Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/172e1a-793c-432e-b5cb-8116df399dab/1/Y5q2liffXJPymF3c8CA0lUHT7t4.roa
File:                     Y5q2liffXJPymF3c8CA0lUHT7t4.roa (raw, json)
Hash identifier:          I2m+YOW4K53Hs7X3T7Mv+q65m2FMPjXkvXiOEtKMFd4=
Subject key identifier:   63:9A:B6:96:27:DF:5C:93:F2:98:5D:DC:F0:20:34:95:41:D3:EE:DE
Certificate issuer:       /CN=8eeebe4a6c22d2b0fed176cb77510d9916f1811f
Certificate serial:       01876A6BCC4DD36B8FAF41A076CBB76EEB3F
Authority key identifier: 8E:EE:BE:4A:6C:22:D2:B0:FE:D1:76:CB:77:51:0D:99:16:F1:81:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ju6-Smwi0rD-0XbLd1ENmRbxgR8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/172e1a-793c-432e-b5cb-8116df399dab/1/Y5q2liffXJPymF3c8CA0lUHT7t4.roa
Signing time:             Mon 10 Apr 2023 09:07:42 +0000
ROA not before:           Mon 10 Apr 2023 09:07:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211183
IP address blocks:        195.93.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:6a:6b:cc:4d:d3:6b:8f:af:41:a0:76:cb:b7:6e:eb:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8eeebe4a6c22d2b0fed176cb77510d9916f1811f
        Validity
            Not Before: Apr 10 09:07:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=639ab69627df5c93f2985ddcf020349541d3eede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:2a:f0:d7:c8:1d:02:e0:cd:b0:6f:ea:d0:0d:
                    be:a2:95:b2:42:ab:8c:46:30:53:54:ce:7d:0f:4c:
                    d7:8a:17:bf:cf:76:98:09:10:3c:ba:5a:1e:82:fb:
                    bc:df:5c:0c:6f:d7:3b:eb:e3:2c:5d:f6:c5:74:e4:
                    35:6e:74:51:6e:70:a6:97:0f:ce:b7:79:e7:92:33:
                    9a:4d:6b:f1:b5:e0:87:88:59:6d:fe:d4:15:35:58:
                    51:47:e4:92:b8:cf:71:7b:ef:42:65:e0:83:e5:65:
                    12:6b:00:01:42:37:fe:36:e4:8d:eb:45:26:a0:90:
                    5a:4c:99:62:62:21:5b:7c:46:dc:bc:20:a1:c8:5e:
                    f1:f4:cd:e2:a0:00:74:f0:8d:1d:ba:1c:8b:c1:9d:
                    3b:9b:2d:56:08:a5:69:2b:dd:9d:3a:88:56:2b:16:
                    46:01:bf:0b:67:03:59:7f:dd:16:1a:e9:62:ca:f3:
                    4c:80:aa:de:61:e0:7e:e8:51:40:eb:17:a0:75:d8:
                    2a:9b:bd:65:e4:15:ec:6b:f5:9f:ca:ba:97:63:cc:
                    74:2f:17:89:fb:33:fd:a0:37:73:b3:81:29:21:d3:
                    76:46:10:9d:46:1c:e4:dd:0b:4a:4f:1b:ae:80:eb:
                    1a:25:91:b9:e2:02:57:88:2e:7a:d5:73:78:cd:0e:
                    85:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:9A:B6:96:27:DF:5C:93:F2:98:5D:DC:F0:20:34:95:41:D3:EE:DE
            X509v3 Authority Key Identifier:
