Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/Vfj-CZ_Uqj5Kah3yaiG3sx5UnDA.roa
File:                     Vfj-CZ_Uqj5Kah3yaiG3sx5UnDA.roa (raw, json)
Hash identifier:          ANy4cjAxcn4bby/VojV54JNhxFoTXY8ExL8EMlQQiqY=
Subject key identifier:   55:F8:FE:09:9F:D4:AA:3E:4A:6A:1D:F2:6A:21:B7:B3:1E:54:9C:30
Certificate issuer:       /CN=54041941b1450d6b95b58ca3f077ce208dfdfb4b
Certificate serial:       018BD2205A290FF834DEDEF26B7C76101251
Authority key identifier: 54:04:19:41:B1:45:0D:6B:95:B5:8C:A3:F0:77:CE:20:8D:FD:FB:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VAQZQbFFDWuVtYyj8HfOII39-0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/Vfj-CZ_Uqj5Kah3yaiG3sx5UnDA.roa
Signing time:             Wed 15 Nov 2023 08:36:57 +0000
ROA not before:           Wed 15 Nov 2023 08:36:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3356
IP address blocks:        195.20.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d2:20:5a:29:0f:f8:34:de:de:f2:6b:7c:76:10:12:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54041941b1450d6b95b58ca3f077ce208dfdfb4b
        Validity
            Not Before: Nov 15 08:36:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=55f8fe099fd4aa3e4a6a1df26a21b7b31e549c30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c5:a6:58:ba:ba:28:cf:89:1a:11:a7:8b:3a:
                    50:f1:f9:e0:2d:8b:11:5a:19:7e:33:21:3e:7e:c3:
                    f7:c5:db:9d:16:8e:a3:57:1b:63:17:e2:b1:7a:c1:
                    db:81:bb:da:03:52:e8:ef:3e:08:e9:ef:52:38:f3:
                    23:2c:6f:05:2b:00:b0:6b:78:d3:23:bf:30:4d:67:
                    d9:48:c6:5e:bd:f7:a6:93:f0:6e:b1:1e:06:fe:67:
                    83:2b:42:61:c3:8e:84:ee:2d:77:4d:8d:da:8d:81:
                    fd:43:23:51:1a:0f:ca:9b:a7:38:60:ed:b9:7d:92:
                    84:61:d9:64:28:eb:9c:ca:e3:7a:a2:a3:1f:3f:3c:
                    b0:c5:47:0e:24:b3:1c:53:bc:55:69:5b:f6:61:4d:
                    f1:c1:64:fd:4d:95:41:8a:b4:e2:af:30:07:b9:67:
                    86:4b:e3:a6:7b:3f:5c:5a:eb:e6:52:05:b1:32:b5:
                    31:cb:06:87:d1:a9:50:83:b1:fa:d3:f4:08:b1:60:
                    96:e3:64:d1:99:20:26:ce:41:8e:a1:aa:99:67:8b:
                    e0:d5:e0:bf:dc:1a:6e:7d:fa:47:4a:a3:79:ef:1a:
                    46:de:de:03:97:4d:e2:c7:8d:6b:42:ec:e4:8f:65:
                    4c:d6:30:e0:11:14:27:b6:33:22:2a:5c:de:98:a6:
                    67:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:F8:FE:09:9F:D4:AA:3E:4A:6A:1D:F2:6A:21:B7:B3:1E:54:9C:30
            X509v3 Authority Key Identifier:
                keyid:54:04:19:41:B1:45:0D:6B:95:B5:8C:A3:F0:77:CE:20:8D:FD:FB:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAQZQbFFDWuVtYyj8HfOII39-0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/Vfj-CZ_Uqj5Kah3yaiG3sx5UnDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/VAQZQbFFDWuVtYyj8HfOII39-0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.20.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:0d:57:4f:85:ea:63:b6:7b:e8:39:65:82:94:1c:09:54:b0:
