Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/lHOmvNI_VREzaPwwe45_OcgmjSc.roa
File:                     lHOmvNI_VREzaPwwe45_OcgmjSc.roa (raw, json)
Hash identifier:          pwntM+0cCHqiH4CXUrbu7SnpvhJw32I59kYtD5okDZI=
Subject key identifier:   94:73:A6:BC:D2:3F:55:11:33:68:FC:30:7B:8E:7F:39:C8:26:8D:27
Certificate issuer:       /CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Certificate serial:       018B67D15015C1581F5172E5EFCA831423EB
Authority key identifier: 08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/lHOmvNI_VREzaPwwe45_OcgmjSc.roa
Signing time:             Wed 25 Oct 2023 17:10:52 +0000
ROA not before:           Wed 25 Oct 2023 17:10:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203380
IP address blocks:        195.137.221.0/24 maxlen: 24
                          2a13:2440:a0::/44 maxlen: 44

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:31:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:67:d1:50:15:c1:58:1f:51:72:e5:ef:ca:83:14:23:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
        Validity
            Not Before: Oct 25 17:10:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9473a6bcd23f55113368fc307b8e7f39c8268d27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c4:09:b1:c9:81:64:b7:ea:11:f9:a9:fb:de:
                    45:47:60:e2:db:63:ff:ee:c9:b6:5e:1e:c1:16:39:
                    94:97:c6:18:10:93:74:3d:6b:25:e2:97:35:18:5e:
                    44:ca:3e:4f:3a:51:0f:d6:d4:36:4d:62:ef:3b:6b:
                    12:78:44:ca:fd:de:e6:25:37:51:e5:72:55:f4:04:
                    92:0a:d2:06:79:96:2c:a7:ee:06:d9:ea:b9:c5:c2:
                    17:d9:58:a4:70:2f:9c:a4:f0:e0:e8:fe:6d:d2:14:
                    6d:a8:b4:f2:b7:e3:06:05:c8:43:11:4e:04:ae:03:
                    a7:37:95:c0:5d:60:97:31:cb:54:d8:55:49:e5:a2:
                    bf:1e:e4:76:3d:76:fa:6a:b0:3c:e7:11:93:bb:46:
                    5d:6b:bd:e5:24:ff:f1:3f:74:3a:4a:83:d9:00:98:
                    ae:97:20:31:8a:45:28:1a:05:57:4a:ea:65:95:a1:
                    2d:57:50:3f:dc:07:1d:34:78:fc:6f:6f:05:e8:bf:
                    75:01:1a:90:e2:e9:99:7c:a9:93:0c:9f:95:ce:c6:
                    e8:43:79:69:85:fb:f7:12:e4:b4:fc:87:95:45:ad:
                    c9:8b:69:3c:1b:35:e7:39:ea:ec:0c:7a:85:ed:b8:
                    9d:e2:ea:9c:ec:7c:f0:d4:56:bc:22:ba:ce:0e:1d:
                    3e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:73:A6:BC:D2:3F:55:11:33:68:FC:30:7B:8E:7F:39:C8:26:8D:27
            X509v3 Authority Key Identifier:
                keyid:08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/lHOmvNI_VREzaPwwe45_OcgmjSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.137.221.0/24
                IPv6:
                  2a13:2440:a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         6f:32:03:f3:bc:a5:f3:7b:91:a6:e6:64:9d:4d:75:6c:ed:ed:
         25:00:80:a8:80:ac:ce:13:a3:78:66:73:dc:56:c3:1d:1e:3b:
         84:c9:00:f7:ee:5a:0a:23:e1:a0:ee:10:3c:27:16:73:ae:e6:
         5f:0d:6b:eb:ac:84:b7:09:91:45:90:d7:55:cc:e9:5d:e6:1e:
         7d:e5:e0:18:92:2f:bb:4f:ee:54:94:ac:90:75:3b:09:9e:a8:
         0d:e8:ee:c4:75:d6:3e:b4:f6:2a:55:02:05:9f:3b:4b:bb:94:
         bc:7b:5c:ec:f2:7b:9c:e1:3f:f4:d1:fe:de:6f:29:cc:dd:0b:
         57:b9:ed:79:a8:84:86:69:08:8e:f3:32:d3:bc:f5:64:5e:6f:
         92:76:3e:e7:4b:de:63:b1:12:c1:a2:ba:9c:50:73:3f:b2:91:
         73:9a:e4:b4:ae:91:33:3c:15:bd:65:98:ef:a1:52:88:6a:ab:
         49:20:5d:26:cb:f4:4b:5e:4a:6e:e9:2c:02:74:95:f0:44:9d:
         52:d0:21:e1:b4:3a:73:92:5f:d2:9e:1d:55:33:2c:67:5e:8e:
         cc:3a:8a:43:48:9b:9f:f7:2c:97:9d:7e:fa:57:43:ad:47:e6:
         29:ae:8d:a7:fe:4f:59:c6:64:75:fb:fb:47:4f:50:fe:97:6c:
         38:70:a9:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtn0VAVwVgfUXLl78qDFCPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWM4YzdmMzM0MDUzYzhhOTBhMzQwODAwOWVmM2QzYjdh
ODJlM2QwHhcNMjMxMDI1MTcxMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDczYTZiY2QyM2Y1NTExMzM2OGZjMzA3YjhlN2YzOWM4MjY4ZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcQJscmBZLfqEfmp+95FR2Di22P/
7sm2Xh7BFjmUl8YYEJN0PWsl4pc1GF5Eyj5POlEP1tQ2TWLvO2sSeETK/d7mJTdR
5XJV9ASSCtIGeZYsp+4G2eq5xcIX2VikcC+cpPDg6P5t0hRtqLTyt+MGBchDEU4E
rgOnN5XAXWCXMctU2FVJ5aK/HuR2PXb6arA85xGTu0Zda73lJP/xP3Q6SoPZAJiu
lyAxikUoGgVXSupllaEtV1A/3AcdNHj8b28F6L91ARqQ4umZfKmTDJ+VzsboQ3lp
hfv3EuS0/IeVRa3Ji2k8GzXnOersDHqF7bid4uqc7Hzw1Fa8IrrODh0+cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJRzprzSP1URM2j8MHuOfznIJo0nMB8GA1UdIwQY
MBaAFAicjH8zQFPIqQo0CACe89O3qC49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYt
NmY3MDA5YmVlOTE1LzEvbEhPbXZOSV9WUkV6YVB3d2U0NV9PY2dtalNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYtNmY3MDA5YmVlOTE1
LzEvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4ndMA8E
AgACMAkDBwQqEyRAAKAwDQYJKoZIhvcNAQELBQADggEBAG8yA/O8pfN7kabmZJ1N
dWzt7SUAgKiArM4To3hmc9xWwx0eO4TJAPfuWgoj4aDuEDwnFnOu5l8Na+ushLcJ
kUWQ11XM6V3mHn3l4BiSL7tP7lSUrJB1OwmeqA3o7sR11j609ipVAgWfO0u7lLx7
XOzye5zhP/TR/t5vKczdC1e57XmohIZpCI7zMtO89WReb5J2PudL3mOxEsGiupxQ
cz+ykXOa5LSukTM8Fb1lmO+hUohqq0kgXSbL9EteSm7pLAJ0lfBEnVLQIeG0OnOS
X9KeHVUzLGdejsw6ikNIm5/3LJedfvpXQ61H5imujaf+T1nGZHX7+0dPUP6XbDhw
qWc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:40 2024 by rpki-client on console-ams.rpki-client.org