Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/0X2oXe9WjsM6L0DMacJEI3fZ8jQ.roa
File:                     0X2oXe9WjsM6L0DMacJEI3fZ8jQ.roa (raw, json)
Hash identifier:          qYvrDLh3A0CT6Qb0CCDWVd6Gb9OjZ6zhgvIdB5d4tUs=
Subject key identifier:   D1:7D:A8:5D:EF:56:8E:C3:3A:2F:40:CC:69:C2:44:23:77:D9:F2:34
Certificate issuer:       /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial:       01872C20F232911E64AF394264C0CE79FE88
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/0X2oXe9WjsM6L0DMacJEI3fZ8jQ.roa
Signing time:             Wed 29 Mar 2023 06:49:29 +0000
ROA not before:           Wed 29 Mar 2023 06:49:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8659
IP address blocks:        195.55.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2c:20:f2:32:91:1e:64:af:39:42:64:c0:ce:79:fe:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
        Validity
            Not Before: Mar 29 06:49:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d17da85def568ec33a2f40cc69c2442377d9f234
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:4d:5f:fc:e7:75:1a:62:d3:8b:d3:e5:27:cd:
                    d2:a9:ee:40:83:02:3e:f6:e2:65:8c:c3:75:13:d7:
                    8f:2f:c1:9c:4a:f6:0b:22:08:6d:ba:77:8c:17:17:
                    66:24:40:98:01:cb:58:1b:b4:95:6a:4b:bf:c1:15:
                    c8:9a:b6:0b:df:be:ae:6d:60:2d:6e:7a:c7:99:e4:
                    61:1f:cf:93:96:50:5e:36:7b:f3:6a:3d:b1:2e:63:
                    a4:62:62:90:ba:00:50:bf:6d:99:f5:8f:8c:30:21:
                    8a:08:34:61:e2:b3:45:56:02:39:f9:43:33:b5:4e:
                    99:6b:f2:85:c5:23:b2:99:5d:c5:f6:ab:c3:3b:2f:
                    72:44:61:a9:18:3e:47:8a:5b:cb:f2:4f:a8:92:d2:
                    88:c0:a0:06:08:49:f0:9c:7d:d9:19:bb:ab:11:5f:
                    c7:5a:52:d1:c4:75:8d:06:7f:e1:2e:6e:0a:2e:2e:
                    97:95:7b:51:e2:ca:fc:38:c2:e4:41:f7:47:82:d2:
                    4e:1a:05:52:10:66:89:11:40:1b:d0:29:fe:23:5f:
                    31:e2:f8:47:71:77:95:99:3a:ce:7a:7e:b9:91:68:
                    b1:c2:d7:e2:a0:e3:1b:bf:d9:51:ef:f8:cf:5c:81:
                    0c:52:81:43:73:5e:c4:58:85:e6:fc:ea:1c:05:fc:
                    8b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:7D:A8:5D:EF:56:8E:C3:3A:2F:40:CC:69:C2:44:23:77:D9:F2:34
            X509v3 Authority Key Identifier:
                keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/0X2oXe9WjsM6L0DMacJEI3fZ8jQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.55.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:84:95:dc:cf:a0:b4:eb:41:77:34:7c:40:86:db:e0:96:02:
         fc:eb:c3:a6:c0:4a:ef:c2:d1:4d:52:80:ca:3b:af:95:06:b4:
         b8:f0:3e:fc:e0:fa:a7:79:a4:0c:2c:09:96:05:10:97:f9:af:
         a6:1f:1d:82:cc:fe:22:da:42:41:ef:f9:5f:58:15:85:b8:43:
         ac:53:c5:0c:c4:6f:51:67:e0:51:94:f4:57:97:36:bf:10:55:
         65:04:92:07:37:57:3a:18:50:ca:29:0c:26:f0:6e:d6:38:84:
         58:d1:96:0a:d4:72:0d:74:83:37:d4:f2:00:e4:f3:1a:ab:bb:
         18:2b:75:e0:ec:d6:bc:54:c6:b5:85:9e:61:f3:0f:74:86:8e:
         3e:89:df:37:c4:91:4d:43:c1:bc:9d:a8:4c:74:2c:51:ff:23:
         70:3a:30:bc:55:85:ff:a1:4c:1a:2c:47:fd:05:a2:c0:cb:94:
         3e:3e:99:8a:1b:65:17:ac:f5:a7:b5:a7:60:74:24:b9:03:f6:
         2b:53:18:91:da:a4:1e:ef:a4:ef:22:f3:b5:34:38:86:e9:aa:
         6d:03:91:08:98:41:c7:d2:cb:47:65:76:a2:14:33:01:a0:6a:
         6d:c6:3b:34:54:53:7b:60:35:2d:8e:7a:3a:ff:9e:48:cc:55:
         bc:f1:82:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcsIPIykR5krzlCZMDOef6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzI5MDY0OTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTdkYTg1ZGVmNTY4ZWMzM2EyZjQwY2M2OWMyNDQyMzc3ZDlmMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3k1f/Od1GmLTi9PlJ83Sqe5AgwI+
9uJljMN1E9ePL8GcSvYLIghtuneMFxdmJECYActYG7SVaku/wRXImrYL376ubWAt
bnrHmeRhH8+TllBeNnvzaj2xLmOkYmKQugBQv22Z9Y+MMCGKCDRh4rNFVgI5+UMz
tU6Za/KFxSOymV3F9qvDOy9yRGGpGD5HilvL8k+oktKIwKAGCEnwnH3ZGburEV/H
WlLRxHWNBn/hLm4KLi6XlXtR4sr8OMLkQfdHgtJOGgVSEGaJEUAb0Cn+I18x4vhH
cXeVmTrOen65kWixwtfioOMbv9lR7/jPXIEMUoFDc17EWIXm/OocBfyLRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNF9qF3vVo7DOi9AzGnCRCN32fI0MB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvMFgyb1hlOVdqc002TDBETWFjSkVJM2ZaOGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzdAMA0G
CSqGSIb3DQEBCwUAA4IBAQCMhJXcz6C060F3NHxAhtvglgL868OmwErvwtFNUoDK
O6+VBrS48D784PqneaQMLAmWBRCX+a+mHx2CzP4i2kJB7/lfWBWFuEOsU8UMxG9R
Z+BRlPRXlza/EFVlBJIHN1c6GFDKKQwm8G7WOIRY0ZYK1HINdIM31PIA5PMaq7sY
K3Xg7Na8VMa1hZ5h8w90ho4+id83xJFNQ8G8nahMdCxR/yNwOjC8VYX/oUwaLEf9
BaLAy5Q+PpmKG2UXrPWntadgdCS5A/YrUxiR2qQe76TvIvO1NDiG6aptA5EImEHH
0stHZXaiFDMBoGptxjs0VFN7YDUtjno6/55IzFW88YJi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:05 2024 by rpki-client on console-fra.rpki-client.org