Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/b31392-2d1c-4934-a59e-ed433aac7828/1/Loa99HIyRrb2AieF3hsQP5P-E7Q.roa
File:                     Loa99HIyRrb2AieF3hsQP5P-E7Q.roa (raw, json)
Hash identifier:          M3K7YQ4DMWC0lDI/u5Pp/aClgPQAU6uYHB9TggXGJEE=
Subject key identifier:   2E:86:BD:F4:72:32:46:B6:F6:02:27:85:DE:1B:10:3F:93:FE:13:B4
Certificate issuer:       /CN=29390ec0adca5f0743d181145c7899f991fb65e0
Certificate serial:       01856C414CE5FA4CB3049982B406BB26A90B
Authority key identifier: 29:39:0E:C0:AD:CA:5F:07:43:D1:81:14:5C:78:99:F9:91:FB:65:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KTkOwK3KXwdD0YEUXHiZ-ZH7ZeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/b31392-2d1c-4934-a59e-ed433aac7828/1/Loa99HIyRrb2AieF3hsQP5P-E7Q.roa
Signing time:             Sun 01 Jan 2023 07:34:56 +0000
ROA not before:           Sun 01 Jan 2023 07:34:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51964
IP address blocks:        195.151.160.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:4c:e5:fa:4c:b3:04:99:82:b4:06:bb:26:a9:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29390ec0adca5f0743d181145c7899f991fb65e0
        Validity
            Not Before: Jan  1 07:34:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2e86bdf4723246b6f6022785de1b103f93fe13b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b3:49:88:14:e3:82:78:17:92:7c:c7:7c:7c:
                    bf:da:8d:b2:9c:c1:90:a0:30:17:3b:59:86:dc:32:
                    06:14:3f:c1:e6:07:a3:bb:1c:99:19:52:3f:05:67:
                    68:44:9d:e8:a1:c8:25:9d:71:47:98:f9:d8:7a:a8:
                    b8:c8:f5:ac:d5:b9:4a:71:01:65:57:4d:72:b3:59:
                    d6:aa:2d:c4:96:ab:ee:de:61:76:74:64:44:87:05:
                    0e:5f:1c:e5:1a:81:8d:b6:c4:83:06:9e:e8:49:d4:
                    b7:46:ad:a1:83:f0:98:59:49:ef:56:40:a5:fd:df:
                    28:0b:cb:fc:35:94:9b:4e:6b:64:d4:7f:9c:63:60:
                    d4:81:d7:85:66:eb:3c:47:01:8e:03:24:38:0e:4d:
                    c1:77:9d:55:40:86:43:66:bf:6e:d1:cc:0d:bb:13:
                    3c:a5:c4:99:aa:b2:05:57:7a:98:d2:f6:d3:4e:2c:
                    17:b1:c4:0a:e5:c1:7a:45:11:0b:ba:b0:d8:9e:43:
                    a4:b2:85:87:e7:78:ab:e6:bf:34:89:c0:0e:1e:10:
                    14:43:42:44:90:e7:3a:58:c3:25:6a:98:18:db:cd:
                    71:70:65:f6:6b:68:b0:ad:53:6e:16:d2:1d:7b:ba:
                    aa:52:44:fe:4e:19:2a:4a:ac:2e:70:ea:f1:77:e3:
                    56:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:86:BD:F4:72:32:46:B6:F6:02:27:85:DE:1B:10:3F:93:FE:13:B4
            X509v3 Authority Key Identifier:
