Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/_hw95PVYeBExdRBtaPKAY0jBSdY.roa
File:                     _hw95PVYeBExdRBtaPKAY0jBSdY.roa (raw, json)
Hash identifier:          OooYEAWRwNaU7t34hcKt+r/ZSGTPvjB6Cs1NnvDeLvM=
Subject key identifier:   FE:1C:3D:E4:F5:58:78:11:31:75:10:6D:68:F2:80:63:48:C1:49:D6
Certificate issuer:       /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial:       01856BEEC584F404C0B61F08F61D682E911B
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/_hw95PVYeBExdRBtaPKAY0jBSdY.roa
Signing time:             Sun 01 Jan 2023 06:04:48 +0000
ROA not before:           Sun 01 Jan 2023 06:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212480
IP address blocks:        92.255.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:c5:84:f4:04:c0:b6:1f:08:f6:1d:68:2e:91:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
        Validity
            Not Before: Jan  1 06:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe1c3de4f55878113175106d68f2806348c149d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:de:a9:d8:a1:09:31:ea:ce:c9:00:22:bd:34:
                    f5:9a:7d:7c:ea:3e:6a:99:28:59:6c:fc:1d:57:9a:
                    83:be:c1:9a:39:ce:ba:72:06:26:22:ac:16:ce:12:
                    da:6c:5d:09:ce:22:fe:4b:06:30:ac:27:29:1e:99:
                    eb:32:35:a6:82:18:b1:c4:9d:1d:09:5d:d8:b0:8b:
                    56:5a:a4:9e:1f:1c:da:b3:a7:47:96:3c:a5:44:83:
                    d2:28:64:a8:c0:db:5c:9b:94:a0:ae:d3:df:1c:d8:
                    55:2c:8f:8c:e9:62:f3:18:43:13:dc:ff:76:88:12:
                    56:83:01:38:a2:05:79:b9:94:2e:39:b7:34:34:9a:
                    35:1c:2d:eb:34:1d:38:48:55:74:3a:d1:04:1f:ab:
                    9e:40:3c:0c:08:b7:d0:c7:0a:5b:e1:15:b6:77:1e:
                    b4:cf:c4:91:2c:0b:25:35:fb:84:28:66:54:b5:f7:
                    7d:3d:cd:f2:1a:09:e7:d3:3f:1b:0b:13:c0:cd:16:
                    0e:be:b5:82:a3:6c:50:57:b5:05:fb:fb:74:f4:f5:
                    3a:22:45:2d:94:74:f4:13:f6:2f:fa:f3:f1:39:ca:
                    7e:87:6f:e3:b8:82:cd:af:52:b4:77:a0:4c:4c:4f:
                    e5:e8:f0:9a:ec:da:1c:df:dd:c3:c5:bf:db:8e:9d:
                    a2:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:1C:3D:E4:F5:58:78:11:31:75:10:6D:68:F2:80:63:48:C1:49:D6
            X509v3 Authority Key Identifier:
                keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/_hw95PVYeBExdRBtaPKAY0jBSdY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.255.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:22:1c:a8:34:47:b6:ef:3d:5d:31:aa:bd:2f:ce:22:34:a5:
         f5:53:be:61:da:0e:07:2c:e3:c8:e9:e4:ae:c1:5a:2a:c1:18:
         bd:7f:31:dc:ad:02:1a:65:ad:d4:14:fa:19:3d:67:51:86:5c:
         56:e5:bc:ad:48:c9:60:3e:32:24:47:7f:9d:09:72:b0:f8:3a:
         e5:b6:27:eb:42:1b:87:6b:85:b8:73:6e:4e:75:dd:74:51:9a:
         50:5d:30:26:13:7c:2a:80:d7:01:62:1c:a8:28:ad:ae:a5:d9:
         4f:37:89:64:e6:ed:71:9f:00:80:71:fe:57:16:1a:44:1a:a7:
         f2:2b:c4:0a:94:02:93:e0:62:62:08:18:c4:6f:d3:89:18:6a:
         32:80:10:0c:fd:7b:c2:8a:92:f4:3d:aa:2b:17:03:cd:0e:a9:
         13:97:19:97:c3:1f:63:5e:a7:63:6f:42:f1:9a:81:f9:2e:5a:
         a4:48:21:f0:69:77:4d:85:72:71:e7:0a:0f:36:ea:03:ea:ec:
         ea:6e:2a:72:01:2e:64:f4:16:d5:ae:43:18:3e:1d:61:c0:9b:
         44:29:b6:b0:f4:27:6e:74:36:da:53:ef:c9:a0:bd:dd:03:f9:
         c3:c2:1d:4d:82:85:f4:ad:b4:4e:80:f0:dc:70:df:2a:64:15:
         cb:ed:e0:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sWE9ATAth8I9h1oLpEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTFjM2RlNGY1NTg3ODExMzE3NTEwNmQ2OGYyODA2MzQ4YzE0OWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN6p2KEJMerOyQAivTT1mn186j5q
mShZbPwdV5qDvsGaOc66cgYmIqwWzhLabF0JziL+SwYwrCcpHpnrMjWmghixxJ0d
CV3YsItWWqSeHxzas6dHljylRIPSKGSowNtcm5SgrtPfHNhVLI+M6WLzGEMT3P92
iBJWgwE4ogV5uZQuObc0NJo1HC3rNB04SFV0OtEEH6ueQDwMCLfQxwpb4RW2dx60
z8SRLAslNfuEKGZUtfd9Pc3yGgnn0z8bCxPAzRYOvrWCo2xQV7UF+/t09PU6IkUt
lHT0E/Yv+vPxOcp+h2/juILNr1K0d6BMTE/l6PCa7Noc393Dxb/bjp2iywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4cPeT1WHgRMXUQbWjygGNIwUnWMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvX2h3OTVQVlllQkV4ZFJCdGFQS0FZMGpCU2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXP8xMA0G
CSqGSIb3DQEBCwUAA4IBAQB7IhyoNEe27z1dMaq9L84iNKX1U75h2g4HLOPI6eSu
wVoqwRi9fzHcrQIaZa3UFPoZPWdRhlxW5bytSMlgPjIkR3+dCXKw+DrltifrQhuH
a4W4c25Odd10UZpQXTAmE3wqgNcBYhyoKK2updlPN4lk5u1xnwCAcf5XFhpEGqfy
K8QKlAKT4GJiCBjEb9OJGGoygBAM/XvCipL0PaorFwPNDqkTlxmXwx9jXqdjb0Lx
moH5LlqkSCHwaXdNhXJx5woPNuoD6uzqbipyAS5k9BbVrkMYPh1hwJtEKbaw9Cdu
dDbaU+/JoL3dA/nDwh1NgoX0rbROgPDccN8qZBXL7eDk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org