Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/7tLRelkvr1NV_YU8hjSBWD3hBeU.roa
File:                     7tLRelkvr1NV_YU8hjSBWD3hBeU.roa (raw, json)
Hash identifier:          nyMBPHev8f/HogGV32o6SJWJXhxbMbjqEvU5Xg0v8TE=
Subject key identifier:   EE:D2:D1:7A:59:2F:AF:53:55:FD:85:3C:86:34:81:58:3D:E1:05:E5
Certificate issuer:       /CN=24b660a611980c68273139e32affb74b454a9d32
Certificate serial:       018571FA2BB3EDD75C4F0D650837F7023BED
Authority key identifier: 24:B6:60:A6:11:98:0C:68:27:31:39:E3:2A:FF:B7:4B:45:4A:9D:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JLZgphGYDGgnMTnjKv-3S0VKnTI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/7tLRelkvr1NV_YU8hjSBWD3hBeU.roa
Signing time:             Mon 02 Jan 2023 10:14:58 +0000
ROA not before:           Mon 02 Jan 2023 10:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59979
IP address blocks:        195.43.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:2b:b3:ed:d7:5c:4f:0d:65:08:37:f7:02:3b:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24b660a611980c68273139e32affb74b454a9d32
        Validity
            Not Before: Jan  2 10:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eed2d17a592faf5355fd853c863481583de105e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:46:61:f7:21:91:d7:e2:7e:45:75:d7:ed:6f:
                    6c:24:39:df:f0:26:50:96:b9:10:e0:63:93:0d:cc:
                    29:cd:93:87:d1:af:ab:2a:ee:1b:9d:e9:5f:d6:78:
                    e2:1f:75:98:58:31:26:50:4f:0d:ff:84:46:d3:5c:
                    6e:70:11:9d:53:25:00:dd:72:2d:c3:7e:ec:a8:a5:
                    69:9a:a2:ad:4e:20:c8:f5:fb:35:b5:64:21:59:b3:
                    b7:07:23:88:65:87:fa:ab:56:c4:57:b9:8d:a9:81:
                    be:74:e6:a3:14:ae:f4:53:f5:a5:b6:af:67:8e:5b:
                    46:b5:13:45:f7:3b:59:c5:40:e0:2f:df:b3:24:50:
                    09:5c:3c:bc:16:6d:a6:9c:d0:9e:c3:53:2e:4a:09:
                    b9:7f:98:9e:21:b3:e3:cc:7e:6c:d7:68:7f:9f:5e:
                    1a:44:c3:fa:29:17:81:f5:c9:29:34:e5:1f:63:f4:
                    cd:95:13:3d:e4:59:06:1f:f5:b0:92:01:b1:49:58:
                    04:8d:e4:7c:62:61:1c:74:d4:b1:4b:a4:0b:6b:6b:
                    35:b0:37:69:3e:93:65:f3:86:6a:e9:51:db:f0:28:
                    0b:12:76:03:cc:80:93:47:9c:1e:ac:c2:6c:45:ca:
                    66:35:ff:de:82:d3:fe:2c:e8:81:26:50:32:a6:ab:
                    35:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:D2:D1:7A:59:2F:AF:53:55:FD:85:3C:86:34:81:58:3D:E1:05:E5
            X509v3 Authority Key Identifier:
                keyid:24:B6:60:A6:11:98:0C:68:27:31:39:E3:2A:FF:B7:4B:45:4A:9D:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLZgphGYDGgnMTnjKv-3S0VKnTI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/7tLRelkvr1NV_YU8hjSBWD3hBeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/JLZgphGYDGgnMTnjKv-3S0VKnTI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.43.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:21:f5:22:bd:42:f0:b2:32:fe:3e:e9:f2:9b:91:97:99:a1:
