Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/xU0UgTDdRVLZ5cb3HMIFZfNzguI.roa
File:                     xU0UgTDdRVLZ5cb3HMIFZfNzguI.roa (raw, json)
Hash identifier:          kldnyU6vJoHc1++qI6OgxM/zBtxPtA3JoQiO/ZQNMNw=
Subject key identifier:   C5:4D:14:81:30:DD:45:52:D9:E5:C6:F7:1C:C2:05:65:F3:73:82:E2
Certificate issuer:       /CN=9d202808d1f914555e1bd59c1677287ff9b3b590
Certificate serial:       01856E1451028161629F3A3838397F531100
Authority key identifier: 9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/xU0UgTDdRVLZ5cb3HMIFZfNzguI.roa
Signing time:             Sun 01 Jan 2023 16:05:03 +0000
ROA not before:           Sun 01 Jan 2023 16:05:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46071
IP address blocks:        94.231.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:14:51:02:81:61:62:9f:3a:38:38:39:7f:53:11:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d202808d1f914555e1bd59c1677287ff9b3b590
        Validity
            Not Before: Jan  1 16:05:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c54d148130dd4552d9e5c6f71cc20565f37382e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b9:68:9f:5a:cd:ce:4e:fb:ee:33:15:e4:fb:
                    77:ef:8c:ef:68:11:fb:aa:7a:90:f7:f2:9b:d9:de:
                    36:5f:fe:e8:ac:0f:13:3d:0e:00:d7:32:af:19:df:
                    ef:6e:d8:f0:48:09:47:5f:84:db:91:f3:60:d4:9e:
                    03:64:8f:8c:68:3f:f4:ef:fd:ec:2c:3e:8e:b6:65:
                    f6:2e:05:ed:b8:11:85:e6:6f:90:ca:37:b7:41:1b:
                    38:e4:7e:d8:56:95:1b:a7:bb:83:2a:77:f9:63:df:
                    32:4a:73:39:92:d8:85:a8:74:98:a6:9a:68:90:24:
                    cd:72:e3:58:08:3c:02:a2:36:2a:e5:2b:f7:3c:8c:
                    4f:e0:3e:e5:32:c5:6c:28:20:5e:5e:86:e7:fb:8b:
                    c7:90:dc:eb:f0:a1:20:02:d4:ba:69:4d:72:e7:ad:
                    9f:a4:2d:4a:47:55:84:1e:bf:c5:b6:06:2f:73:6c:
                    0e:2c:19:6d:39:e3:be:6b:07:9a:7e:5d:3b:b3:56:
                    31:86:c8:04:8f:e3:a9:0b:03:f2:ea:24:2e:51:f7:
                    1f:d6:ba:37:12:b8:3f:6a:01:18:10:18:a0:b6:c0:
                    43:17:99:af:5d:00:76:12:1f:63:96:35:f8:95:df:
                    b4:bd:d3:9b:26:ab:f8:1c:18:6a:ed:60:bf:ed:ed:
                    23:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:4D:14:81:30:DD:45:52:D9:E5:C6:F7:1C:C2:05:65:F3:73:82:E2
            X509v3 Authority Key Identifier:
                keyid:9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/xU0UgTDdRVLZ5cb3HMIFZfNzguI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.231.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:72:d8:f8:84:f2:09:b8:36:9f:7c:0f:39:6b:28:fc:41:91:
         a3:81:49:6c:e7:74:10:f4:8c:b6:38:b4:2a:21:a5:07:82:53:
         1c:5d:a7:3f:c7:4a:25:f2:3b:cc:4a:15:ee:e5:34:44:23:60:
         ad:1d:cd:cf:24:32:e0:68:2e:26:1e:f6:a4:a7:8a:80:e2:9a:
         72:3c:3f:c6:ee:3a:d0:35:68:92:67:a6:52:53:a5:1e:2c:bd:
         25:41:17:1c:5a:03:7d:e5:92:fd:43:94:bf:66:d0:3f:b6:89:
         4c:77:64:f9:03:25:d6:59:18:41:d0:5b:97:67:d2:29:ff:f1:
         e8:ca:ba:0d:b4:81:a1:48:af:81:7f:b0:5b:9f:58:e5:99:49:
         6d:15:8f:93:21:14:fc:0a:76:eb:28:01:cd:24:53:e9:2d:27:
         3d:ef:4b:5c:74:15:e6:f6:61:0d:28:99:f8:31:9b:d6:1d:62:
         7a:07:6c:ac:6c:8d:52:68:c7:24:9a:e1:f4:e3:b1:27:c1:19:
         df:ac:9d:63:15:68:a2:34:b8:4b:a5:01:51:a1:04:8f:ea:a9:
         7b:8b:dc:48:f2:b3:4b:91:e5:d1:80:f7:68:76:ab:0a:28:3a:
         3e:14:23:00:b2:35:f8:83:f4:77:bd:b8:a1:2c:91:55:7f:1e:
         8d:fa:18:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFFECgWFinzo4ODl/UxEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjAyODA4ZDFmOTE0NTU1ZTFiZDU5YzE2NzcyODdmZjli
M2I1OTAwHhcNMjMwMTAxMTYwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRkMTQ4MTMwZGQ0NTUyZDllNWM2ZjcxY2MyMDU2NWYzNzM4MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsblon1rNzk777jMV5Pt374zvaBH7
qnqQ9/Kb2d42X/7orA8TPQ4A1zKvGd/vbtjwSAlHX4TbkfNg1J4DZI+MaD/07/3s
LD6OtmX2LgXtuBGF5m+Qyje3QRs45H7YVpUbp7uDKnf5Y98ySnM5ktiFqHSYpppo
kCTNcuNYCDwCojYq5Sv3PIxP4D7lMsVsKCBeXobn+4vHkNzr8KEgAtS6aU1y562f
pC1KR1WEHr/FtgYvc2wOLBltOeO+aweafl07s1YxhsgEj+OpCwPy6iQuUfcf1ro3
Erg/agEYEBigtsBDF5mvXQB2Eh9jljX4ld+0vdObJqv4HBhq7WC/7e0jlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVNFIEw3UVS2eXG9xzCBWXzc4LiMB8GA1UdIwQY
MBaAFJ0gKAjR+RRVXhvVnBZ3KH/5s7WQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1Njgt
ODgwYjJkZjU3ZjI1LzEveFUwVWdURGRSVkxaNWNiM0hNSUZaZk56Z3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1NjgtODgwYjJkZjU3ZjI1
LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXufIMA0G
CSqGSIb3DQEBCwUAA4IBAQAyctj4hPIJuDaffA85ayj8QZGjgUls53QQ9Iy2OLQq
IaUHglMcXac/x0ol8jvMShXu5TREI2CtHc3PJDLgaC4mHvakp4qA4ppyPD/G7jrQ
NWiSZ6ZSU6UeLL0lQRccWgN95ZL9Q5S/ZtA/tolMd2T5AyXWWRhB0FuXZ9Ip//Ho
yroNtIGhSK+Bf7Bbn1jlmUltFY+TIRT8CnbrKAHNJFPpLSc970tcdBXm9mENKJn4
MZvWHWJ6B2ysbI1SaMckmuH047EnwRnfrJ1jFWiiNLhLpQFRoQSP6ql7i9xI8rNL
keXRgPdodqsKKDo+FCMAsjX4g/R3vbihLJFVfx6N+hgD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org