Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/H39mxVg4HqL3VHYdEwd371i6RnA.roa
File:                     H39mxVg4HqL3VHYdEwd371i6RnA.roa (raw, json)
Hash identifier:          V2il4iiQ3peufd6Ydk8mlzANth0WcmulUu0lROloRbQ=
Subject key identifier:   1F:7F:66:C5:58:38:1E:A2:F7:54:76:1D:13:07:77:EF:58:BA:46:70
Certificate issuer:       /CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Certificate serial:       018E31E5751F205957DACC942DA7AEBF0EBA
Authority key identifier: D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/H39mxVg4HqL3VHYdEwd371i6RnA.roa
Signing time:             Tue 12 Mar 2024 09:01:45 +0000
ROA not before:           Tue 12 Mar 2024 09:01:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        95.128.156.0/24 maxlen: 24
                          185.180.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 11:09:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:31:e5:75:1f:20:59:57:da:cc:94:2d:a7:ae:bf:0e:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
        Validity
            Not Before: Mar 12 09:01:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1f7f66c558381ea2f754761d130777ef58ba4670
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:9a:c7:cd:e7:59:4b:85:59:f1:e8:1a:cf:c1:
                    72:97:ba:b7:18:d8:9b:5b:74:5e:0b:72:38:5c:f7:
                    70:3e:80:33:c6:98:76:c9:bd:df:7f:d4:71:02:44:
                    90:af:9c:12:6e:c4:e5:e3:ea:d7:36:2e:b5:a5:c8:
                    01:df:27:6f:b2:5e:16:6c:14:96:39:8d:c4:fd:f6:
                    50:2a:ca:53:dd:47:79:57:2c:06:02:71:29:40:7f:
                    3e:19:4f:a9:a6:d3:da:7b:4b:f4:90:d0:4b:e6:ee:
                    26:19:84:05:91:46:aa:aa:27:c0:88:51:3a:eb:f9:
                    3a:ce:83:43:a9:ff:a3:f1:48:9e:6c:3c:44:03:43:
                    b1:c8:20:01:83:65:dc:6e:61:c8:c7:98:cc:08:66:
                    1e:7c:e5:82:18:02:68:b7:8d:82:9b:e3:b1:f7:b9:
                    d6:08:60:7f:d6:ed:17:47:76:19:71:41:2b:4a:06:
                    39:82:02:6f:1a:cc:55:8f:53:94:c3:2e:7e:f4:4a:
                    34:d7:0d:b7:ef:dd:1b:e9:22:07:ae:e4:ef:3e:34:
                    fd:7f:5c:5b:3b:4c:3f:6f:bf:56:61:10:65:26:f6:
                    92:0c:40:79:27:08:23:06:f3:fc:17:6f:6c:51:f2:
                    a8:07:0b:d0:c8:e2:c4:4c:f5:4f:57:0d:38:d3:50:
                    b6:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:7F:66:C5:58:38:1E:A2:F7:54:76:1D:13:07:77:EF:58:BA:46:70
            X509v3 Authority Key Identifier:
                keyid:D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/H39mxVg4HqL3VHYdEwd371i6RnA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/04zZRAVS59q5zVYx1KuHJFFTW3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.128.156.0/24
                  185.180.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:d5:24:b4:b5:33:8f:f5:3d:f4:08:7e:07:6a:2d:ab:66:f3:
         15:64:dd:aa:ec:75:48:5b:66:37:63:8a:8e:42:36:83:04:55:
         7f:21:05:cd:e9:e0:da:a5:65:a3:8a:f5:b8:82:4f:cf:82:73:
         cb:95:9c:74:40:93:7c:e2:b4:97:08:6e:d5:07:15:22:05:60:
         df:39:fb:47:44:df:ad:f5:9b:34:fa:d7:6a:c0:41:04:92:63:
         a4:00:32:30:84:a6:7d:8f:45:af:fc:90:90:f5:a8:92:3a:61:
         4e:bf:25:2a:d0:4a:61:56:fa:6c:fe:2b:a7:dd:df:cc:e6:11:
         2e:dd:fc:19:0a:50:e4:34:d2:f4:6a:10:48:fd:c8:d2:a5:0a:
         12:58:b7:8c:97:92:84:a0:c0:8c:0e:42:d0:9f:41:58:c8:6a:
         55:cb:9a:e8:d6:80:9f:cb:d7:fb:f9:2e:ef:61:b6:7f:46:9b:
         e7:9d:3b:1e:56:ce:e8:db:75:8e:d7:b3:af:10:6c:51:15:75:
         44:5a:f7:0e:a6:90:01:ba:1d:00:51:ff:ce:cd:64:a4:fa:38:
         b2:78:66:8b:2f:86:9e:b9:c9:dc:b4:74:03:c7:13:0d:21:ee:
         c0:85:df:83:42:6d:28:90:35:38:84:3e:ca:23:4c:d3:e2:ae:
         d7:56:70:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4x5XUfIFlX2syULaeuvw66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOGNkOTQ0MDU1MmU3ZGFiOWNkNTYzMWQ0YWI4NzI0NTE1
MzViN2EwHhcNMjQwMzEyMDkwMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjdmNjZjNTU4MzgxZWEyZjc1NDc2MWQxMzA3NzdlZjU4YmE0NjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZrHzedZS4VZ8egaz8Fyl7q3GNib
W3ReC3I4XPdwPoAzxph2yb3ff9RxAkSQr5wSbsTl4+rXNi61pcgB3ydvsl4WbBSW
OY3E/fZQKspT3Ud5VywGAnEpQH8+GU+pptPae0v0kNBL5u4mGYQFkUaqqifAiFE6
6/k6zoNDqf+j8UiebDxEA0OxyCABg2XcbmHIx5jMCGYefOWCGAJot42Cm+Ox97nW
CGB/1u0XR3YZcUErSgY5ggJvGsxVj1OUwy5+9Eo01w23790b6SIHruTvPjT9f1xb
O0w/b79WYRBlJvaSDEB5JwgjBvP8F29sUfKoBwvQyOLETPVPVw0401C22wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB9/ZsVYOB6i91R2HRMHd+9YukZwMB8GA1UdIwQY
MBaAFNOM2UQFUufauc1WMdSrhyRRU1t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMt
N2M2NWE4NTJmMDkyLzEvSDM5bXhWZzRIcUwzVkhZZEV3ZDM3MWk2Um5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMtN2M2NWE4NTJmMDky
LzEvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX4CcAwQA
ubSQMA0GCSqGSIb3DQEBCwUAA4IBAQAV1SS0tTOP9T30CH4Hai2rZvMVZN2q7HVI
W2Y3Y4qOQjaDBFV/IQXN6eDapWWjivW4gk/PgnPLlZx0QJN84rSXCG7VBxUiBWDf
OftHRN+t9Zs0+tdqwEEEkmOkADIwhKZ9j0Wv/JCQ9aiSOmFOvyUq0EphVvps/iun
3d/M5hEu3fwZClDkNNL0ahBI/cjSpQoSWLeMl5KEoMCMDkLQn0FYyGpVy5ro1oCf
y9f7+S7vYbZ/RpvnnTseVs7o23WO17OvEGxRFXVEWvcOppABuh0AUf/OzWSk+jiy
eGaLL4aeucnctHQDxxMNIe7Ahd+DQm0okDU4hD7KI0zT4q7XVnDm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:10 2024 by rpki-client on console-fra.rpki-client.org