Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/0f-5hg_eQJao7hpNwiC42pNnhTE.roa
File:                     0f-5hg_eQJao7hpNwiC42pNnhTE.roa (raw, json)
Hash identifier:          IUZvdk+SSj8BYGLmzhJQwj2oEafXSldaAdULDIxa6p4=
Subject key identifier:   D1:FF:B9:86:0F:DE:40:96:A8:EE:1A:4D:C2:20:B8:DA:93:67:85:31
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0185710C357B65DD5DC4FE0A04EFCFF4E9CE
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/0f-5hg_eQJao7hpNwiC42pNnhTE.roa
Signing time:             Mon 02 Jan 2023 05:55:03 +0000
ROA not before:           Mon 02 Jan 2023 05:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199524
IP address blocks:        193.148.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:35:7b:65:dd:5d:c4:fe:0a:04:ef:cf:f4:e9:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan  2 05:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1ffb9860fde4096a8ee1a4dc220b8da93678531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:61:b7:d8:cc:5a:69:24:16:b3:c1:ea:a0:da:
                    09:1f:4b:3a:c7:72:9e:d3:ab:1e:40:3b:48:5f:de:
                    c7:c2:3a:36:42:87:17:ce:56:7a:08:bb:21:53:77:
                    99:8a:87:8a:fe:fa:b1:d7:4e:92:b0:98:ee:f5:3d:
                    6d:cd:0c:50:0f:61:39:1a:8e:89:99:e2:39:b4:ea:
                    8f:dd:49:15:23:c8:ac:59:f2:37:86:42:69:dc:b3:
                    9f:1d:9a:d5:21:2a:41:da:34:c2:82:bc:3c:3f:34:
                    ac:37:44:02:04:64:23:81:47:2f:01:29:e9:ac:30:
                    fc:b3:f3:db:ae:d1:41:b3:49:98:a1:8b:d7:2c:1f:
                    68:05:91:e7:3b:c7:ac:1b:e7:dd:08:49:88:3d:6b:
                    6e:c9:47:53:03:b9:83:36:87:4a:dd:92:3d:69:ee:
                    ca:f1:0d:b8:37:11:73:18:27:8c:c9:40:17:c4:4b:
                    62:8d:68:3d:e2:cd:c9:45:db:31:fc:41:d8:91:55:
                    19:7f:7e:cc:61:c1:50:ac:7a:2a:79:b2:f9:1f:66:
                    89:7c:8d:60:fe:21:ad:07:28:ab:5d:dd:4d:86:90:
                    4f:01:9d:ff:a6:28:82:7e:d3:fc:aa:61:b8:5f:68:
                    26:8d:e6:2f:b6:ea:82:4c:74:3e:ee:17:51:f3:0c:
                    05:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:FF:B9:86:0F:DE:40:96:A8:EE:1A:4D:C2:20:B8:DA:93:67:85:31
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/0f-5hg_eQJao7hpNwiC42pNnhTE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.148.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:f2:75:38:f3:65:3f:39:3d:d5:70:b0:9d:6e:14:62:09:6b:
         20:ac:aa:db:b7:0c:a6:04:a6:51:c1:fb:cb:e6:c5:54:a4:96:
         f3:7c:a4:44:54:22:43:0b:41:8c:b3:6d:d4:78:c6:65:7c:2d:
         8d:a4:51:9f:80:25:ff:f5:02:a4:f0:4a:8f:2d:f2:92:b7:26:
         31:d6:22:99:0c:a7:fc:4c:d6:29:ca:f1:32:7b:eb:b5:43:a5:
         dc:70:b6:ba:2b:d8:a5:b7:4b:b5:4b:90:f3:cb:3f:10:86:b4:
         3b:c0:08:03:62:8b:df:da:76:d7:c9:30:b5:62:9c:f4:0d:d6:
         39:d0:28:ca:7e:37:78:f8:d5:7a:31:84:47:42:7d:31:ca:66:
         e2:ea:eb:44:42:c9:ec:65:0d:6e:b2:f5:fb:d7:c1:f1:1a:26:
         9e:cb:9e:ae:40:14:b1:71:22:37:7e:fb:22:c0:16:6a:15:fd:
         99:aa:5c:d8:1f:d8:eb:cc:79:82:1d:24:95:4a:0f:88:df:3e:
         27:dc:8c:91:7c:48:b2:74:77:8c:b6:26:62:4b:fd:52:4a:dd:
         90:74:37:5d:81:f3:0a:51:d6:09:9f:ba:a6:5c:5e:7e:39:4d:
         6e:1c:9a:5a:ed:65:a1:98:d5:13:86:0c:a8:5b:de:f4:4e:d8:
         fe:69:21:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDDV7Zd1dxP4KBO/P9OnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWZmYjk4NjBmZGU0MDk2YThlZTFhNGRjMjIwYjhkYTkzNjc4NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mG32MxaaSQWs8HqoNoJH0s6x3Ke
06seQDtIX97Hwjo2QocXzlZ6CLshU3eZioeK/vqx106SsJju9T1tzQxQD2E5Go6J
meI5tOqP3UkVI8isWfI3hkJp3LOfHZrVISpB2jTCgrw8PzSsN0QCBGQjgUcvASnp
rDD8s/PbrtFBs0mYoYvXLB9oBZHnO8esG+fdCEmIPWtuyUdTA7mDNodK3ZI9ae7K
8Q24NxFzGCeMyUAXxEtijWg94s3JRdsx/EHYkVUZf37MYcFQrHoqebL5H2aJfI1g
/iGtByirXd1NhpBPAZ3/piiCftP8qmG4X2gmjeYvtuqCTHQ+7hdR8wwF1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNH/uYYP3kCWqO4aTcIguNqTZ4UxMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvMGYtNWhnX2VRSmFvN2hwTndpQzQycE5uaFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwZRfMA0G
CSqGSIb3DQEBCwUAA4IBAQAc8nU482U/OT3VcLCdbhRiCWsgrKrbtwymBKZRwfvL
5sVUpJbzfKREVCJDC0GMs23UeMZlfC2NpFGfgCX/9QKk8EqPLfKStyYx1iKZDKf8
TNYpyvEye+u1Q6XccLa6K9ilt0u1S5Dzyz8QhrQ7wAgDYovf2nbXyTC1Ypz0DdY5
0CjKfjd4+NV6MYRHQn0xymbi6utEQsnsZQ1usvX718HxGiaey56uQBSxcSI3fvsi
wBZqFf2ZqlzYH9jrzHmCHSSVSg+I3z4n3IyRfEiydHeMtiZiS/1SSt2QdDddgfMK
UdYJn7qmXF5+OU1uHJpa7WWhmNUThgyoW970Ttj+aSFO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org