Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/53B-gW3VczoyDpu9jKZl_b7bO0s.roa
File:                     53B-gW3VczoyDpu9jKZl_b7bO0s.roa (raw, json)
Hash identifier:          GIQ/0A9U5wXECcYR9l72cglO1v5VsTgfLfKA9+fXO4s=
Subject key identifier:   E7:70:7E:81:6D:D5:73:3A:32:0E:9B:BD:8C:A6:65:FD:BE:DB:3B:4B
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       018B3787296CBBFB388045A9C79BEB94EBE8
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/53B-gW3VczoyDpu9jKZl_b7bO0s.roa
Signing time:             Mon 16 Oct 2023 08:08:06 +0000
ROA not before:           Mon 16 Oct 2023 08:08:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29286
IP address blocks:        95.43.198.0/24 maxlen: 24
                          46.10.162.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:37:87:29:6c:bb:fb:38:80:45:a9:c7:9b:eb:94:eb:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Oct 16 08:08:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7707e816dd5733a320e9bbd8ca665fdbedb3b4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:18:c6:04:7d:23:af:c8:8e:f4:28:c7:32:36:
                    8c:d3:b0:14:0f:0e:b3:b8:f7:4e:91:9f:f0:38:39:
                    b2:84:42:df:f7:69:3e:16:3f:4e:cd:45:56:cd:a4:
                    45:c8:bc:4e:e9:3e:da:34:93:8b:18:72:6c:7f:29:
                    9d:49:0f:e3:cc:bf:52:3e:b0:4a:f1:00:52:7d:be:
                    11:68:fd:99:c2:9a:40:da:ec:65:45:5d:dd:84:cf:
                    5c:0c:29:3d:2c:a9:6b:d8:e5:4f:7c:45:50:0c:b8:
                    c2:d5:73:bb:29:d2:0d:ec:1c:ef:8e:e7:b7:ab:0c:
                    d1:28:2e:bd:3c:f3:7e:1d:e8:58:12:77:03:8b:77:
                    14:d9:1b:a3:56:38:22:9e:03:74:ff:35:e2:fe:a1:
                    0e:75:a8:bd:c4:2d:be:45:62:c2:45:eb:4e:fb:3a:
                    17:b9:e4:4e:7d:e7:fe:59:76:45:7b:2b:10:48:c5:
                    88:5e:b5:d5:c1:d8:26:ec:97:b5:fc:bb:2e:30:46:
                    96:59:a0:46:a4:cc:41:84:3f:71:ec:f6:9f:e5:41:
                    0b:e0:55:7a:80:ee:94:fe:b9:ed:b1:4e:21:a1:6f:
                    b4:95:e2:d0:fd:14:cd:7b:55:60:b0:f3:cc:03:93:
                    ea:1a:ce:60:e4:5e:e3:a1:e9:4c:8d:e2:d3:94:99:
                    cd:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:70:7E:81:6D:D5:73:3A:32:0E:9B:BD:8C:A6:65:FD:BE:DB:3B:4B
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/53B-gW3VczoyDpu9jKZl_b7bO0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.10.162.0/23
                  95.43.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:09:77:ba:90:5a:8f:d5:27:7a:bc:83:cd:7c:06:16:6f:ee:
         5b:29:cd:49:08:d3:38:b7:05:59:87:8f:2d:2d:63:c1:f4:f7:
         24:c5:c6:d3:a5:45:a4:ef:09:03:88:2e:de:3a:63:56:81:e0:
         27:7a:c5:96:8b:91:ce:be:70:d7:22:da:78:a8:02:53:59:87:
         11:ae:c0:8c:79:11:41:c2:88:c9:b2:67:f8:c2:b8:54:a8:cd:
         26:b9:e7:34:f3:db:ce:b5:00:7c:d0:12:dc:9d:59:99:a6:ed:
         3f:53:9a:0f:8d:a1:71:ad:46:1b:3e:21:51:cc:28:b8:b3:76:
         76:29:eb:eb:56:39:6c:7a:3f:39:18:cd:cb:2c:43:bc:02:f7:
         e1:e8:99:9a:7e:90:0a:56:ab:fb:31:d7:c0:ff:10:7c:8c:fb:
         ce:86:9e:38:69:04:9d:82:f4:fa:f8:d9:58:2d:95:af:67:16:
         49:fb:32:ee:ab:92:20:33:46:1c:17:a4:cc:26:7f:8f:51:27:
         3a:38:77:45:b6:da:a9:08:0e:3e:d6:1f:70:3c:6c:e5:2d:f7:
         a3:65:d1:22:1b:86:a3:b2:ca:47:3a:52:c0:ca:48:f0:93:96:
         3f:57:d4:52:df:53:2c:36:e6:fc:3d:dd:f8:48:1b:f3:3c:84:
         68:c0:a0:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs3hylsu/s4gEWpx5vrlOvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMxMDE2MDgwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzcwN2U4MTZkZDU3MzNhMzIwZTliYmQ4Y2E2NjVmZGJlZGIzYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxjGBH0jr8iO9CjHMjaM07AUDw6z
uPdOkZ/wODmyhELf92k+Fj9OzUVWzaRFyLxO6T7aNJOLGHJsfymdSQ/jzL9SPrBK
8QBSfb4RaP2ZwppA2uxlRV3dhM9cDCk9LKlr2OVPfEVQDLjC1XO7KdIN7Bzvjue3
qwzRKC69PPN+HehYEncDi3cU2RujVjgingN0/zXi/qEOdai9xC2+RWLCRetO+zoX
ueROfef+WXZFeysQSMWIXrXVwdgm7Je1/LsuMEaWWaBGpMxBhD9x7Paf5UEL4FV6
gO6U/rntsU4hoW+0leLQ/RTNe1VgsPPMA5PqGs5g5F7joelMjeLTlJnNYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOdwfoFt1XM6Mg6bvYymZf2+2ztLMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvNTNCLWdXM1Zjem95RHB1OWpLWmxfYjdiTzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLgqiAwQA
XyvGMA0GCSqGSIb3DQEBCwUAA4IBAQAvCXe6kFqP1Sd6vIPNfAYWb+5bKc1JCNM4
twVZh48tLWPB9PckxcbTpUWk7wkDiC7eOmNWgeAnesWWi5HOvnDXItp4qAJTWYcR
rsCMeRFBwojJsmf4wrhUqM0muec089vOtQB80BLcnVmZpu0/U5oPjaFxrUYbPiFR
zCi4s3Z2KevrVjlsej85GM3LLEO8Avfh6JmafpAKVqv7MdfA/xB8jPvOhp44aQSd
gvT6+NlYLZWvZxZJ+zLuq5IgM0YcF6TMJn+PUSc6OHdFttqpCA4+1h9wPGzlLfej
ZdEiG4ajsspHOlLAykjwk5Y/V9RS31MsNub8Pd34SBvzPIRowKBL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org