Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dSEUfge5Dhw3Lco43IOsxEv27_U.roa
File:                     dSEUfge5Dhw3Lco43IOsxEv27_U.roa (raw, json)
Hash identifier:          wmq65NEG4DSCOQd1r/yPjoEBk2RAUKDura4db7a3834=
Subject key identifier:   75:21:14:7E:07:B9:0E:1C:37:2D:CA:38:DC:83:AC:C4:4B:F6:EF:F5
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       0187653A7387D2A27BE51D0EDF38ADFC16BC
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dSEUfge5Dhw3Lco43IOsxEv27_U.roa
Signing time:             Sun 09 Apr 2023 08:55:42 +0000
ROA not before:           Sun 09 Apr 2023 08:55:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200017
IP address blocks:        195.95.201.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Jul 2023 07:23:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:65:3a:73:87:d2:a2:7b:e5:1d:0e:df:38:ad:fc:16:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Apr  9 08:55:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7521147e07b90e1c372dca38dc83acc44bf6eff5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:97:5b:5e:5a:10:16:b2:a4:00:14:4c:10:cd:
                    26:89:30:66:12:e4:96:14:c2:51:14:00:34:c7:b7:
                    79:bc:16:20:25:f9:c5:40:d9:8b:da:f3:12:4a:6a:
                    e9:be:b8:ac:b9:69:45:a6:dd:0a:fd:fa:47:ce:7f:
                    33:b7:20:ad:d8:1e:83:a1:92:54:4b:a9:80:a5:a9:
                    f5:ca:8c:9d:7f:6d:e2:e4:75:8b:0c:e8:81:82:79:
                    df:17:4a:a5:3c:01:a1:eb:9c:c6:8e:01:c7:32:42:
                    9f:0a:63:69:0f:50:41:22:ea:d3:02:46:cf:6e:06:
                    cb:8b:40:77:31:c7:55:1c:03:7f:3b:37:2c:60:b1:
                    28:b8:34:19:51:5d:cf:c6:43:17:3d:ba:26:bf:31:
                    03:06:92:e7:9a:76:2e:7f:c7:53:12:89:83:54:09:
                    96:12:37:5a:69:ad:97:1d:10:83:d2:bf:47:2c:02:
                    dd:eb:d5:59:4d:9c:ef:e1:fd:c4:c8:fa:d9:0e:1c:
                    2e:16:1a:ed:c9:c9:b1:24:3c:1f:56:b5:51:f6:2c:
                    10:9c:5c:b0:c9:e9:80:34:46:66:0a:0f:7f:0e:e8:
                    da:37:25:7c:f9:b2:02:9e:92:88:5f:db:52:63:80:
                    cc:9a:c5:ae:5e:87:f0:a9:f5:2f:53:85:51:e6:f1:
                    a9:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:21:14:7E:07:B9:0E:1C:37:2D:CA:38:DC:83:AC:C4:4B:F6:EF:F5
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dSEUfge5Dhw3Lco43IOsxEv27_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:10:b3:3e:b4:20:d3:82:97:e4:4e:35:8a:fb:13:b7:86:43:
         6f:12:71:db:2c:6a:a5:91:ea:a8:1f:33:27:fa:58:77:ac:a6:
         95:94:bf:70:96:73:a3:e0:c8:60:64:69:56:d4:0c:c7:62:85:
         46:05:2a:5a:79:87:ab:21:4f:0c:36:68:41:9f:3d:e0:56:ca:
         5d:c9:e6:b9:b2:8f:66:da:78:61:0b:97:f5:d8:dc:16:89:a8:
         89:6f:4e:e0:39:d9:e8:f8:dc:c4:6f:fc:d2:aa:c2:a5:65:2a:
         3e:e1:ba:a5:7b:b5:89:78:d3:40:9d:14:01:d3:92:ca:e5:80:
         45:4c:56:84:1b:29:1d:02:aa:4d:ac:06:93:41:16:78:07:e2:
         93:c4:d3:9b:6e:0e:07:38:ec:39:c7:5b:1b:5d:2a:b5:de:9d:
         0b:1a:89:10:d6:64:e7:52:ed:c9:0d:dd:aa:45:87:a5:ef:53:
         dc:8f:8d:fd:6d:41:48:89:83:84:3c:4d:d1:7d:b9:26:87:14:
         38:4a:c4:91:0e:59:ae:db:7a:48:7b:43:88:3a:7e:74:af:f6:
         0f:75:69:75:6c:5d:de:96:26:98:d3:a5:8e:ae:8f:04:4a:b9:
         ff:34:f0:c6:67:02:9c:91:21:57:ed:99:2b:c0:cd:2c:1f:5c:
         e4:45:0f:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdlOnOH0qJ75R0O3zit/Ba8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwNDA5MDg1NTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTIxMTQ3ZTA3YjkwZTFjMzcyZGNhMzhkYzgzYWNjNDRiZjZlZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZdbXloQFrKkABRMEM0miTBmEuSW
FMJRFAA0x7d5vBYgJfnFQNmL2vMSSmrpvrisuWlFpt0K/fpHzn8ztyCt2B6DoZJU
S6mApan1yoydf23i5HWLDOiBgnnfF0qlPAGh65zGjgHHMkKfCmNpD1BBIurTAkbP
bgbLi0B3McdVHAN/OzcsYLEouDQZUV3PxkMXPbomvzEDBpLnmnYuf8dTEomDVAmW
Ejdaaa2XHRCD0r9HLALd69VZTZzv4f3EyPrZDhwuFhrtycmxJDwfVrVR9iwQnFyw
yemANEZmCg9/DujaNyV8+bICnpKIX9tSY4DMmsWuXofwqfUvU4VR5vGpqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUhFH4HuQ4cNy3KONyDrMRL9u/1MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvZFNFVWZnZTVEaHczTGNvNDNJT3N4RXYyN19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/JMA0G
CSqGSIb3DQEBCwUAA4IBAQBeELM+tCDTgpfkTjWK+xO3hkNvEnHbLGqlkeqoHzMn
+lh3rKaVlL9wlnOj4MhgZGlW1AzHYoVGBSpaeYerIU8MNmhBnz3gVspdyea5so9m
2nhhC5f12NwWiaiJb07gOdno+NzEb/zSqsKlZSo+4bqle7WJeNNAnRQB05LK5YBF
TFaEGykdAqpNrAaTQRZ4B+KTxNObbg4HOOw5x1sbXSq13p0LGokQ1mTnUu3JDd2q
RYel71Pcj439bUFIiYOEPE3RfbkmhxQ4SsSRDlmu23pIe0OIOn50r/YPdWl1bF3e
liaY06WOro8ESrn/NPDGZwKckSFX7ZkrwM0sH1zkRQ/w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org