Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/5eb97d-3a91-404e-8647-98116832534f/1/e-4Xrt2HEsAxZA6rfy_w6E1eDDE.roa
File:                     e-4Xrt2HEsAxZA6rfy_w6E1eDDE.roa (raw, json)
Hash identifier:          HIWp+jIKBLlUJVk6Itd5hq7FusEUL2ScFWwbc8WkPjY=
Subject key identifier:   7B:EE:17:AE:DD:87:12:C0:31:64:0E:AB:7F:2F:F0:E8:4D:5E:0C:31
Certificate issuer:       /CN=7af8a601e274d53ecbf18115164df3de4b291ff5
Certificate serial:       01856D419310A39D1DBA1B3ED95193556A0F
Authority key identifier: 7A:F8:A6:01:E2:74:D5:3E:CB:F1:81:15:16:4D:F3:DE:4B:29:1F:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/evimAeJ01T7L8YEVFk3z3kspH_U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/5eb97d-3a91-404e-8647-98116832534f/1/e-4Xrt2HEsAxZA6rfy_w6E1eDDE.roa
Signing time:             Sun 01 Jan 2023 12:14:52 +0000
ROA not before:           Sun 01 Jan 2023 12:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12586
IP address blocks:        195.200.192.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:41:93:10:a3:9d:1d:ba:1b:3e:d9:51:93:55:6a:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7af8a601e274d53ecbf18115164df3de4b291ff5
        Validity
            Not Before: Jan  1 12:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7bee17aedd8712c031640eab7f2ff0e84d5e0c31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9c:30:de:c3:a0:e1:d0:04:68:05:50:a4:2d:
                    28:37:a9:cc:a2:10:ef:52:31:8a:8a:c3:91:0e:e7:
                    58:72:75:9b:f1:52:9d:f4:47:fc:93:0f:30:40:87:
                    12:b4:19:13:0c:db:a2:81:ef:dd:29:a7:0e:71:1e:
                    b9:e4:d4:35:86:31:fb:33:43:09:24:0d:ec:9e:95:
                    ad:4e:e8:0f:98:a6:46:51:2a:78:8c:bb:0b:29:30:
                    dc:66:81:c1:70:f7:51:e4:f7:c8:14:0d:37:63:28:
                    f0:02:15:08:07:a9:e3:a2:02:ce:e3:6e:ff:f5:31:
                    7a:a9:28:52:8d:a9:fc:21:c8:87:76:f6:fd:fd:97:
                    b6:15:58:e6:eb:51:4d:0a:4f:ee:b7:20:3b:1d:ed:
                    0a:18:88:51:50:d2:a2:fb:70:92:1b:87:d0:17:74:
                    d2:89:67:78:77:ce:f6:f3:36:1a:78:d8:48:5c:3d:
                    c9:9e:a9:b5:bc:7e:e4:f3:68:45:65:71:a9:1c:3a:
                    43:1a:45:d3:55:ce:53:4f:b5:36:b6:f3:c0:ac:8e:
                    8c:7b:b3:e3:18:6a:6c:88:2f:bb:5f:14:bf:b9:07:
                    8c:49:20:51:b1:96:40:9a:9f:a4:2f:3d:1e:f4:b9:
                    9d:11:44:38:c1:d1:d8:c8:78:2a:47:e7:83:1d:fc:
                    aa:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:EE:17:AE:DD:87:12:C0:31:64:0E:AB:7F:2F:F0:E8:4D:5E:0C:31
            X509v3 Authority Key Identifier:
