Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Cn-u03lmovVjsea78knJtsYVX10.roa
File:                     Cn-u03lmovVjsea78knJtsYVX10.roa (raw, json)
Hash identifier:          JrL+Kg7JZ3E1857esInDunCJHot9SdcSsIQg8zVGFIA=
Subject key identifier:   0A:7F:AE:D3:79:66:A2:F5:63:B1:E6:BB:F2:49:C9:B6:C6:15:5F:5D
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       018ADFFDB2021CF450FED17B9672A540E6A9
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Cn-u03lmovVjsea78knJtsYVX10.roa
Signing time:             Fri 29 Sep 2023 08:10:59 +0000
ROA not before:           Fri 29 Sep 2023 08:10:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201671
IP address blocks:        195.19.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:df:fd:b2:02:1c:f4:50:fe:d1:7b:96:72:a5:40:e6:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Sep 29 08:10:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a7faed37966a2f563b1e6bbf249c9b6c6155f5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:24:82:6b:4f:24:0c:2b:b0:dd:89:9f:0b:a8:
                    18:65:68:19:ad:f0:bf:54:e5:3e:35:53:61:e8:2b:
                    d7:7d:78:6d:dc:f7:f9:1d:14:bd:dd:a5:ad:7a:29:
                    46:02:39:3b:3b:08:62:de:83:a7:14:16:35:bc:49:
                    e2:43:0e:25:ea:2c:3d:ad:d2:20:6e:4a:6c:17:a5:
                    64:0c:5f:f5:1a:d5:22:3e:54:8a:a4:b2:e6:e7:de:
                    2d:73:61:45:b9:6f:0f:0c:8f:a5:90:14:4a:a4:01:
                    87:da:80:8b:45:22:fe:e0:c9:bd:62:61:dc:d1:13:
                    34:be:5b:fd:0b:00:ca:23:ba:fa:d4:7d:52:aa:07:
                    33:26:15:dc:9b:37:ce:1a:d3:50:2a:10:90:4b:c2:
                    74:5d:4e:01:ab:40:4a:c5:a1:45:8f:7d:86:f3:fd:
                    21:f8:b6:bf:62:ef:19:85:19:9c:5a:15:1e:dd:31:
                    e5:2b:9b:a7:56:e8:37:0a:6c:c1:e5:29:00:28:b0:
                    4b:b1:6b:7d:27:11:78:96:62:67:a5:e1:38:b3:e1:
                    01:72:2d:dc:03:ed:c1:f9:e3:60:79:d6:13:b1:48:
                    fb:0e:f7:ca:7b:22:9c:53:07:aa:b1:98:b4:ea:94:
                    69:7a:ed:90:35:ef:94:a9:2d:53:5e:d6:7e:47:2a:
                    93:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:7F:AE:D3:79:66:A2:F5:63:B1:E6:BB:F2:49:C9:B6:C6:15:5F:5D
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Cn-u03lmovVjsea78knJtsYVX10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.19.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:26:f8:ca:f2:f1:24:fd:84:26:da:6e:b4:61:95:2a:17:55:
         b1:7f:a4:89:1f:6d:18:b8:49:3a:37:e5:c2:1f:fe:65:b2:12:
         5c:d3:d6:d9:38:65:15:ef:91:16:80:08:59:43:d2:2d:79:05:
         d8:b6:57:05:d8:4d:c0:f7:a6:e1:9b:09:1b:af:9e:46:73:10:
         ed:3e:3b:3e:67:f3:75:10:af:02:d6:27:e2:51:2e:43:69:69:
         c5:3d:66:c7:fd:b6:78:e0:6d:db:ea:3f:5f:5e:b3:3d:9c:c9:
         4e:af:61:d0:fa:18:15:5f:f7:c3:1c:6a:94:ea:f8:15:df:63:
         a2:ca:7d:c1:de:2e:39:e4:54:34:6f:0d:d2:66:86:52:11:a8:
         7e:c1:6f:dd:54:15:2d:8e:92:e5:bf:f1:a7:d4:c5:b7:d2:bd:
         c3:51:e4:d5:27:c8:8f:25:84:43:51:c4:51:b4:53:b7:b0:fd:
         39:ae:29:30:38:47:8e:32:ae:ea:2d:6e:95:c7:a8:af:05:21:
         66:52:1f:d6:49:be:66:23:21:57:83:5a:88:b4:94:8f:33:b0:
         15:b9:e2:1e:5e:9d:92:54:b6:6d:44:3d:a9:48:28:67:5d:86:
         76:08:33:b6:a3:66:58:9f:5e:4c:88:05:30:db:8d:39:e3:39:
         4e:66:1d:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrf/bICHPRQ/tF7lnKlQOapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwOTI5MDgxMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTdmYWVkMzc5NjZhMmY1NjNiMWU2YmJmMjQ5YzliNmM2MTU1ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoySCa08kDCuw3YmfC6gYZWgZrfC/
VOU+NVNh6CvXfXht3Pf5HRS93aWteilGAjk7Owhi3oOnFBY1vEniQw4l6iw9rdIg
bkpsF6VkDF/1GtUiPlSKpLLm594tc2FFuW8PDI+lkBRKpAGH2oCLRSL+4Mm9YmHc
0RM0vlv9CwDKI7r61H1SqgczJhXcmzfOGtNQKhCQS8J0XU4Bq0BKxaFFj32G8/0h
+La/Yu8ZhRmcWhUe3THlK5unVug3CmzB5SkAKLBLsWt9JxF4lmJnpeE4s+EBci3c
A+3B+eNgedYTsUj7DvfKeyKcUweqsZi06pRpeu2QNe+UqS1TXtZ+RyqT2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAp/rtN5ZqL1Y7Hmu/JJybbGFV9dMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvQ24tdTAzbG1vdlZqc2VhNzhrbkp0c1lWWDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxNdMA0G
CSqGSIb3DQEBCwUAA4IBAQC4JvjK8vEk/YQm2m60YZUqF1Wxf6SJH20YuEk6N+XC
H/5lshJc09bZOGUV75EWgAhZQ9IteQXYtlcF2E3A96bhmwkbr55GcxDtPjs+Z/N1
EK8C1ifiUS5DaWnFPWbH/bZ44G3b6j9fXrM9nMlOr2HQ+hgVX/fDHGqU6vgV32Oi
yn3B3i455FQ0bw3SZoZSEah+wW/dVBUtjpLlv/Gn1MW30r3DUeTVJ8iPJYRDUcRR
tFO3sP05rikwOEeOMq7qLW6Vx6ivBSFmUh/WSb5mIyFXg1qItJSPM7AVueIeXp2S
VLZtRD2pSChnXYZ2CDO2o2ZYn15MiAUw24054zlOZh08
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org