:1f:0a:72:1d:
                    c6:33:bb:fd:0e:1a:18:46:00:c3:e5:e6:94:fc:43:
                    cf:1b:42:f2:48:45:8f:49:01:97:cb:71:db:a2:3f:
                    ee:7d:79:79:d9:1f:f1:f1:0b:5d:fa:7b:03:7b:54:
                    6b:9c:07:c6:f3:76:4d:61:20:27:8a:06:d5:60:91:
                    3d:93:26:a3:af:65:8d:39:9d:8c:30:ab:9a:b6:b9:
                    4c:e9:fd:67:a0:9f:5b:ad:ef:91:6b:97:5b:ce:21:
                    01:56:cf:41:0a:04:6a:28:b5:2d:2e:e7:b6:82:8c:
                    5d:a2:34:a7:25:b0:44:7a:d2:2d:f6:db:f9:d0:e5:
                    8e:0f:95:3e:1a:fb:58:2a:d7:e8:9c:f5:af:92:0d:
                    66:b6:63:d9:98:a4:c5:19:17:17:cf:ab:91:09:fb:
                    4f:f8:24:05:e6:e9:3e:7a:72:3b:f0:6e:f1:49:9e:
                    4f:1d:26:d7:01:ce:a8:3e:30:3c:78:85:a7:b8:52:
                    30:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:DA:47:5B:30:B0:31:9D:FC:99:0F:95:33:57:04:D9:1D:10:5E:2E
            X509v3 Authority Key Identifier:
                keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/2tpHWzCwMZ38mQ-VM1cE2R0QXi4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.24.232.0/24
                IPv6:
                  2a12:2500::/29
                  2a12:2700::/29

    Signature Algorithm: sha256WithRSAEncryption
         21:27:fe:dd:44:69:1f:16:d1:ae:c3:1e:c4:43:e6:23:f6:be:
         56:98:2b:38:16:8a:9d:d9:a3:fb:eb:6e:98:40:04:8a:8f:1e:
         f7:fc:24:0a:a5:b3:e9:1f:2d:a0:e2:4f:64:bc:61:df:44:cc:
         41:88:13:7e:9e:1f:e6:a2:96:7d:e7:a7:6d:b6:bb:f6:58:4a:
         28:38:3f:df:ee:05:24:79:93:6d:b3:a3:94:24:bf:36:da:8f:
         dc:32:75:67:d4:78:aa:41:a7:de:b3:f9:02:a9:3a:7c:b4:76:
         bc:0b:44:aa:70:2c:9a:f3:f7:06:2d:d4:c9:8d:63:e6:e8:0b:
         ec:0a:83:58:bc:18:4c:a1:13:47:97:24:40:14:f5:b0:52:24:
         e0:dd:7c:48:f2:00:65:6c:c0:db:15:c2:96:f6:c3:8f:ba:0a:
         47:45:01:aa:3a:34:47:2d:8d:59:d2:2b:2c:02:61:9f:52:aa:
         4a:e4:b0:ef:34:43:fd:5b:bb:4f:c3:3a:1d:c0:dc:6f:d0:8b:
         df:6e:97:b3:32:d7:77:d8:1a:4a:26:91:07:7a:78:cb:84:15:
         b0:78:0b:46:9c:cb:ca:04:ff:d9:fd:e5:a3:16:6d:d5:40:4e:
         46:2e:ec:56:93:28:d6:8f:f5:c3:2f:83:83:b0:65:83:56:55:
         02:a7:5b:68
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY7G/R6hG9ucFLKRTRgCMwHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjQwNDEwMDc1MTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRhNDc1YjMwYjAzMTlkZmM5OTBmOTUzMzU3MDRkOTFkMTA1ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgC94HEWS5ErxbMJqhdgBCKY5+5Mi
bohQ5LuOpP4cSvWqupinLlX3ECCRseFgtSBbD9BYS9WIJ9a1x1DFzGlcS2+AsPzZ
NR8Kch3GM7v9DhoYRgDD5eaU/EPPG0LySEWPSQGXy3Hboj/ufXl52R/x8Qtd+nsD
e1RrnAfG83ZNYSAnigbVYJE9kyajr2WNOZ2MMKuatrlM6f1noJ9bre+Ra5dbziEB
Vs9BCgRqKLUtLue2goxdojSnJbBEetIt9tv50OWOD5U+GvtYKtfonPWvkg1mtmPZ
mKTFGRcXz6uRCftP+CQF5uk+enI78G7xSZ5PHSbXAc6oPjA8eIWnuFIwFQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNraR1swsDGd/JkPlTNXBNkdEF4uMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvMnRwSFd6Q3dNWjM4bVEtVk0xY0UyUjBRWGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAwxjoMBQE
AgACMA4DBQMqEiUAAwUDKhInADANBgkqhkiG9w0BAQsFAAOCAQEAISf+3URpHxbR
rsMexEPmI/a+VpgrOBaKndmj++tumEAEio8e9/wkCqWz6R8toOJPZLxh30TMQYgT
fp4f5qKWfeenbba79lhKKDg/3+4FJHmTbbOjlCS/NtqP3DJ1Z9R4qkGn3rP5Aqk6
fLR2vAtEqnAsmvP3Bi3UyY1j5ugL7AqDWLwYTKETR5ckQBT1sFIk4N18SPIAZWzA
2xXClvbDj7oKR0UBqjo0Ry2NWdIrLAJhn1KqSuSw7zRD/Vu7T8M6HcDcb9CL326X
szLXd9gaSiaRB3p4y4QVsHgLRpzLygT/2f3loxZt1UBORi7sVpMo1o/1wy+Dg7Bl
g1ZVAqdbaA==
-----END CERTIFICATE-----
Generated at Tue Jul 9 15:52:58 2024 by rpki-client on console-ams.rpki-client.org