                keyid:8E:EE:BE:4A:6C:22:D2:B0:FE:D1:76:CB:77:51:0D:99:16:F1:81:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ju6-Smwi0rD-0XbLd1ENmRbxgR8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/172e1a-793c-432e-b5cb-8116df399dab/1/Y5q2liffXJPymF3c8CA0lUHT7t4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/172e1a-793c-432e-b5cb-8116df399dab/1/ju6-Smwi0rD-0XbLd1ENmRbxgR8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.93.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:4c:1b:68:1e:a4:63:cb:35:d6:39:44:2c:66:f2:16:de:91:
         c6:b7:b7:9f:a3:57:2b:6e:e8:5b:85:e1:38:f9:98:99:a2:53:
         6d:b8:f7:e5:1a:bf:7f:89:c3:32:6a:2c:b7:24:5b:6d:5d:46:
         74:0f:19:9b:ab:b0:69:ca:95:24:9b:22:0e:39:8d:88:05:09:
         90:19:19:0e:a4:df:3f:50:c2:ac:05:53:80:b8:fa:1e:40:c8:
         a4:02:88:37:d4:4b:21:60:46:3c:92:8f:62:17:9d:be:49:e7:
         2a:91:22:21:e8:f3:eb:2a:ed:90:89:ea:7e:67:22:e6:2f:f8:
         2b:ce:73:29:88:3b:53:45:24:d6:ec:84:16:01:83:dd:a7:87:
         2a:9d:4b:59:e5:64:d1:6f:fd:10:82:bf:86:17:38:45:85:0a:
         cf:bf:05:84:b3:8b:ff:12:72:88:17:ec:7f:29:0a:3a:77:11:
         8b:32:55:f4:fa:e5:55:eb:da:1b:23:4e:c9:c5:8e:70:a5:ba:
         97:ba:86:d1:51:3c:b9:e0:da:75:8e:44:d2:0c:50:54:c2:06:
         4e:21:f4:54:68:b1:da:7d:49:c6:5a:f3:5e:af:b6:5a:3a:da:
         ba:1c:21:3d:40:5d:ad:a3:9f:b4:09:ac:ef:2c:38:fb:ff:7f:
         89:03:ea:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdqa8xN02uPr0Ggdsu3bus/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZWViZTRhNmMyMmQyYjBmZWQxNzZjYjc3NTEwZDk5MTZm
MTgxMWYwHhcNMjMwNDEwMDkwNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzlhYjY5NjI3ZGY1YzkzZjI5ODVkZGNmMDIwMzQ5NTQxZDNlZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnirw18gdAuDNsG/q0A2+opWyQquM
RjBTVM59D0zXihe/z3aYCRA8uloegvu831wMb9c76+MsXfbFdOQ1bnRRbnCmlw/O
t3nnkjOaTWvxteCHiFlt/tQVNVhRR+SSuM9xe+9CZeCD5WUSawABQjf+NuSN60Um
oJBaTJliYiFbfEbcvCChyF7x9M3ioAB08I0duhyLwZ07my1WCKVpK92dOohWKxZG
Ab8LZwNZf90WGuliyvNMgKreYeB+6FFA6xegddgqm71l5BXsa/WfyrqXY8x0LxeJ
+zP9oDdzs4EpIdN2RhCdRhzk3QtKTxuugOsaJZG54gJXiC561XN4zQ6FmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOatpYn31yT8phd3PAgNJVB0+7eMB8GA1UdIwQY
MBaAFI7uvkpsItKw/tF2y3dRDZkW8YEfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanU2LVNtd2kwckQtMFhiTGQxRU5tUmJ4Z1I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8xNzJlMWEtNzkzYy00MzJlLWI1Y2It
ODExNmRmMzk5ZGFiLzEvWTVxMmxpZmZYSlB5bUYzYzhDQTBsVUhUN3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8xNzJlMWEtNzkzYy00MzJlLWI1Y2ItODExNmRmMzk5ZGFi
LzEvanU2LVNtd2kwckQtMFhiTGQxRU5tUmJ4Z1I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw138MA0G
CSqGSIb3DQEBCwUAA4IBAQBETBtoHqRjyzXWOUQsZvIW3pHGt7efo1crbuhbheE4
+ZiZolNtuPflGr9/icMyaiy3JFttXUZ0Dxmbq7BpypUkmyIOOY2IBQmQGRkOpN8/
UMKsBVOAuPoeQMikAog31EshYEY8ko9iF52+SecqkSIh6PPrKu2Qiep+ZyLmL/gr
znMpiDtTRSTW7IQWAYPdp4cqnUtZ5WTRb/0Qgr+GFzhFhQrPvwWEs4v/EnKIF+x/
KQo6dxGLMlX0+uVV69obI07JxY5wpbqXuobRUTy54Np1jkTSDFBUwgZOIfRUaLHa
fUnGWvNer7ZaOtq6HCE9QF2to5+0CazvLDj7/3+JA+rY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:09 2024 by rpki-client on console-fra.rpki-client.org