                keyid:29:39:0E:C0:AD:CA:5F:07:43:D1:81:14:5C:78:99:F9:91:FB:65:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTkOwK3KXwdD0YEUXHiZ-ZH7ZeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b31392-2d1c-4934-a59e-ed433aac7828/1/Loa99HIyRrb2AieF3hsQP5P-E7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b31392-2d1c-4934-a59e-ed433aac7828/1/KTkOwK3KXwdD0YEUXHiZ-ZH7ZeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.151.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:9a:99:fb:12:e1:f9:7b:6a:70:eb:c1:2f:6c:4f:4a:3d:e1:
         0a:5b:05:ab:b1:a0:97:5e:c1:a0:f7:71:a7:e4:7a:ed:5c:9b:
         08:53:0f:20:ef:9c:5f:15:fb:b6:1d:6f:d4:cf:c5:c3:ba:4f:
         b1:62:98:cb:16:07:df:b7:52:b6:44:eb:cb:ba:f2:41:27:f4:
         eb:f8:8e:57:15:2f:67:25:39:75:49:9a:a9:d4:be:17:97:2f:
         57:7f:b8:fd:cc:36:27:49:35:52:8a:54:50:1e:8d:c1:f2:f4:
         42:7f:57:6c:23:3e:42:07:9e:64:5e:4b:9d:aa:22:4f:64:65:
         84:de:32:1d:f7:a8:a5:a9:e5:10:cd:13:c2:35:18:1f:f3:c1:
         27:db:67:02:29:25:db:7c:d4:7b:08:5c:80:26:e4:bb:46:07:
         cf:61:70:30:9d:7e:ec:64:f7:42:1f:62:d0:de:6d:a5:07:bc:
         10:88:ae:c6:a7:ce:20:6a:c5:2a:52:2d:95:61:fe:c6:cf:e3:
         88:bc:84:95:27:9b:61:af:45:56:04:9f:8a:76:29:ed:0c:d7:
         ee:86:5d:0b:1b:9d:53:16:e9:5e:78:13:3d:f2:05:2e:c0:a0:
         e7:51:65:dc:55:09:e0:a5:e2:73:4d:07:c2:e7:16:d6:90:78:
         2f:5d:e6:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQUzl+kyzBJmCtAa7JqkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MzkwZWMwYWRjYTVmMDc0M2QxODExNDVjNzg5OWY5OTFm
YjY1ZTAwHhcNMjMwMTAxMDczNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTg2YmRmNDcyMzI0NmI2ZjYwMjI3ODVkZTFiMTAzZjkzZmUxM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbNJiBTjgngXknzHfHy/2o2ynMGQ
oDAXO1mG3DIGFD/B5gejuxyZGVI/BWdoRJ3oocglnXFHmPnYeqi4yPWs1blKcQFl
V01ys1nWqi3Elqvu3mF2dGREhwUOXxzlGoGNtsSDBp7oSdS3Rq2hg/CYWUnvVkCl
/d8oC8v8NZSbTmtk1H+cY2DUgdeFZus8RwGOAyQ4Dk3Bd51VQIZDZr9u0cwNuxM8
pcSZqrIFV3qY0vbTTiwXscQK5cF6RRELurDYnkOksoWH53ir5r80icAOHhAUQ0JE
kOc6WMMlapgY281xcGX2a2iwrVNuFtIde7qqUkT+ThkqSqwucOrxd+NW0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC6GvfRyMka29gInhd4bED+T/hO0MB8GA1UdIwQY
MBaAFCk5DsCtyl8HQ9GBFFx4mfmR+2XgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1RrT3dLM0tYd2REMFlFVVhIaVotWkg3WmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9iMzEzOTItMmQxYy00OTM0LWE1OWUt
ZWQ0MzNhYWM3ODI4LzEvTG9hOTlISXlScmIyQWllRjNoc1FQNVAtRTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9iMzEzOTItMmQxYy00OTM0LWE1OWUtZWQ0MzNhYWM3ODI4
LzEvS1RrT3dLM0tYd2REMFlFVVhIaVotWkg3WmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5egMA0G
CSqGSIb3DQEBCwUAA4IBAQCQmpn7EuH5e2pw68EvbE9KPeEKWwWrsaCXXsGg93Gn
5HrtXJsIUw8g75xfFfu2HW/Uz8XDuk+xYpjLFgfft1K2ROvLuvJBJ/Tr+I5XFS9n
JTl1SZqp1L4Xly9Xf7j9zDYnSTVSilRQHo3B8vRCf1dsIz5CB55kXkudqiJPZGWE
3jId96ilqeUQzRPCNRgf88En22cCKSXbfNR7CFyAJuS7RgfPYXAwnX7sZPdCH2LQ
3m2lB7wQiK7Gp84gasUqUi2VYf7Gz+OIvISVJ5thr0VWBJ+KdintDNfuhl0LG51T
FuleeBM98gUuwKDnUWXcVQngpeJzTQfC5xbWkHgvXeYY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:51 2024 by rpki-client on console-ams.rpki-client.org