Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/mQ-K7eJW96za2q-gTLZw6k6UreQ.roa
File:                     mQ-K7eJW96za2q-gTLZw6k6UreQ.roa (raw, json)
Hash identifier:          5Fh/E3mtKcTAfGUfTqUxVcPt1i8qX4Pr9iRpv81qSw8=
Subject key identifier:   99:0F:8A:ED:E2:56:F7:AC:DA:DA:AF:A0:4C:B6:70:EA:4E:94:AD:E4
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       0188E3E794D707A1722A35397BC7CC14735A
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/mQ-K7eJW96za2q-gTLZw6k6UreQ.roa
Signing time:             Thu 22 Jun 2023 16:19:44 +0000
ROA not before:           Thu 22 Jun 2023 16:19:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        195.14.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 18:12:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e3:e7:94:d7:07:a1:72:2a:35:39:7b:c7:cc:14:73:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Jun 22 16:19:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=990f8aede256f7acdadaafa04cb670ea4e94ade4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:0b:ab:53:af:32:cd:a3:cc:05:53:04:d0:74:
                    59:aa:cc:91:fb:b1:d7:c3:ea:22:2a:de:b3:a1:b4:
                    0e:94:2f:e5:60:34:f4:c7:d5:3f:9f:d1:ec:31:da:
                    b9:e8:ab:01:37:10:c2:ba:ce:a0:11:d5:2b:f9:13:
                    44:6b:91:e5:11:3a:5a:49:b1:0c:56:4d:90:e2:15:
                    26:5a:11:5e:85:e0:bc:cb:c0:a3:bd:a9:d8:72:14:
                    b5:e7:3b:8f:e2:63:de:d7:2b:b5:35:0c:64:07:e2:
                    b9:b0:7e:ce:2b:02:ac:72:21:c4:cc:73:b0:81:9a:
                    64:1e:92:19:58:62:64:3a:05:dc:9b:0c:68:de:02:
                    20:77:47:9c:f1:85:8e:eb:31:9b:93:eb:4b:71:a1:
                    1e:fb:42:69:66:74:47:d6:32:3b:d8:1d:c9:cc:9e:
                    c9:52:be:3b:08:bc:5a:4e:e0:3b:cb:da:40:b8:fb:
                    45:6a:e9:3d:65:6c:2e:79:16:43:b0:32:45:89:f0:
                    34:55:af:a6:ae:a9:d8:9e:2c:93:59:28:6a:79:2d:
                    38:dd:83:a5:58:13:fd:24:d0:56:31:09:75:1e:b4:
                    4a:05:61:a5:5c:d3:e5:a8:0a:50:86:01:67:92:21:
                    15:9a:a9:af:b5:b9:5f:87:ce:69:bf:7e:18:4d:91:
                    41:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:0F:8A:ED:E2:56:F7:AC:DA:DA:AF:A0:4C:B6:70:EA:4E:94:AD:E4
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/mQ-K7eJW96za2q-gTLZw6k6UreQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.14.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:d9:72:3f:9e:8b:3e:b0:2f:b1:9d:cd:b2:5c:cd:44:73:9b:
         c5:b7:8b:93:53:b2:ae:8c:a2:1b:6f:ff:70:4d:6a:ae:57:a3:
         03:3c:fa:b4:a4:a5:c9:c1:92:d6:6a:dd:eb:87:36:9d:97:12:
         35:b1:4b:24:7a:c4:c2:dd:f1:de:c8:1f:e0:99:e2:22:b8:20:
         e7:4f:1f:2c:49:4b:87:a9:52:ca:cb:52:ac:d6:b5:53:66:15:
         63:08:70:c0:b2:80:a8:cc:0d:b3:48:0d:0d:c6:4c:5a:da:62:
         6b:26:ae:ba:f8:c1:e9:66:0e:63:ac:49:29:2b:07:3b:00:db:
         0a:ed:81:84:78:46:13:0d:c2:d7:5b:38:7a:34:88:ce:d3:63:
         bc:2a:83:e4:70:e0:5f:30:34:2c:3a:d2:fe:7a:63:7f:11:7d:
         01:64:76:22:1c:53:d1:12:e5:fc:55:0a:11:7b:2b:f3:1c:90:
         3a:26:a2:80:30:ae:93:3a:53:b9:bd:60:08:d0:41:3d:99:7d:
         28:6f:ca:4c:dd:f2:9c:3b:3e:3c:58:a3:f5:f8:0e:11:bc:0c:
         45:f9:34:c7:15:4c:76:bd:c6:63:9b:1f:ed:11:a2:bb:9c:f5:
         a0:42:a0:79:7c:e3:4b:49:29:ea:af:f3:0f:5f:44:84:01:46:
         ce:11:c2:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjj55TXB6FyKjU5e8fMFHNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjMwNjIyMTYxOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTBmOGFlZGUyNTZmN2FjZGFkYWFmYTA0Y2I2NzBlYTRlOTRhZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgurU68yzaPMBVME0HRZqsyR+7HX
w+oiKt6zobQOlC/lYDT0x9U/n9HsMdq56KsBNxDCus6gEdUr+RNEa5HlETpaSbEM
Vk2Q4hUmWhFeheC8y8CjvanYchS15zuP4mPe1yu1NQxkB+K5sH7OKwKsciHEzHOw
gZpkHpIZWGJkOgXcmwxo3gIgd0ec8YWO6zGbk+tLcaEe+0JpZnRH1jI72B3JzJ7J
Ur47CLxaTuA7y9pAuPtFauk9ZWwueRZDsDJFifA0Va+mrqnYniyTWShqeS043YOl
WBP9JNBWMQl1HrRKBWGlXNPlqApQhgFnkiEVmqmvtblfh85pv34YTZFBHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJkPiu3iVves2tqvoEy2cOpOlK3kMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvbVEtSzdlSlc5NnphMnEtZ1RMWnc2azZVcmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAww5pMA0G
CSqGSIb3DQEBCwUAA4IBAQAb2XI/nos+sC+xnc2yXM1Ec5vFt4uTU7KujKIbb/9w
TWquV6MDPPq0pKXJwZLWat3rhzadlxI1sUskesTC3fHeyB/gmeIiuCDnTx8sSUuH
qVLKy1Ks1rVTZhVjCHDAsoCozA2zSA0Nxkxa2mJrJq66+MHpZg5jrEkpKwc7ANsK
7YGEeEYTDcLXWzh6NIjO02O8KoPkcOBfMDQsOtL+emN/EX0BZHYiHFPREuX8VQoR
eyvzHJA6JqKAMK6TOlO5vWAI0EE9mX0ob8pM3fKcOz48WKP1+A4RvAxF+TTHFUx2
vcZjmx/tEaK7nPWgQqB5fONLSSnqr/MPX0SEAUbOEcIN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:47 2024 by rpki-client on console-fra.rpki-client.org