Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/NrKsj9Vy6XJrhsLXt4zjkpJ_wDE.roa
File:                     NrKsj9Vy6XJrhsLXt4zjkpJ_wDE.roa (raw, json)
Hash identifier:          omjrsuTU346HzMk/vmaRb8amoHUlXpLl2XNT8bhpivc=
Subject key identifier:   36:B2:AC:8F:D5:72:E9:72:6B:86:C2:D7:B7:8C:E3:92:92:7F:C0:31
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       018571BA31F0B1756E4B28CB886F477708A4
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/NrKsj9Vy6XJrhsLXt4zjkpJ_wDE.roa
Signing time:             Mon 02 Jan 2023 09:05:05 +0000
ROA not before:           Mon 02 Jan 2023 09:05:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        195.14.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:31:f0:b1:75:6e:4b:28:cb:88:6f:47:77:08:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Jan  2 09:05:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36b2ac8fd572e9726b86c2d7b78ce392927fc031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ba:c5:ea:42:43:6b:23:16:4a:76:51:3d:03:
                    9b:94:ae:79:2e:8f:08:6e:af:46:de:2e:ce:70:3f:
                    af:65:10:ca:9c:39:a5:64:fd:c3:3f:33:cb:23:b9:
                    20:cc:99:ae:1e:d7:3a:e4:21:74:31:1b:47:2a:9f:
                    bd:ce:e5:d3:ed:40:1a:4c:9b:e1:13:55:87:a7:18:
                    c7:90:2e:7d:fe:e3:6a:4b:40:db:7d:ba:ab:71:f0:
                    f8:4b:ed:04:55:9f:03:15:53:1e:b2:e3:8e:2c:e2:
                    9b:0a:1c:99:b1:0c:35:46:78:5d:cc:a6:82:f9:b0:
                    a2:06:fd:98:6b:b3:45:2b:58:2e:5e:84:a2:4c:f3:
                    3e:ca:55:0a:83:29:90:70:9c:8f:f5:29:51:d9:38:
                    8e:ab:73:86:8c:24:e0:bc:b1:03:bb:e0:3e:5b:5c:
                    cc:32:bc:10:94:bd:1b:c7:68:64:90:d3:fe:b4:8c:
                    d4:e3:2e:a2:49:64:52:69:f9:93:5f:d6:e9:9a:75:
                    64:91:77:1c:f2:d0:08:2a:6e:55:5b:87:79:1b:3d:
                    72:db:6e:15:5c:9f:0d:24:f8:bf:bd:eb:71:c9:48:
                    2a:bb:28:47:c0:15:cd:f0:db:36:00:b8:1e:cf:0e:
                    f8:ea:18:7b:cf:f5:20:54:1e:3e:4e:5c:ad:3b:86:
                    ba:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:B2:AC:8F:D5:72:E9:72:6B:86:C2:D7:B7:8C:E3:92:92:7F:C0:31
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/NrKsj9Vy6XJrhsLXt4zjkpJ_wDE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.14.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:af:05:0f:32:5b:f0:3c:61:d4:3a:45:18:64:63:f5:22:ee:
         90:e2:b9:77:15:46:fd:41:e9:5b:38:a9:8b:da:89:9c:49:87:
         65:ab:3b:d5:6b:53:2d:30:db:0a:61:eb:c9:7c:08:9d:de:dc:
         b2:d6:a8:bd:c2:d2:11:58:1e:8c:c5:ed:20:e7:96:62:f0:0e:
         7f:0f:c1:69:9d:27:40:72:1f:f1:f2:85:b8:b1:5f:ec:60:0d:
         2b:42:00:39:27:b4:c8:b5:50:14:8c:70:f4:25:c7:29:27:ac:
         b2:5a:d9:70:ee:64:31:c4:4e:b3:d2:a9:fb:a8:1b:af:19:20:
         ce:b7:36:cb:ab:6a:75:2e:84:72:5b:8c:b3:83:18:dc:f8:fe:
         b1:fe:cf:20:2e:a2:e4:3c:63:3f:8d:69:4b:a6:b5:74:c3:74:
         de:64:42:4c:69:cb:b9:8a:1f:e1:fe:36:30:8b:41:a6:f7:44:
         ec:22:fa:3f:19:45:1d:41:0d:43:4c:a8:6d:d3:c1:1f:a1:40:
         e3:2c:a9:e5:77:df:0a:13:fe:ae:d8:8c:3d:a0:f5:d2:06:26:
         6e:98:50:0b:99:08:1e:4e:5c:61:07:89:46:b3:7e:1a:d6:fa:
         df:fa:93:cf:41:fb:95:fd:5e:01:8b:57:f6:69:a5:e0:10:9f:
         67:d3:58:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxujHwsXVuSyjLiG9HdwikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjMwMTAyMDkwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmIyYWM4ZmQ1NzJlOTcyNmI4NmMyZDdiNzhjZTM5MjkyN2ZjMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLrF6kJDayMWSnZRPQOblK55Lo8I
bq9G3i7OcD+vZRDKnDmlZP3DPzPLI7kgzJmuHtc65CF0MRtHKp+9zuXT7UAaTJvh
E1WHpxjHkC59/uNqS0DbfbqrcfD4S+0EVZ8DFVMesuOOLOKbChyZsQw1RnhdzKaC
+bCiBv2Ya7NFK1guXoSiTPM+ylUKgymQcJyP9SlR2TiOq3OGjCTgvLEDu+A+W1zM
MrwQlL0bx2hkkNP+tIzU4y6iSWRSafmTX9bpmnVkkXcc8tAIKm5VW4d5Gz1y224V
XJ8NJPi/vetxyUgquyhHwBXN8Ns2ALgezw746hh7z/UgVB4+TlytO4a69QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDayrI/Vculya4bC17eM45KSf8AxMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvTnJLc2o5Vnk2WEpyaHNMWHQ0emprcEpfd0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAww5pMA0G
CSqGSIb3DQEBCwUAA4IBAQADrwUPMlvwPGHUOkUYZGP1Iu6Q4rl3FUb9QelbOKmL
2omcSYdlqzvVa1MtMNsKYevJfAid3tyy1qi9wtIRWB6Mxe0g55Zi8A5/D8FpnSdA
ch/x8oW4sV/sYA0rQgA5J7TItVAUjHD0JccpJ6yyWtlw7mQxxE6z0qn7qBuvGSDO
tzbLq2p1LoRyW4yzgxjc+P6x/s8gLqLkPGM/jWlLprV0w3TeZEJMacu5ih/h/jYw
i0Gm90TsIvo/GUUdQQ1DTKht08EfoUDjLKnld98KE/6u2Iw9oPXSBiZumFALmQge
TlxhB4lGs34a1vrf+pPPQfuV/V4Bi1f2aaXgEJ9n01jg
-----END CERTIFICATE-----
Generated at Tue Aug 1 18:57:51 2023 by rpki-client on console-ams.rpki-client.org