         73:49:0a:82:ba:0c:c4:02:e6:b9:e8:ab:b4:85:e6:08:8b:74:
         60:a4:b7:d2:ff:8d:6e:10:88:21:a5:05:93:b5:55:36:0d:9c:
         06:49:70:22:56:8b:94:70:e2:6f:eb:b8:87:6e:96:b3:e3:c5:
         ba:df:50:10:78:6f:fe:29:17:e2:d5:f6:e7:20:93:8e:b1:6d:
         d2:e9:52:64:bc:ee:a8:1f:f2:1e:2a:98:3f:42:24:d5:8b:91:
         bf:f8:de:31:f7:1f:97:df:a9:4e:67:90:d3:a5:ae:74:35:8f:
         95:e3:37:fe:d2:33:6e:ab:b9:c4:e0:48:51:39:d8:45:99:9b:
         61:50:e9:f7:f6:9d:47:a3:c8:37:13:7b:bb:47:32:dc:d2:c8:
         15:c6:8e:f2:40:e7:ad:f4:eb:bb:c1:f1:ce:0f:57:36:85:4b:
         0e:f9:42:2b:9c:32:7b:f5:12:ca:7f:3f:3b:3e:69:70:7f:d1:
         73:ff:a7:45:ed:b3:c3:53:97:13:72:48:3c:2a:78:44:fe:63:
         4b:0e:04:c2:00:b1:7d:3c:71:ea:ae:37:63:64:bd:c4:4a:cc:
         25:42:e8:bd:0f:b4:27:04:a6:56:ea:36:a2:da:af:ae:e8:f0:
         1e:9b:35:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvSIFopD/g03t7ya3x2EBJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDQxOTQxYjE0NTBkNmI5NWI1OGNhM2YwNzdjZTIwOGRm
ZGZiNGIwHhcNMjMxMTE1MDgzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY4ZmUwOTlmZDRhYTNlNGE2YTFkZjI2YTIxYjdiMzFlNTQ5YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcWmWLq6KM+JGhGnizpQ8fngLYsR
Whl+MyE+fsP3xdudFo6jVxtjF+KxesHbgbvaA1Lo7z4I6e9SOPMjLG8FKwCwa3jT
I78wTWfZSMZevfemk/BusR4G/meDK0Jhw46E7i13TY3ajYH9QyNRGg/Km6c4YO25
fZKEYdlkKOucyuN6oqMfPzywxUcOJLMcU7xVaVv2YU3xwWT9TZVBirTirzAHuWeG
S+Omez9cWuvmUgWxMrUxywaH0alQg7H60/QIsWCW42TRmSAmzkGOoaqZZ4vg1eC/
3BpuffpHSqN57xpG3t4Dl03ix41rQuzkj2VM1jDgERQntjMiKlzemKZneQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFX4/gmf1Ko+Smod8moht7MeVJwwMB8GA1UdIwQY
MBaAFFQEGUGxRQ1rlbWMo/B3ziCN/ftLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFRWlFiRkZEV3VWdFl5ajhIZk9JSTM5LTBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85Mzk4YjAtMmZiYi00YmQzLWI5YmMt
MWU4OWY5Njk1ZDFiLzEvVmZqLUNaX1VxajVLYWgzeWFpRzNzeDVVbkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85Mzk4YjAtMmZiYi00YmQzLWI5YmMtMWU4OWY5Njk1ZDFi
LzEvVkFRWlFiRkZEV3VWdFl5ajhIZk9JSTM5LTBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxRzMA0G
CSqGSIb3DQEBCwUAA4IBAQDIDVdPhepjtnvoOWWClBwJVLBzSQqCugzEAua56Ku0
heYIi3RgpLfS/41uEIghpQWTtVU2DZwGSXAiVouUcOJv67iHbpaz48W631AQeG/+
KRfi1fbnIJOOsW3S6VJkvO6oH/IeKpg/QiTVi5G/+N4x9x+X36lOZ5DTpa50NY+V
4zf+0jNuq7nE4EhROdhFmZthUOn39p1Ho8g3E3u7RzLc0sgVxo7yQOet9Ou7wfHO
D1c2hUsO+UIrnDJ79RLKfz87Pmlwf9Fz/6dF7bPDU5cTckg8KnhE/mNLDgTCALF9
PHHqrjdjZL3ESswlQui9D7QnBKZW6jai2q+u6PAemzUK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:22 2024 by rpki-client on console-ams.rpki-client.org