Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/_bDrlf2ftogiTPHZw-Z5chCSfzI.roa
File:                     _bDrlf2ftogiTPHZw-Z5chCSfzI.roa (raw, json)
Hash identifier:          fH2wcB3rkSfJGAFWi70yPtAOG2yErzbGYdeEYtP5J4Q=
Subject key identifier:   FD:B0:EB:95:FD:9F:B6:88:22:4C:F1:D9:C3:E6:79:72:10:92:7F:32
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       01856BC1197F3314DE905AB3527478DDE8E8
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/_bDrlf2ftogiTPHZw-Z5chCSfzI.roa
Signing time:             Sun 01 Jan 2023 05:14:55 +0000
ROA not before:           Sun 01 Jan 2023 05:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48430
IP address blocks:        195.95.204.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c1:19:7f:33:14:de:90:5a:b3:52:74:78:dd:e8:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Jan  1 05:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fdb0eb95fd9fb688224cf1d9c3e6797210927f32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:22:e3:38:83:6f:39:81:0d:a1:cb:18:a5:89:
                    95:f1:ad:38:9e:3f:68:6e:42:36:92:58:9b:68:d6:
                    d7:fc:ab:08:bd:a9:ea:f2:b0:87:13:46:e3:e2:6c:
                    16:68:28:cf:78:27:0e:4a:db:a2:3c:db:9d:bd:46:
                    c3:51:41:63:63:17:da:e3:e8:03:0c:18:ac:83:84:
                    6a:73:7a:bc:43:a4:91:e1:02:56:37:d1:d1:1c:92:
                    58:97:10:b7:02:bc:4f:ac:c1:2b:45:0f:26:53:fd:
                    a3:e7:b7:5d:3b:1a:5d:cd:81:57:19:7f:90:48:d3:
                    2a:cf:1f:ed:53:7a:15:4e:9c:e6:56:94:30:bf:86:
                    0f:48:de:cc:35:d0:d1:ec:3e:0a:7d:86:04:50:0f:
                    9b:16:4c:67:12:d1:60:bb:6c:15:38:fa:92:98:57:
                    00:0b:41:fc:bc:51:8a:cc:22:da:16:1d:20:8a:e9:
                    10:0b:f5:18:93:18:f6:fe:c5:93:1e:c1:dc:b3:8f:
                    2e:83:2e:a1:0e:89:16:30:ef:44:34:42:58:35:c1:
                    8a:7f:a9:3b:97:7e:1c:93:7a:69:9d:70:5c:3c:05:
                    38:a9:a2:98:c8:0a:94:08:54:dc:35:e2:af:30:49:
                    3f:41:eb:47:c6:4e:f7:35:df:09:54:e7:e6:e6:7c:
                    53:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:B0:EB:95:FD:9F:B6:88:22:4C:F1:D9:C3:E6:79:72:10:92:7F:32
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/_bDrlf2ftogiTPHZw-Z5chCSfzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:0f:1d:2e:ed:ef:db:9c:55:bc:b7:a4:6c:1f:0c:82:4a:da:
         dd:96:28:03:b5:1f:76:bb:65:24:b0:5f:cd:f2:c3:f3:60:6c:
         a2:60:65:f0:bc:ad:e3:52:76:8a:a8:ed:e2:7b:62:2c:75:65:
         48:e2:f0:8a:3f:f5:83:b2:15:31:49:08:03:dc:19:27:6b:31:
         9c:e4:1c:ee:a1:55:bf:44:3a:fb:fa:75:8c:f1:e0:5b:e6:26:
         e2:69:22:65:4e:a4:2e:57:92:1a:c5:28:aa:c2:ab:65:cf:78:
         4c:be:fc:a1:e2:98:a1:a2:9a:9d:a6:c1:f1:33:d3:9b:1f:ff:
         fc:5e:7f:ec:b5:5a:64:c5:da:e3:9e:31:de:56:7e:6a:69:75:
         0f:71:47:62:6a:bd:22:3e:0d:11:b9:04:7c:38:ca:33:1e:2c:
         ea:58:dc:bb:e6:36:0f:de:c6:30:7c:e6:f6:77:1c:7c:62:4d:
         31:71:80:8a:d6:2d:cc:37:8e:da:5e:fc:d9:3d:70:6e:86:2b:
         b0:24:65:9e:25:be:0b:1d:1f:0f:f4:57:7b:70:d2:dc:05:d3:
         52:a6:18:7c:00:d1:2f:8a:14:0e:81:e0:e3:7d:14:7d:9c:70:
         94:71:3c:1b:10:05:17:d6:f3:8f:82:ef:30:41:a3:01:f2:f3:
         21:39:04:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwRl/MxTekFqzUnR43ejoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTAxMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIwZWI5NWZkOWZiNjg4MjI0Y2YxZDljM2U2Nzk3MjEwOTI3ZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniLjOINvOYENocsYpYmV8a04nj9o
bkI2klibaNbX/KsIvanq8rCHE0bj4mwWaCjPeCcOStuiPNudvUbDUUFjYxfa4+gD
DBisg4Rqc3q8Q6SR4QJWN9HRHJJYlxC3ArxPrMErRQ8mU/2j57ddOxpdzYFXGX+Q
SNMqzx/tU3oVTpzmVpQwv4YPSN7MNdDR7D4KfYYEUA+bFkxnEtFgu2wVOPqSmFcA
C0H8vFGKzCLaFh0giukQC/UYkxj2/sWTHsHcs48ugy6hDokWMO9ENEJYNcGKf6k7
l34ck3ppnXBcPAU4qaKYyAqUCFTcNeKvMEk/QetHxk73Nd8JVOfm5nxTuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2w65X9n7aIIkzx2cPmeXIQkn8yMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvX2JEcmxmMmZ0b2dpVFBIWnctWjVjaENTZnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/MMA0G
CSqGSIb3DQEBCwUAA4IBAQAYDx0u7e/bnFW8t6RsHwyCStrdligDtR92u2UksF/N
8sPzYGyiYGXwvK3jUnaKqO3ie2IsdWVI4vCKP/WDshUxSQgD3BknazGc5BzuoVW/
RDr7+nWM8eBb5ibiaSJlTqQuV5IaxSiqwqtlz3hMvvyh4pihopqdpsHxM9ObH//8
Xn/stVpkxdrjnjHeVn5qaXUPcUdiar0iPg0RuQR8OMozHizqWNy75jYP3sYwfOb2
dxx8Yk0xcYCK1i3MN47aXvzZPXBuhiuwJGWeJb4LHR8P9Fd7cNLcBdNSphh8ANEv
ihQOgeDjfRR9nHCUcTwbEAUX1vOPgu8wQaMB8vMhOQS4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org