Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/xkm18LVVNIl-EBloG59TX5n0rao.roa
File:                     xkm18LVVNIl-EBloG59TX5n0rao.roa (raw, json)
Hash identifier:          hbW9ZQ3CTxjX3BzcwpkGIvMYcGsrdm6OvBD4CkD7VMU=
Subject key identifier:   C6:49:B5:F0:B5:55:34:89:7E:10:19:68:1B:9F:53:5F:99:F4:AD:AA
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       01856CE65284BB6A6EB10676BBDBB6D8F862
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/xkm18LVVNIl-EBloG59TX5n0rao.roa
Signing time:             Sun 01 Jan 2023 10:35:11 +0000
ROA not before:           Sun 01 Jan 2023 10:35:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31287
IP address blocks:        95.43.239.0/24 maxlen: 24
                          62.73.100.0/24 maxlen: 24
                          95.43.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:52:84:bb:6a:6e:b1:06:76:bb:db:b6:d8:f8:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 10:35:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c649b5f0b55534897e1019681b9f535f99f4adaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:81:d8:de:34:d0:5f:ce:7c:36:88:ca:88:96:
                    1a:32:9e:f4:f4:ef:0a:0a:6c:9f:0f:1d:e7:bf:03:
                    67:8d:c7:38:83:8d:64:ee:75:ea:db:de:32:72:85:
                    1e:5f:46:82:a0:99:53:63:3e:7a:6a:86:ee:de:6a:
                    74:fb:cc:00:56:32:5d:24:f3:c2:aa:43:c8:8e:e8:
                    d9:6b:eb:ad:67:8e:42:33:b2:b6:77:25:09:e8:88:
                    69:1f:69:2f:c0:5d:98:e6:37:c4:45:7b:69:df:d0:
                    0b:b9:85:f4:ea:8b:49:14:9b:59:99:e8:73:df:ca:
                    02:4b:e9:17:3c:d3:0a:a6:d3:6f:81:18:f3:49:aa:
                    1b:61:3a:95:be:ad:43:dc:84:13:8a:ba:a5:7c:ee:
                    a5:92:49:6b:29:d5:fe:9b:f1:ea:58:cc:1f:59:5a:
                    28:c3:7c:46:b6:35:3e:a7:93:0a:fe:d1:c1:85:68:
                    32:92:a0:3f:89:a8:a2:29:93:20:df:92:3e:89:b3:
                    59:c4:a0:09:95:05:1e:0e:53:59:99:29:23:89:5a:
                    90:de:95:27:a9:0f:9e:87:5f:53:94:65:e1:69:9a:
                    c8:13:3a:e5:a4:02:f3:68:f9:bb:35:53:ed:47:a4:
                    61:85:17:e6:0e:41:9c:3a:c8:e3:c5:4e:87:d5:b5:
                    6a:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:49:B5:F0:B5:55:34:89:7E:10:19:68:1B:9F:53:5F:99:F4:AD:AA
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/xkm18LVVNIl-EBloG59TX5n0rao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.73.100.0/24
                  95.43.236.0/24
                  95.43.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:f9:fa:39:f9:32:c0:ae:55:d0:dd:04:4d:d5:a9:e1:a4:5d:
         bf:a4:cf:29:61:d1:09:11:05:29:54:58:a7:c8:19:e0:0a:0c:
         25:55:37:26:d5:8c:5e:06:4d:77:ca:1e:ae:7d:6d:72:ba:21:
         f5:56:d5:02:07:5c:04:82:6a:d6:0a:6e:cc:cd:df:eb:3d:37:
         6e:bb:23:4e:b8:3d:fb:98:79:cf:80:5d:ab:c7:fd:f2:49:ac:
         16:8e:ea:cb:95:a7:81:b5:36:b7:fc:64:f2:b7:fa:6d:67:8f:
         34:6f:46:52:b8:86:5f:1a:90:ef:65:aa:09:2a:9d:6d:16:08:
         1d:2c:47:3c:fe:48:59:40:d5:7e:60:50:be:4a:18:29:bb:df:
         66:28:f1:ea:9a:be:ad:d0:63:01:ac:da:e8:b7:ec:0a:31:41:
         37:7c:4e:3b:15:30:b3:d1:fb:dd:1e:7e:17:44:26:c0:e9:2d:
         7a:10:0e:5a:5d:df:69:f6:da:97:2a:10:77:9f:62:17:a2:9e:
         dd:54:b6:9e:9d:bb:e3:2b:72:56:7b:f3:60:12:7e:7a:80:f1:
         e4:c3:90:61:a5:96:3f:1a:dc:27:7c:46:92:7d:25:35:99:81:
         eb:6c:8e:71:8e:62:51:35:62:8a:f9:13:ea:44:7b:3f:08:75:
         ed:3b:27:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVs5lKEu2pusQZ2u9u22PhiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ5YjVmMGI1NTUzNDg5N2UxMDE5NjgxYjlmNTM1Zjk5ZjRhZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoHY3jTQX858NojKiJYaMp709O8K
CmyfDx3nvwNnjcc4g41k7nXq294ycoUeX0aCoJlTYz56aobu3mp0+8wAVjJdJPPC
qkPIjujZa+utZ45CM7K2dyUJ6IhpH2kvwF2Y5jfERXtp39ALuYX06otJFJtZmehz
38oCS+kXPNMKptNvgRjzSaobYTqVvq1D3IQTirqlfO6lkklrKdX+m/HqWMwfWVoo
w3xGtjU+p5MK/tHBhWgykqA/iaiiKZMg35I+ibNZxKAJlQUeDlNZmSkjiVqQ3pUn
qQ+eh19TlGXhaZrIEzrlpALzaPm7NVPtR6RhhRfmDkGcOsjjxU6H1bVq5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMZJtfC1VTSJfhAZaBufU1+Z9K2qMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEveGttMThMVlZOSWwtRUJsb0c1OVRYNW4wcmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPklkAwQA
XyvsAwQAXyvvMA0GCSqGSIb3DQEBCwUAA4IBAQBR+fo5+TLArlXQ3QRN1anhpF2/
pM8pYdEJEQUpVFinyBngCgwlVTcm1YxeBk13yh6ufW1yuiH1VtUCB1wEgmrWCm7M
zd/rPTduuyNOuD37mHnPgF2rx/3ySawWjurLlaeBtTa3/GTyt/ptZ480b0ZSuIZf
GpDvZaoJKp1tFggdLEc8/khZQNV+YFC+Shgpu99mKPHqmr6t0GMBrNrot+wKMUE3
fE47FTCz0fvdHn4XRCbA6S16EA5aXd9p9tqXKhB3n2IXop7dVLaenbvjK3JWe/Ng
En56gPHkw5BhpZY/GtwnfEaSfSU1mYHrbI5xjmJRNWKK+RPqRHs/CHXtOyeN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:54 2024 by rpki-client on console-ams.rpki-client.org