Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/RteB5JzEK52GJwrNHaKx-WBxJxE.roa
File:                     RteB5JzEK52GJwrNHaKx-WBxJxE.roa (raw, json)
Hash identifier:          xV5UFEnqpMhuw4D4nU3iFBxoqyQIF5wLs8SgBcLLGL0=
Subject key identifier:   46:D7:81:E4:9C:C4:2B:9D:86:27:0A:CD:1D:A2:B1:F9:60:71:27:11
Certificate issuer:       /CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
Certificate serial:       018E8044536377855868823FA5ED2E0EDBD2
Authority key identifier: 0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/RteB5JzEK52GJwrNHaKx-WBxJxE.roa
Signing time:             Wed 27 Mar 2024 14:15:45 +0000
ROA not before:           Wed 27 Mar 2024 14:15:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206236
IP address blocks:        195.245.66.0/24 maxlen: 24
                          2a10:1a40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 20:59:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:80:44:53:63:77:85:58:68:82:3f:a5:ed:2e:0e:db:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
        Validity
            Not Before: Mar 27 14:15:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=46d781e49cc42b9d86270acd1da2b1f960712711
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ca:81:19:dd:9e:64:f6:8a:ae:8b:02:ae:36:
                    d9:c0:4e:dc:fe:91:f4:9f:4b:3a:1d:9a:f6:e1:a0:
                    35:12:22:25:ab:a6:04:fc:4d:cd:fa:04:ea:c6:e6:
                    57:c7:18:00:49:40:bf:5e:99:62:8e:30:f4:9d:60:
                    b1:ef:eb:ee:89:a4:dd:6c:fd:ee:52:3c:c4:c0:c3:
                    09:87:76:3c:c1:f5:f3:5e:3d:ff:37:fa:3e:9e:da:
                    2f:50:26:7c:30:1d:82:04:1c:8e:9f:40:11:11:f2:
                    fa:82:37:48:e4:86:d0:4b:1f:4d:36:d2:04:3c:fa:
                    7c:81:0d:7b:82:80:f5:26:23:80:b5:d2:db:af:22:
                    46:9a:0b:fb:c4:bf:43:b9:01:cc:dd:b5:d4:ac:19:
                    f1:bd:d2:04:76:49:5b:81:76:b9:9b:6d:44:12:95:
                    0a:f0:7b:c4:63:84:f0:33:4b:92:80:e9:25:cc:c4:
                    4e:d1:90:df:45:ea:b1:f9:b1:e4:7e:dd:1e:f2:63:
                    18:f2:09:4c:2d:40:31:4a:0a:e0:76:01:c7:99:64:
                    54:df:2f:33:37:55:76:c3:f4:86:6b:6f:85:13:63:
                    30:7c:e4:95:4f:37:fd:d7:ac:70:7b:e0:3f:e9:53:
                    70:00:31:94:7f:27:2f:d1:63:04:6f:c2:e0:12:f2:
                    ac:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:D7:81:E4:9C:C4:2B:9D:86:27:0A:CD:1D:A2:B1:F9:60:71:27:11
            X509v3 Authority Key Identifier:
                keyid:0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/RteB5JzEK52GJwrNHaKx-WBxJxE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.245.66.0/24
                IPv6:
                  2a10:1a40::/29

    Signature Algorithm: sha256WithRSAEncryption
         2f:7f:39:fc:02:77:91:97:04:cf:c6:42:e9:80:b9:f0:17:7a:
         a4:aa:96:f3:18:6e:68:76:3e:7f:cb:da:16:d2:68:0a:7c:ce:
         41:ff:5d:0a:9f:79:86:05:59:01:7a:62:7b:31:29:b8:19:ba:
         b6:1e:4b:67:79:d5:30:5d:f7:eb:8b:0a:e2:4b:92:18:de:c4:
         08:f7:11:9b:68:16:1a:70:3e:76:6b:0f:c0:1e:ea:70:7d:8b:
         06:d8:f5:01:0b:ef:3d:ab:47:1a:17:4b:33:64:08:8f:4b:a9:
         8e:09:e8:e2:3e:40:53:97:05:8a:0a:38:68:a7:bc:78:22:35:
         ac:fc:17:82:f5:19:99:f2:17:b5:44:25:6b:cb:ad:30:a6:2a:
         02:ac:6f:ec:dc:07:c8:8d:c1:6d:61:4d:db:90:b1:78:16:f4:
         54:be:54:33:71:be:8b:9a:d8:2b:2f:9f:53:46:b1:f0:01:98:
         39:29:b2:0a:76:a1:1c:92:ae:93:e7:b6:e9:2a:72:bd:46:2a:
         f0:20:9a:0e:a3:c3:e0:f9:0b:2c:4d:51:ea:07:c8:88:ed:48:
         7b:67:45:83:f0:72:e0:87:c3:e7:d1:b2:4a:fd:bb:85:37:05:
         8a:67:50:6d:cf:87:2a:0a:03:eb:84:b0:16:39:71:67:b4:d5:
         a1:82:e7:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6ARFNjd4VYaII/pe0uDtvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWJjZWU0ZDIzMzc5YWVkODFhZWNmZmM3YTc0MmIzNWFj
ZGRkYjMwHhcNMjQwMzI3MTQxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmQ3ODFlNDljYzQyYjlkODYyNzBhY2QxZGEyYjFmOTYwNzEyNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMqBGd2eZPaKrosCrjbZwE7c/pH0
n0s6HZr24aA1EiIlq6YE/E3N+gTqxuZXxxgASUC/XplijjD0nWCx7+vuiaTdbP3u
UjzEwMMJh3Y8wfXzXj3/N/o+ntovUCZ8MB2CBByOn0AREfL6gjdI5IbQSx9NNtIE
PPp8gQ17goD1JiOAtdLbryJGmgv7xL9DuQHM3bXUrBnxvdIEdklbgXa5m21EEpUK
8HvEY4TwM0uSgOklzMRO0ZDfReqx+bHkft0e8mMY8glMLUAxSgrgdgHHmWRU3y8z
N1V2w/SGa2+FE2MwfOSVTzf916xwe+A/6VNwADGUfycv0WMEb8LgEvKsHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEbXgeScxCudhicKzR2isflgcScRMB8GA1UdIwQY
MBaAFAvrzuTSM3mu2Brs/8enQrNazd2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUt
OTlhMTFmNjM4NWFiLzEvUnRlQjVKekVLNTJHSndyTkhhS3gtV0J4SnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUtOTlhMTFmNjM4NWFi
LzEvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw/VCMA0E
AgACMAcDBQMqEBpAMA0GCSqGSIb3DQEBCwUAA4IBAQAvfzn8AneRlwTPxkLpgLnw
F3qkqpbzGG5odj5/y9oW0mgKfM5B/10Kn3mGBVkBemJ7MSm4Gbq2HktnedUwXffr
iwriS5IY3sQI9xGbaBYacD52aw/AHupwfYsG2PUBC+89q0caF0szZAiPS6mOCeji
PkBTlwWKCjhop7x4IjWs/BeC9RmZ8he1RCVry60wpioCrG/s3AfIjcFtYU3bkLF4
FvRUvlQzcb6LmtgrL59TRrHwAZg5KbIKdqEckq6T57bpKnK9RirwIJoOo8Pg+Qss
TVHqB8iI7Uh7Z0WD8HLgh8Pn0bJK/buFNwWKZ1Btz4cqCgPrhLAWOXFntNWhgueE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:07 2024 by rpki-client on console-fra.rpki-client.org