Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/doQvNPwb6s3PTev8u1vPsvHRzSs.roa
File:                     doQvNPwb6s3PTev8u1vPsvHRzSs.roa (raw, json)
Hash identifier:          BMvdQAlkRz76bviJmvaw61vfHxxtbDKYw5qINhaUlwM=
Subject key identifier:   76:84:2F:34:FC:1B:EA:CD:CF:4D:EB:FC:BB:5B:CF:B2:F1:D1:CD:2B
Certificate issuer:       /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial:       0187BD1EBB3972C41B9830BABF5B46D775E7
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/doQvNPwb6s3PTev8u1vPsvHRzSs.roa
Signing time:             Wed 26 Apr 2023 10:32:00 +0000
ROA not before:           Wed 26 Apr 2023 10:32:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210289
IP address blocks:        195.177.230.0/24 maxlen: 24
                          195.177.231.0/24 maxlen: 24
                          195.178.104.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bd:1e:bb:39:72:c4:1b:98:30:ba:bf:5b:46:d7:75:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
        Validity
            Not Before: Apr 26 10:32:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76842f34fc1beacdcf4debfcbb5bcfb2f1d1cd2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4f:e4:45:11:cb:87:fb:aa:c3:66:3f:07:85:
                    5f:44:e5:20:78:ed:06:eb:d6:3c:66:c5:a0:05:93:
                    51:b9:c5:97:63:91:c5:a6:59:4b:a3:54:87:d2:ae:
                    d1:3a:1c:13:79:e7:78:60:e6:98:39:22:b0:98:a5:
                    c6:97:9c:14:2a:69:89:93:4c:7b:70:d8:53:84:3c:
                    37:76:73:e6:18:fa:a0:f7:46:84:1c:28:f4:b8:69:
                    fd:d0:bc:91:10:8a:fa:42:67:45:b1:f5:f2:76:3c:
                    5b:cb:23:b2:58:4e:ed:42:4b:9a:11:78:30:44:db:
                    ee:4b:62:08:e5:92:b8:c7:41:99:a3:82:bd:e9:62:
                    04:35:f3:3d:52:91:80:02:d5:c6:38:21:42:9f:2d:
                    2b:2c:f6:36:4e:cb:a7:84:d9:6e:62:72:f0:4a:2c:
                    c8:37:69:4f:54:fe:b0:8a:94:08:3b:3b:9d:f4:f4:
                    a8:d6:cb:e8:bd:86:06:fe:23:f2:d1:d9:b3:1c:2d:
                    b4:72:50:45:45:4b:a4:f0:f9:42:9e:be:2f:cb:43:
                    3c:b4:56:28:a2:3d:db:02:82:c1:03:5f:b1:88:3e:
                    06:c4:e6:29:34:1d:8b:84:24:5b:93:02:c9:90:b5:
                    78:1e:a7:ae:39:f3:51:c7:d2:df:50:d1:39:db:70:
                    f3:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:84:2F:34:FC:1B:EA:CD:CF:4D:EB:FC:BB:5B:CF:B2:F1:D1:CD:2B
            X509v3 Authority Key Identifier:
                keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/doQvNPwb6s3PTev8u1vPsvHRzSs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.177.230.0/23
                  195.178.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         81:cf:76:2b:18:9e:3d:6a:22:32:09:b2:23:66:55:3f:31:9c:
         a6:d2:ab:9e:f3:bd:26:94:40:83:e6:e3:48:d1:85:1e:4d:61:
         66:b7:4e:bf:99:3f:b7:66:bf:61:1a:a1:81:b8:c2:a7:d9:b2:
         e7:b2:4e:93:2d:3c:83:43:2c:de:e8:17:ff:08:90:32:56:94:
         8d:9f:85:81:d2:5b:aa:33:40:13:36:0f:70:4d:40:6f:c1:31:
         9d:54:56:06:1a:6e:e4:5c:80:2f:82:3d:a3:d2:0d:81:35:40:
         14:69:5f:f8:03:b7:a6:de:c6:da:e0:8f:b0:81:27:2c:71:a1:
         fc:18:58:1c:95:c6:f7:bc:da:88:e6:69:e0:f7:36:47:1a:9a:
         43:15:b4:b1:46:f9:21:0d:83:b1:3c:23:33:3f:12:98:a2:c1:
         af:5f:a4:3b:15:2a:e7:45:7e:18:73:c1:53:87:5e:50:b0:c9:
         9b:26:a0:1e:af:61:cc:05:bb:c6:c5:6d:a5:80:41:d9:90:c0:
         6f:cd:33:3e:ee:49:7b:db:e2:2a:44:98:a1:b1:eb:8c:4a:41:
         8f:1c:96:1e:21:e5:64:a8:7d:c4:db:46:c9:0e:84:6b:bc:7f:
         0b:06:7c:e5:7b:04:ab:6a:be:97:47:e3:80:0b:bb:f9:12:37:
         0c:8c:97:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe9Hrs5csQbmDC6v1tG13XnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjMwNDI2MTAzMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njg0MmYzNGZjMWJlYWNkY2Y0ZGViZmNiYjViY2ZiMmYxZDFjZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U/kRRHLh/uqw2Y/B4VfROUgeO0G
69Y8ZsWgBZNRucWXY5HFpllLo1SH0q7ROhwTeed4YOaYOSKwmKXGl5wUKmmJk0x7
cNhThDw3dnPmGPqg90aEHCj0uGn90LyREIr6QmdFsfXydjxbyyOyWE7tQkuaEXgw
RNvuS2II5ZK4x0GZo4K96WIENfM9UpGAAtXGOCFCny0rLPY2TsunhNluYnLwSizI
N2lPVP6wipQIOzud9PSo1svovYYG/iPy0dmzHC20clBFRUuk8PlCnr4vy0M8tFYo
oj3bAoLBA1+xiD4GxOYpNB2LhCRbkwLJkLV4HqeuOfNRx9LfUNE523Dz5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHaELzT8G+rNz03r/Ltbz7Lx0c0rMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvZG9Rdk5Qd2I2czNQVGV2OHUxdlBzdkhSelNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7HmAwQB
w7JoMA0GCSqGSIb3DQEBCwUAA4IBAQCBz3YrGJ49aiIyCbIjZlU/MZym0que870m
lECD5uNI0YUeTWFmt06/mT+3Zr9hGqGBuMKn2bLnsk6TLTyDQyze6Bf/CJAyVpSN
n4WB0luqM0ATNg9wTUBvwTGdVFYGGm7kXIAvgj2j0g2BNUAUaV/4A7em3sba4I+w
gScscaH8GFgclcb3vNqI5mng9zZHGppDFbSxRvkhDYOxPCMzPxKYosGvX6Q7FSrn
RX4Yc8FTh15QsMmbJqAer2HMBbvGxW2lgEHZkMBvzTM+7kl72+IqRJihseuMSkGP
HJYeIeVkqH3E20bJDoRrvH8LBnzlewSrar6XR+OAC7v5EjcMjJdr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org