         28:6c:c9:7d:b8:e0:31:d7:59:48:7c:de:ba:ad:26:2e:cc:5e:
         0f:81:5d:31:4d:5e:f2:69:cf:c1:63:4e:28:71:11:58:70:27:
         29:60:72:3e:f5:8e:55:ea:e3:96:c8:64:4a:2a:f0:98:bd:8c:
         72:cc:58:76:f4:6b:9b:a4:81:04:ee:18:89:2b:d1:9f:9d:ec:
         9b:ff:44:17:e6:2f:e4:dd:be:95:a5:f1:43:7e:d0:43:3d:03:
         57:1d:8e:e6:a4:56:b6:25:3e:4c:8e:6c:2a:9a:8e:d1:53:5f:
         02:f0:17:19:b4:52:91:ae:85:22:0d:1d:7f:40:d7:7a:ef:13:
         d2:aa:f5:6e:47:42:55:5e:8b:2c:1a:9c:d2:d2:98:8b:af:89:
         f3:b0:ed:f1:0f:35:45:39:66:1a:9f:8f:be:18:e3:df:14:84:
         dc:b8:14:65:b0:96:61:fb:f4:3d:f4:58:dc:dc:63:84:61:63:
         e9:6e:28:4b:1f:d7:1d:c1:9c:58:23:4a:ab:ba:d4:17:06:a1:
         72:3e:a9:d5:0d:43:38:3f:65:b1:54:27:32:81:f6:fe:e7:da:
         ee:7b:83:91:f5:61:21:77:9f:44:d9:03:9b:b7:06:a9:6e:33:
         8a:44:80:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iuz7ddcTw1lCDf3AjvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YjY2MGE2MTE5ODBjNjgyNzMxMzllMzJhZmZiNzRiNDU0
YTlkMzIwHhcNMjMwMTAyMTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWQyZDE3YTU5MmZhZjUzNTVmZDg1M2M4NjM0ODE1ODNkZTEwNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEZh9yGR1+J+RXXX7W9sJDnf8CZQ
lrkQ4GOTDcwpzZOH0a+rKu4bnelf1njiH3WYWDEmUE8N/4RG01xucBGdUyUA3XIt
w37sqKVpmqKtTiDI9fs1tWQhWbO3ByOIZYf6q1bEV7mNqYG+dOajFK70U/Wltq9n
jltGtRNF9ztZxUDgL9+zJFAJXDy8Fm2mnNCew1MuSgm5f5ieIbPjzH5s12h/n14a
RMP6KReB9ckpNOUfY/TNlRM95FkGH/WwkgGxSVgEjeR8YmEcdNSxS6QLa2s1sDdp
PpNl84Zq6VHb8CgLEnYDzICTR5werMJsRcpmNf/egtP+LOiBJlAypqs1qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7S0XpZL69TVf2FPIY0gVg94QXlMB8GA1UdIwQY
MBaAFCS2YKYRmAxoJzE54yr/t0tFSp0yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxaZ3BoR1lER2duTVRuakt2LTNTMFZLblRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNmQ0YjUtNzZiYi00MzI0LTlhODYt
NzA1MTk3NTA3YTU5LzEvN3RMUmVsa3ZyMU5WX1lVOGhqU0JXRDNoQmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNmQ0YjUtNzZiYi00MzI0LTlhODYtNzA1MTk3NTA3YTU5
LzEvSkxaZ3BoR1lER2duTVRuakt2LTNTMFZLblRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuKMA0G
CSqGSIb3DQEBCwUAA4IBAQBoIfUivULwsjL+Punym5GXmaEobMl9uOAx11lIfN66
rSYuzF4PgV0xTV7yac/BY04ocRFYcCcpYHI+9Y5V6uOWyGRKKvCYvYxyzFh29Gub
pIEE7hiJK9Gfneyb/0QX5i/k3b6VpfFDftBDPQNXHY7mpFa2JT5Mjmwqmo7RU18C
8BcZtFKRroUiDR1/QNd67xPSqvVuR0JVXossGpzS0piLr4nzsO3xDzVFOWYan4++
GOPfFITcuBRlsJZh+/Q99Fjc3GOEYWPpbihLH9cdwZxYI0qrutQXBqFyPqnVDUM4
P2WxVCcygfb+59rue4OR9WEhd59E2QObtwapbjOKRIDo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:27 2024 by rpki-client on console-fra.rpki-client.org