Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/mJxTDTHK7kK_zUxZKkwYhccq47E.roa
File:                     mJxTDTHK7kK_zUxZKkwYhccq47E.roa (raw, json)
Hash identifier:          osnFLo3P+pOvSqOyOANcDIh9/m5i7Nh1DJkISFPzk/k=
Subject key identifier:   98:9C:53:0D:31:CA:EE:42:BF:CD:4C:59:2A:4C:18:85:C7:2A:E3:B1
Certificate issuer:       /CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
Certificate serial:       018D8A0E64C7B847B737A270E56C33EF878C
Authority key identifier: 0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/mJxTDTHK7kK_zUxZKkwYhccq47E.roa
Signing time:             Thu 08 Feb 2024 18:50:15 +0000
ROA not before:           Thu 08 Feb 2024 18:50:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206236
IP address blocks:        195.245.66.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 14:15:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8a:0e:64:c7:b8:47:b7:37:a2:70:e5:6c:33:ef:87:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
        Validity
            Not Before: Feb  8 18:50:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=989c530d31caee42bfcd4c592a4c1885c72ae3b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c8:1f:e4:2e:c2:7a:62:2f:2d:10:d8:b2:82:
                    ef:c1:e3:69:07:a0:d9:4d:e1:32:ab:36:fc:7c:33:
                    6a:56:50:0f:4e:b9:85:53:66:de:ae:5e:48:9e:f2:
                    3e:78:ea:f5:a3:32:80:2c:c3:48:f4:d2:20:9a:6d:
                    73:d7:a8:be:01:cf:3d:a1:66:1b:81:91:1f:ce:87:
                    8b:79:aa:60:21:ba:53:8e:cb:f1:0e:fc:ee:b5:68:
                    5a:a9:28:ad:c4:84:f7:9c:67:9f:0f:e6:00:81:a0:
                    aa:ad:79:56:31:cf:fe:66:b8:97:09:6c:0e:79:7d:
                    03:b3:52:a7:d1:ac:60:7b:c4:a9:0a:53:21:3d:a0:
                    31:2b:b9:36:f9:6b:67:bf:cb:f8:06:6a:7e:8d:c8:
                    9e:01:b8:46:c2:47:c5:05:b9:9f:46:0f:e6:55:cd:
                    98:92:07:89:48:04:76:5f:98:a1:6b:62:b2:d1:94:
                    0a:ca:3b:26:17:09:77:46:f9:4e:b6:25:b3:27:33:
                    d0:73:a3:19:c4:cf:5f:da:0e:98:64:0c:5d:5f:a1:
                    ba:40:25:4e:ac:d8:26:21:4f:3d:cb:85:20:f2:0e:
                    57:24:e8:ca:f8:a6:9e:b8:5e:0f:8b:67:39:7f:6c:
                    8d:32:86:de:34:81:23:2d:33:94:79:10:3b:7a:c3:
                    0f:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:9C:53:0D:31:CA:EE:42:BF:CD:4C:59:2A:4C:18:85:C7:2A:E3:B1
            X509v3 Authority Key Identifier:
                keyid:0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/mJxTDTHK7kK_zUxZKkwYhccq47E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.245.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:a6:5a:e0:49:3a:a6:26:80:ee:33:26:db:d0:54:8c:ab:d6:
         50:d3:67:69:3a:05:1f:6a:77:ce:1e:6e:30:c2:fd:2c:3d:40:
         bf:97:67:cb:2d:cd:c9:ea:37:ee:9b:69:4b:1c:00:79:76:53:
         ec:01:9f:86:06:5f:13:d4:46:a4:b8:17:e6:2d:76:0a:0c:3e:
         90:7c:07:e4:fa:23:58:71:fd:8b:68:34:d0:0c:8c:38:d9:7e:
         8e:8a:8c:88:7c:bc:1a:dd:fc:ed:b7:e5:49:d0:82:b5:48:68:
         28:6f:c3:67:aa:f3:7a:cf:a2:83:f7:a8:17:9f:bc:a5:1b:03:
         19:a8:2d:70:db:7f:49:ce:34:98:f3:f8:b0:fd:6f:71:6f:d7:
         a6:6a:38:fc:2c:32:72:f7:30:4c:e4:3d:7c:fc:a4:f2:b5:24:
         59:2b:78:ff:46:f6:61:e7:15:d1:91:5c:ad:5c:6e:e9:e4:57:
         17:f0:fa:29:f1:30:fa:86:6b:b0:50:bf:dc:3e:25:bc:cc:2a:
         0d:7f:fe:85:10:cf:5b:4f:e7:8d:86:af:73:ee:15:02:cb:38:
         b0:c4:c3:bc:ca:eb:98:5a:a3:09:a7:6d:b4:40:c3:dd:c2:36:
         2b:48:f4:74:6f:ec:1b:ab:35:55:8c:ac:3b:f1:ee:ec:7b:90:
         f4:c6:60:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2KDmTHuEe3N6Jw5Wwz74eMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWJjZWU0ZDIzMzc5YWVkODFhZWNmZmM3YTc0MmIzNWFj
ZGRkYjMwHhcNMjQwMjA4MTg1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODljNTMwZDMxY2FlZTQyYmZjZDRjNTkyYTRjMTg4NWM3MmFlM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMgf5C7CemIvLRDYsoLvweNpB6DZ
TeEyqzb8fDNqVlAPTrmFU2berl5InvI+eOr1ozKALMNI9NIgmm1z16i+Ac89oWYb
gZEfzoeLeapgIbpTjsvxDvzutWhaqSitxIT3nGefD+YAgaCqrXlWMc/+ZriXCWwO
eX0Ds1Kn0axge8SpClMhPaAxK7k2+Wtnv8v4Bmp+jcieAbhGwkfFBbmfRg/mVc2Y
kgeJSAR2X5iha2Ky0ZQKyjsmFwl3RvlOtiWzJzPQc6MZxM9f2g6YZAxdX6G6QCVO
rNgmIU89y4Ug8g5XJOjK+KaeuF4Pi2c5f2yNMobeNIEjLTOUeRA7esMPuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJicUw0xyu5Cv81MWSpMGIXHKuOxMB8GA1UdIwQY
MBaAFAvrzuTSM3mu2Brs/8enQrNazd2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUt
OTlhMTFmNjM4NWFiLzEvbUp4VERUSEs3a0tfelV4Wktrd1loY2NxNDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUtOTlhMTFmNjM4NWFi
LzEvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/VCMA0G
CSqGSIb3DQEBCwUAA4IBAQACplrgSTqmJoDuMybb0FSMq9ZQ02dpOgUfanfOHm4w
wv0sPUC/l2fLLc3J6jfum2lLHAB5dlPsAZ+GBl8T1EakuBfmLXYKDD6QfAfk+iNY
cf2LaDTQDIw42X6OioyIfLwa3fztt+VJ0IK1SGgob8NnqvN6z6KD96gXn7ylGwMZ
qC1w239JzjSY8/iw/W9xb9emajj8LDJy9zBM5D18/KTytSRZK3j/RvZh5xXRkVyt
XG7p5FcX8Pop8TD6hmuwUL/cPiW8zCoNf/6FEM9bT+eNhq9z7hUCyziwxMO8yuuY
WqMJp220QMPdwjYrSPR0b+wbqzVVjKw78e7se5D0xmBP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org