Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/c3QgtMxGxA_mso_TdAZVyiLfMAM.roa
File:                     c3QgtMxGxA_mso_TdAZVyiLfMAM.roa (raw, json)
Hash identifier:          uc6II3xwktPlKECFqwxIDQwypvV2kuw9/6x9gA4F7D0=
Subject key identifier:   73:74:20:B4:CC:46:C4:0F:E6:B2:8F:D3:74:06:55:CA:22:DF:30:03
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       01856BC11B960254DE51FA77E9E4AB92FBC8
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/c3QgtMxGxA_mso_TdAZVyiLfMAM.roa
Signing time:             Sun 01 Jan 2023 05:14:55 +0000
ROA not before:           Sun 01 Jan 2023 05:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147186
IP address blocks:        195.95.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c1:1b:96:02:54:de:51:fa:77:e9:e4:ab:92:fb:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Jan  1 05:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=737420b4cc46c40fe6b28fd3740655ca22df3003
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:66:73:0b:71:9f:a7:9e:33:30:f8:55:84:30:
                    ab:49:9a:e7:4d:28:f9:f7:54:e2:b8:08:fe:68:8d:
                    a9:ea:44:72:dd:f1:4d:67:45:7a:a8:78:75:35:d0:
                    53:2a:a9:2c:4d:ff:e4:d8:13:9f:07:8d:6d:a0:40:
                    0b:bd:8f:b6:f3:8d:49:46:ce:65:82:12:3d:23:c8:
                    a7:32:55:63:b4:52:9f:57:0c:30:10:b6:a8:8f:a0:
                    df:d4:8b:ba:ca:67:b3:5b:7f:61:75:08:a2:23:0b:
                    6a:47:2b:b2:61:aa:61:23:55:16:10:a3:e5:33:49:
                    16:03:12:9a:af:20:45:e2:e2:31:44:81:a9:70:2e:
                    a8:f2:a2:a2:8a:41:b8:21:96:70:0e:64:64:02:42:
                    b8:ef:99:1a:60:a4:ed:34:d4:37:8e:b1:20:94:61:
                    41:ab:37:15:0c:c5:46:35:16:88:4b:0b:41:61:ba:
                    c6:ae:39:88:9a:7c:5b:2e:70:e2:c6:ff:d2:00:ae:
                    c5:79:85:82:3b:e8:66:d3:61:8a:5b:c6:df:f5:a2:
                    cb:29:29:d8:e4:42:9b:1b:87:92:64:a4:09:dc:a9:
                    e6:5e:2d:72:63:90:6a:34:ec:91:47:a9:30:e9:24:
                    73:af:3a:91:27:a3:a9:73:a5:60:54:90:1c:10:3f:
                    62:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:74:20:B4:CC:46:C4:0F:E6:B2:8F:D3:74:06:55:CA:22:DF:30:03
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/c3QgtMxGxA_mso_TdAZVyiLfMAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:9b:92:be:81:b9:f1:d7:ef:e6:86:bf:f1:88:b6:70:5d:0d:
         ad:3a:03:27:47:cc:92:7a:2f:9e:37:a3:49:0e:6f:3c:e0:8b:
         87:22:0b:ae:36:aa:32:b6:fe:82:ef:3a:61:46:10:f9:e6:8a:
         0e:7d:08:29:43:68:f1:2a:00:68:b7:9f:e3:df:8e:89:97:6f:
         fc:fd:7b:af:9c:69:5a:3a:25:de:45:cf:69:7b:77:39:dc:28:
         b2:7b:0b:58:c5:6a:0b:bd:7e:91:e8:59:ac:7a:e1:ae:ed:b5:
         fd:13:17:f6:1a:69:e8:5d:1a:d8:b8:d3:22:5c:43:19:51:bf:
         d6:96:9d:80:67:6c:76:53:10:68:fd:5c:26:11:d7:7b:8b:fd:
         46:3f:5e:dc:01:f3:5b:b5:06:78:83:f1:c2:f2:9b:db:c7:e8:
         96:e2:c3:43:56:96:d8:bf:d9:8b:b4:ce:e6:76:d1:cf:2b:ed:
         6e:68:dc:a7:d9:23:09:f2:42:fd:0c:b5:13:9e:d9:26:9f:d1:
         64:16:fc:91:78:fc:9f:05:3e:33:be:8e:1f:8b:bc:d7:c6:76:
         c4:49:85:d4:d9:9e:1b:42:e4:b3:67:71:14:f4:71:bf:96:10:
         fe:e7:2a:ce:05:1a:36:3a:e0:96:1c:c3:5a:4d:b7:5b:b9:62:
         7f:4b:84:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwRuWAlTeUfp36eSrkvvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTAxMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzc0MjBiNGNjNDZjNDBmZTZiMjhmZDM3NDA2NTVjYTIyZGYzMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2ZzC3Gfp54zMPhVhDCrSZrnTSj5
91TiuAj+aI2p6kRy3fFNZ0V6qHh1NdBTKqksTf/k2BOfB41toEALvY+2841JRs5l
ghI9I8inMlVjtFKfVwwwELaoj6Df1Iu6ymezW39hdQiiIwtqRyuyYaphI1UWEKPl
M0kWAxKaryBF4uIxRIGpcC6o8qKiikG4IZZwDmRkAkK475kaYKTtNNQ3jrEglGFB
qzcVDMVGNRaISwtBYbrGrjmImnxbLnDixv/SAK7FeYWCO+hm02GKW8bf9aLLKSnY
5EKbG4eSZKQJ3KnmXi1yY5BqNOyRR6kw6SRzrzqRJ6Opc6VgVJAcED9iMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHN0ILTMRsQP5rKP03QGVcoi3zADMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvYzNRZ3RNeEd4QV9tc29fVGRBWlZ5aUxmTUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/IMA0G
CSqGSIb3DQEBCwUAA4IBAQCtm5K+gbnx1+/mhr/xiLZwXQ2tOgMnR8ySei+eN6NJ
Dm884IuHIguuNqoytv6C7zphRhD55ooOfQgpQ2jxKgBot5/j346Jl2/8/XuvnGla
OiXeRc9pe3c53CiyewtYxWoLvX6R6FmseuGu7bX9Exf2GmnoXRrYuNMiXEMZUb/W
lp2AZ2x2UxBo/VwmEdd7i/1GP17cAfNbtQZ4g/HC8pvbx+iW4sNDVpbYv9mLtM7m
dtHPK+1uaNyn2SMJ8kL9DLUTntkmn9FkFvyRePyfBT4zvo4fi7zXxnbESYXU2Z4b
QuSzZ3EU9HG/lhD+5yrOBRo2OuCWHMNaTbdbuWJ/S4Qz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org