Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/3zfeXwccemT2V7-P4eo0UpEJD2s.roa
File:                     3zfeXwccemT2V7-P4eo0UpEJD2s.roa (raw, json)
Hash identifier:          6JTLrlF3mJifbGHjiNPLr8R/brUO+qOKKvIu/CM80u0=
Subject key identifier:   DF:37:DE:5F:07:1C:7A:64:F6:57:BF:8F:E1:EA:34:52:91:09:0F:6B
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       018B75BFA61D1D93D509572DF8D1A7B75DC0
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/3zfeXwccemT2V7-P4eo0UpEJD2s.roa
Signing time:             Sat 28 Oct 2023 10:06:16 +0000
ROA not before:           Sat 28 Oct 2023 10:06:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203363
IP address blocks:        195.14.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 15:22:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:75:bf:a6:1d:1d:93:d5:09:57:2d:f8:d1:a7:b7:5d:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Oct 28 10:06:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df37de5f071c7a64f657bf8fe1ea345291090f6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cd:34:03:e1:6c:3d:14:78:06:67:8d:a5:eb:
                    f4:be:af:13:2d:a9:4e:f9:ff:7c:c8:d3:17:90:0b:
                    8e:0d:60:ed:5e:ee:17:47:f8:d3:b1:bf:8a:a6:e2:
                    57:c3:5e:a5:d1:06:a3:ac:99:01:33:ee:0d:fb:46:
                    14:bc:f0:6a:ca:eb:a6:0e:20:ed:33:87:d4:a0:16:
                    1e:c0:cf:04:bd:31:bd:59:a8:32:12:3e:8a:0e:bc:
                    69:f5:6f:3a:c5:0c:09:9c:b4:ad:68:40:1d:49:85:
                    da:85:b7:b5:a6:96:d4:85:c9:d9:ef:ed:56:73:3e:
                    9d:1c:06:b4:90:8a:7c:bc:11:9d:a0:cc:b7:c1:47:
                    68:be:f8:51:5b:b8:df:fc:a7:57:c5:4b:93:ca:22:
                    09:84:02:78:c8:4a:f3:27:08:57:47:3d:b4:8c:5e:
                    d8:18:57:e2:94:ae:fb:98:41:5b:d0:bb:44:23:cd:
                    9a:af:86:23:f6:45:05:8a:e8:ad:f5:c5:41:71:8c:
                    3f:95:f9:fe:7e:25:b1:f9:11:6b:d6:0a:26:5a:24:
                    08:b7:5e:47:dc:c1:27:fa:35:88:37:73:08:21:d8:
                    58:4d:e6:17:c6:1a:16:94:47:69:55:eb:5f:ca:a9:
                    03:91:dd:b9:23:f6:a8:ec:77:28:a5:b9:d4:c6:52:
                    fc:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:37:DE:5F:07:1C:7A:64:F6:57:BF:8F:E1:EA:34:52:91:09:0F:6B
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/3zfeXwccemT2V7-P4eo0UpEJD2s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.14.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:b7:21:4e:df:1c:a3:82:cb:41:5a:0e:38:d1:c8:60:e0:e2:
         a2:eb:0a:9e:2c:59:35:7a:0d:82:26:ec:e7:9a:45:98:7a:a1:
         60:b7:1a:ba:71:b1:65:8d:92:ee:94:1c:0b:62:68:c3:e1:a7:
         72:bd:7b:30:d2:02:6d:5f:4e:db:2e:55:07:2a:40:81:25:bf:
         04:5c:81:b1:b0:4d:57:c2:4b:2c:a7:93:75:6f:0f:ce:32:99:
         5a:f6:19:b8:09:81:70:6e:b9:a2:62:9f:30:98:b1:75:83:fa:
         40:5a:e4:04:a3:32:a2:ea:a8:9b:23:00:79:71:88:7a:8b:6a:
         28:b5:17:58:b0:6d:97:54:65:74:e1:39:02:ed:0b:09:ec:22:
         a9:7f:94:27:30:4e:4a:20:ea:4b:d7:7f:14:99:0c:67:84:81:
         f4:84:9d:36:ba:67:f6:73:b0:bc:bd:99:83:0f:d2:f1:a1:4c:
         7c:a7:2b:c1:79:4a:76:c8:ec:49:8e:b0:8f:d4:19:d9:7d:a8:
         d7:b5:c9:0f:28:48:7a:fc:70:a1:7a:ba:44:bb:2d:1b:39:5a:
         f9:c6:f2:c9:24:04:42:b3:23:30:87:19:25:6f:22:7b:24:19:
         a9:2a:e2:9d:0d:e6:fc:49:19:6b:a1:2b:51:2e:17:05:33:29:
         70:dd:6e:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt1v6YdHZPVCVct+NGnt13AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjMxMDI4MTAwNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjM3ZGU1ZjA3MWM3YTY0ZjY1N2JmOGZlMWVhMzQ1MjkxMDkwZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM00A+FsPRR4BmeNpev0vq8TLalO
+f98yNMXkAuODWDtXu4XR/jTsb+KpuJXw16l0QajrJkBM+4N+0YUvPBqyuumDiDt
M4fUoBYewM8EvTG9WagyEj6KDrxp9W86xQwJnLStaEAdSYXahbe1ppbUhcnZ7+1W
cz6dHAa0kIp8vBGdoMy3wUdovvhRW7jf/KdXxUuTyiIJhAJ4yErzJwhXRz20jF7Y
GFfilK77mEFb0LtEI82ar4Yj9kUFiuit9cVBcYw/lfn+fiWx+RFr1gomWiQIt15H
3MEn+jWIN3MIIdhYTeYXxhoWlEdpVetfyqkDkd25I/ao7HcopbnUxlL8NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN833l8HHHpk9le/j+HqNFKRCQ9rMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvM3pmZVh3Y2NlbVQyVjctUDRlbzBVcEVKRDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAww5pMA0G
CSqGSIb3DQEBCwUAA4IBAQAAtyFO3xyjgstBWg440chg4OKi6wqeLFk1eg2CJuzn
mkWYeqFgtxq6cbFljZLulBwLYmjD4adyvXsw0gJtX07bLlUHKkCBJb8EXIGxsE1X
wkssp5N1bw/OMpla9hm4CYFwbrmiYp8wmLF1g/pAWuQEozKi6qibIwB5cYh6i2oo
tRdYsG2XVGV04TkC7QsJ7CKpf5QnME5KIOpL138UmQxnhIH0hJ02umf2c7C8vZmD
D9LxoUx8pyvBeUp2yOxJjrCP1BnZfajXtckPKEh6/HCherpEuy0bOVr5xvLJJARC
syMwhxklbyJ7JBmpKuKdDeb8SRlroStRLhcFMylw3W5s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:47 2024 by rpki-client on console-fra.rpki-client.org