Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/rdjht2bBPT3DTq5LJqRH76gi8Vc.roa
File:                     rdjht2bBPT3DTq5LJqRH76gi8Vc.roa (raw, json)
Hash identifier:          AljtLV2M2RPvJ8lOFIOBfvz6SHTyDNiRNF3JWTSWpvI=
Subject key identifier:   AD:D8:E1:B7:66:C1:3D:3D:C3:4E:AE:4B:26:A4:47:EF:A8:22:F1:57
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       01856FCB920BB34368FBFA97885485481985
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/rdjht2bBPT3DTq5LJqRH76gi8Vc.roa
Signing time:             Mon 02 Jan 2023 00:04:49 +0000
ROA not before:           Mon 02 Jan 2023 00:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204448
IP address blocks:        80.95.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:92:0b:b3:43:68:fb:fa:97:88:54:85:48:19:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Jan  2 00:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=add8e1b766c13d3dc34eae4b26a447efa822f157
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:41:8f:73:6a:8b:6e:46:50:7e:47:a0:26:ad:
                    b6:ec:92:08:3f:ea:bd:09:1a:af:ff:a5:cd:6d:23:
                    d6:69:3c:dd:25:15:3d:1b:ed:b3:de:59:62:23:32:
                    d2:63:c6:b2:2c:fd:d9:d9:bb:5a:c5:64:63:03:14:
                    15:4f:c1:45:42:5b:fc:3a:38:6c:99:0c:6f:14:3f:
                    cd:87:9c:f4:ad:5e:e4:7c:67:39:ca:66:9c:e1:65:
                    d8:1f:6a:d4:f2:69:61:0d:60:4d:1d:d7:eb:4e:51:
                    31:2f:8e:be:af:b3:a1:bb:da:fc:59:8c:a7:78:c6:
                    ef:b9:87:59:0e:86:e6:bc:08:10:b6:c3:87:18:3c:
                    11:ac:56:d1:cb:77:a7:1d:a0:9f:8e:2d:e9:c3:0a:
                    aa:9f:8c:8f:f7:1f:e9:1d:ff:17:f1:00:a2:d4:fb:
                    3e:dd:ed:5a:72:66:62:b4:6a:00:b3:8e:42:6f:0d:
                    dd:0c:06:d4:37:e9:2b:57:6a:84:0f:bc:32:06:2c:
                    65:76:7f:b5:78:26:a8:18:3a:65:a5:4d:05:68:03:
                    47:75:d0:b8:d8:dd:d9:87:32:ab:a3:8d:41:68:0d:
                    58:95:82:9f:1f:e5:bb:0a:db:b9:14:71:62:d3:ad:
                    d1:16:70:57:a9:91:63:20:0b:e9:bb:3c:30:c1:e1:
                    90:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:D8:E1:B7:66:C1:3D:3D:C3:4E:AE:4B:26:A4:47:EF:A8:22:F1:57
            X509v3 Authority Key Identifier:
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/rdjht2bBPT3DTq5LJqRH76gi8Vc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.95.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:c2:30:d0:5e:47:47:f3:65:4d:ad:25:b6:24:88:95:07:af:
         71:a8:cf:41:7d:9c:40:ba:0b:3f:8d:21:da:8e:58:a8:14:83:
         7d:87:1e:ae:53:7b:fb:ca:d2:bb:6c:99:14:9b:0f:9c:46:04:
         20:eb:3f:df:98:9f:77:27:5e:fe:02:e2:37:07:18:71:c5:2b:
         69:2d:c3:c3:6d:eb:cb:47:2b:1f:c0:8c:e7:32:a8:0d:40:27:
         bd:24:70:4f:7f:d2:a4:62:db:d5:0d:1c:20:30:49:c1:d3:c9:
         17:ca:5d:29:52:31:bf:93:3f:22:6d:a7:f4:a3:70:4a:1c:92:
         54:45:f2:58:4e:03:38:4e:df:2f:32:71:39:79:57:46:80:7b:
         00:b0:e3:5c:07:cf:c8:ce:b7:a5:fd:c5:1b:4b:03:18:e1:df:
         b1:25:a2:42:a0:25:be:93:f3:95:ce:41:f4:8e:ca:13:09:67:
         4d:be:68:96:c0:92:f3:e3:f5:5b:3a:50:fe:0a:9a:45:59:31:
         b8:24:6b:6e:0c:fc:bf:91:32:09:4e:4d:d0:b7:08:ad:7d:ac:
         ed:07:b8:b7:62:98:1e:10:d2:a3:68:5c:ce:12:79:39:00:56:
         54:3f:8d:fa:ec:60:82:f1:bf:db:7c:30:fb:da:be:a5:94:32:
         5f:57:1a:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy5ILs0No+/qXiFSFSBmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQ4ZTFiNzY2YzEzZDNkYzM0ZWFlNGIyNmE0NDdlZmE4MjJmMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUGPc2qLbkZQfkegJq227JIIP+q9
CRqv/6XNbSPWaTzdJRU9G+2z3lliIzLSY8ayLP3Z2btaxWRjAxQVT8FFQlv8Ojhs
mQxvFD/Nh5z0rV7kfGc5ymac4WXYH2rU8mlhDWBNHdfrTlExL46+r7Ohu9r8WYyn
eMbvuYdZDobmvAgQtsOHGDwRrFbRy3enHaCfji3pwwqqn4yP9x/pHf8X8QCi1Ps+
3e1acmZitGoAs45Cbw3dDAbUN+krV2qED7wyBixldn+1eCaoGDplpU0FaANHddC4
2N3ZhzKro41BaA1YlYKfH+W7Ctu5FHFi063RFnBXqZFjIAvpuzwwweGQnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK3Y4bdmwT09w06uSyakR++oIvFXMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvcmRqaHQyYkJQVDNEVHE1TEpxUkg3NmdpOFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUF8XMA0G
CSqGSIb3DQEBCwUAA4IBAQCOwjDQXkdH82VNrSW2JIiVB69xqM9BfZxAugs/jSHa
jlioFIN9hx6uU3v7ytK7bJkUmw+cRgQg6z/fmJ93J17+AuI3BxhxxStpLcPDbevL
RysfwIznMqgNQCe9JHBPf9KkYtvVDRwgMEnB08kXyl0pUjG/kz8ibaf0o3BKHJJU
RfJYTgM4Tt8vMnE5eVdGgHsAsONcB8/Izrel/cUbSwMY4d+xJaJCoCW+k/OVzkH0
jsoTCWdNvmiWwJLz4/VbOlD+CppFWTG4JGtuDPy/kTIJTk3QtwitfaztB7i3Ypge
ENKjaFzOEnk5AFZUP4367GCC8b/bfDD72r6llDJfVxpO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:35 2024 by rpki-client on console-ams.rpki-client.org