                keyid:7A:F8:A6:01:E2:74:D5:3E:CB:F1:81:15:16:4D:F3:DE:4B:29:1F:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evimAeJ01T7L8YEVFk3z3kspH_U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/5eb97d-3a91-404e-8647-98116832534f/1/e-4Xrt2HEsAxZA6rfy_w6E1eDDE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/5eb97d-3a91-404e-8647-98116832534f/1/evimAeJ01T7L8YEVFk3z3kspH_U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.200.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:60:d5:cf:b4:c9:34:cf:ee:c2:e8:f4:3a:bb:fc:4d:51:b7:
         c6:48:57:fa:eb:25:c1:2f:d2:6e:8e:c0:69:24:7b:8c:25:11:
         c1:5d:fe:7f:b8:bd:61:68:6f:e1:bd:4b:3b:96:0a:d2:65:9a:
         88:20:83:6e:0e:e2:b7:da:eb:ec:cf:b0:64:8c:a6:25:60:ee:
         e6:2f:97:d6:c1:e8:5a:06:54:f5:04:f0:45:4b:68:d1:31:66:
         c2:f6:e7:a1:be:f3:59:48:85:d8:a4:d3:3b:32:a5:d4:37:f0:
         98:db:89:ba:03:5d:da:12:9b:4a:31:81:ec:e5:6e:e1:63:5e:
         85:b7:e3:88:72:18:b6:39:f1:7b:ee:ba:83:c6:2a:cb:8f:1f:
         86:68:06:b3:87:4f:19:ba:22:de:93:29:be:44:b5:64:bd:8d:
         b1:2a:7d:34:20:14:66:18:f2:33:71:32:6b:03:06:6a:18:f2:
         86:4b:8a:a6:aa:ba:56:20:a8:32:02:76:22:1a:ca:4b:b4:9c:
         e4:f0:d3:1c:63:6b:76:0a:48:b5:f8:b5:ac:38:30:b2:69:39:
         85:ab:54:48:c3:79:ee:bf:f1:59:b7:ae:63:4e:71:3e:3a:65:
         11:34:7f:8b:10:2e:e7:68:fe:c8:e1:e9:82:08:b6:23:d4:d1:
         4c:ad:5d:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQZMQo50duhs+2VGTVWoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjhhNjAxZTI3NGQ1M2VjYmYxODExNTE2NGRmM2RlNGIy
OTFmZjUwHhcNMjMwMTAxMTIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmVlMTdhZWRkODcxMmMwMzE2NDBlYWI3ZjJmZjBlODRkNWUwYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5ww3sOg4dAEaAVQpC0oN6nMohDv
UjGKisORDudYcnWb8VKd9Ef8kw8wQIcStBkTDNuige/dKacOcR655NQ1hjH7M0MJ
JA3snpWtTugPmKZGUSp4jLsLKTDcZoHBcPdR5PfIFA03YyjwAhUIB6njogLO427/
9TF6qShSjan8IciHdvb9/Ze2FVjm61FNCk/utyA7He0KGIhRUNKi+3CSG4fQF3TS
iWd4d8728zYaeNhIXD3Jnqm1vH7k82hFZXGpHDpDGkXTVc5TT7U2tvPArI6Me7Pj
GGpsiC+7XxS/uQeMSSBRsZZAmp+kLz0e9LmdEUQ4wdHYyHgqR+eDHfyq/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvuF67dhxLAMWQOq38v8OhNXgwxMB8GA1UdIwQY
MBaAFHr4pgHidNU+y/GBFRZN895LKR/1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZpbUFlSjAxVDdMOFlFVkZrM3oza3NwSF9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny81ZWI5N2QtM2E5MS00MDRlLTg2NDct
OTgxMTY4MzI1MzRmLzEvZS00WHJ0MkhFc0F4WkE2cmZ5X3c2RTFlRERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny81ZWI5N2QtM2E5MS00MDRlLTg2NDctOTgxMTY4MzI1MzRm
LzEvZXZpbUFlSjAxVDdMOFlFVkZrM3oza3NwSF9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8jAMA0G
CSqGSIb3DQEBCwUAA4IBAQAdYNXPtMk0z+7C6PQ6u/xNUbfGSFf66yXBL9JujsBp
JHuMJRHBXf5/uL1haG/hvUs7lgrSZZqIIINuDuK32uvsz7BkjKYlYO7mL5fWweha
BlT1BPBFS2jRMWbC9uehvvNZSIXYpNM7MqXUN/CY24m6A13aEptKMYHs5W7hY16F
t+OIchi2OfF77rqDxirLjx+GaAazh08ZuiLekym+RLVkvY2xKn00IBRmGPIzcTJr
AwZqGPKGS4qmqrpWIKgyAnYiGspLtJzk8NMcY2t2Cki1+LWsODCyaTmFq1RIw3nu
v/FZt65jTnE+OmURNH+LEC7naP7I4emCCLYj1NFMrV0G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org