Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/va-Bl8ftuYmmSehmcFXF1rYIfO0.roa
File:                     va-Bl8ftuYmmSehmcFXF1rYIfO0.roa (raw, json)
Hash identifier:          EmVZ1226rBCRQ4o2K1BD0ZqErHjip78BHIaYg+6P3TI=
Subject key identifier:   BD:AF:81:97:C7:ED:B9:89:A6:49:E8:66:70:55:C5:D6:B6:08:7C:ED
Certificate issuer:       /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial:       01869945ACE2953029CBDC5442B05E858701
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/va-Bl8ftuYmmSehmcFXF1rYIfO0.roa
Signing time:             Tue 28 Feb 2023 18:25:25 +0000
ROA not before:           Tue 28 Feb 2023 18:25:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15924
IP address blocks:        195.177.230.0/24 maxlen: 24
                          195.177.231.0/24 maxlen: 24
                          195.178.104.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 10:16:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:99:45:ac:e2:95:30:29:cb:dc:54:42:b0:5e:85:87:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
        Validity
            Not Before: Feb 28 18:25:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bdaf8197c7edb989a649e8667055c5d6b6087ced
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ef:99:e8:4a:8e:b3:bc:91:a0:c7:77:5f:8a:
                    dc:b0:be:5e:25:6e:20:37:a4:5c:aa:0d:9e:77:1f:
                    5d:a8:28:bc:cf:db:b7:53:45:fe:4c:96:bb:e7:5a:
                    a2:e0:eb:7f:dc:71:66:6d:db:79:c9:de:f4:92:c9:
                    f3:f6:2a:e2:e1:9a:6b:58:c5:fe:c7:a5:f1:93:48:
                    65:d2:d1:8c:14:51:6f:db:4d:63:50:f8:d4:ce:06:
                    e3:f3:b7:a9:25:e5:5e:3d:db:0f:16:9b:20:7a:ea:
                    88:a2:cc:a0:c1:ca:0c:aa:13:a0:69:89:ea:8e:9a:
                    1b:a0:fc:80:e8:86:82:99:ab:56:2b:48:0c:3a:63:
                    89:e9:95:e1:c6:f9:6d:b5:63:c0:9e:76:1d:fa:f0:
                    92:51:b7:cc:3b:29:c8:03:8a:61:1b:95:17:85:60:
                    42:c3:46:a8:5d:a9:2e:d5:de:da:99:1b:b8:c4:71:
                    4d:eb:0f:e3:2a:2b:fe:6c:76:c6:b9:bf:86:cb:a9:
                    f7:34:7e:fe:77:fc:1b:ea:f7:20:8c:9e:5b:c9:ec:
                    5e:6f:74:5a:bc:8f:81:4b:7a:0f:b9:1d:7b:51:30:
                    d0:51:fe:a7:ab:43:6b:09:40:c1:00:75:bb:2e:3e:
                    63:cb:16:33:d6:29:2e:e0:6f:1b:4c:1f:63:cd:9b:
                    fd:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:AF:81:97:C7:ED:B9:89:A6:49:E8:66:70:55:C5:D6:B6:08:7C:ED
            X509v3 Authority Key Identifier:
                keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/va-Bl8ftuYmmSehmcFXF1rYIfO0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.177.230.0/23
                  195.178.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7f:7c:98:36:1f:67:ec:36:e0:97:5f:02:30:fe:cb:1f:bb:84:
         84:4a:62:96:06:e5:4c:83:fc:cd:bb:33:bf:6e:9e:f0:27:ac:
         5d:45:f3:03:b5:b7:1c:80:66:03:44:86:0f:e2:98:3a:e7:b8:
         35:b9:3b:54:8b:5d:b9:8f:b5:9e:69:57:a7:06:47:26:4f:82:
         72:08:99:84:b2:a5:f1:ec:6c:40:65:11:ba:6b:96:e9:7d:3a:
         30:40:17:90:6d:dc:ad:7e:a6:c0:b7:1b:b2:9c:09:04:d7:76:
         72:e4:43:fe:e8:6c:da:c1:64:9e:ee:42:15:7d:13:23:f0:0d:
         36:fe:c5:06:8b:3f:2a:b7:d5:a5:a8:9f:ad:e5:49:51:cb:9b:
         10:df:16:90:0e:5e:87:40:0f:ab:92:68:cc:53:cd:1c:4e:ff:
         0f:5b:3c:e0:ec:ea:81:1d:e6:f9:5a:e5:ed:52:b4:ed:f0:62:
         d2:cd:ea:c3:cd:92:b4:d1:ba:70:3f:5c:e8:62:f9:19:a3:3b:
         db:4e:45:d6:17:c2:52:29:b0:cd:7e:c1:c2:3f:7d:a5:d7:27:
         43:51:7d:60:0e:e3:ff:32:e0:6a:5c:5f:43:2d:06:1e:b9:0d:
         8f:e2:e4:8a:2c:6f:4f:10:db:c5:9e:d8:c2:c6:03:f2:ba:ae:
         c6:77:e0:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaZRazilTApy9xUQrBehYcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjMwMjI4MTgyNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFmODE5N2M3ZWRiOTg5YTY0OWU4NjY3MDU1YzVkNmI2MDg3Y2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO+Z6EqOs7yRoMd3X4rcsL5eJW4g
N6Rcqg2edx9dqCi8z9u3U0X+TJa751qi4Ot/3HFmbdt5yd70ksnz9iri4ZprWMX+
x6Xxk0hl0tGMFFFv201jUPjUzgbj87epJeVePdsPFpsgeuqIosygwcoMqhOgaYnq
jpoboPyA6IaCmatWK0gMOmOJ6ZXhxvlttWPAnnYd+vCSUbfMOynIA4phG5UXhWBC
w0aoXaku1d7amRu4xHFN6w/jKiv+bHbGub+Gy6n3NH7+d/wb6vcgjJ5byexeb3Ra
vI+BS3oPuR17UTDQUf6nq0NrCUDBAHW7Lj5jyxYz1iku4G8bTB9jzZv9LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL2vgZfH7bmJpknoZnBVxda2CHztMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvdmEtQmw4ZnR1WW1tU2VobWNGWEYxcllJZk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7HmAwQB
w7JoMA0GCSqGSIb3DQEBCwUAA4IBAQB/fJg2H2fsNuCXXwIw/ssfu4SESmKWBuVM
g/zNuzO/bp7wJ6xdRfMDtbccgGYDRIYP4pg657g1uTtUi125j7WeaVenBkcmT4Jy
CJmEsqXx7GxAZRG6a5bpfTowQBeQbdytfqbAtxuynAkE13Zy5EP+6GzawWSe7kIV
fRMj8A02/sUGiz8qt9WlqJ+t5UlRy5sQ3xaQDl6HQA+rkmjMU80cTv8PWzzg7OqB
Heb5WuXtUrTt8GLSzerDzZK00bpwP1zoYvkZozvbTkXWF8JSKbDNfsHCP32l1ydD
UX1gDuP/MuBqXF9DLQYeuQ2P4uSKLG9PENvFntjCxgPyuq7Gd+Dk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org