Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/PZbO9y6NxUfnN1mHA7Pm1Vf8tjA.roa
File:                     PZbO9y6NxUfnN1mHA7Pm1Vf8tjA.roa (raw, json)
Hash identifier:          q3T1zkvAjvsu/pvIvFH7wwSYhXIoJQu6GDhNjQRL/w4=
Subject key identifier:   3D:96:CE:F7:2E:8D:C5:47:E7:37:59:87:03:B3:E6:D5:57:FC:B6:30
Certificate issuer:       /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial:       0187E7477341070796722391E99727A4F813
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/PZbO9y6NxUfnN1mHA7Pm1Vf8tjA.roa
Signing time:             Thu 04 May 2023 15:00:32 +0000
ROA not before:           Thu 04 May 2023 15:00:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47457
IP address blocks:        195.43.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e7:47:73:41:07:07:96:72:23:91:e9:97:27:a4:f8:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
        Validity
            Not Before: May  4 15:00:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d96cef72e8dc547e737598703b3e6d557fcb630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:15:05:cd:6e:6a:7b:10:5e:0a:8a:7e:f4:b3:
                    2f:15:56:a5:43:02:e1:3c:4a:72:0a:e0:b3:40:41:
                    8d:1c:17:4c:e6:b1:58:90:a4:ce:b6:47:54:b7:e3:
                    8e:73:99:1b:4c:6a:08:00:f0:6c:e7:72:67:95:77:
                    9c:31:d8:2c:18:d5:26:46:79:82:43:a0:fa:e3:c5:
                    6f:0b:c0:b3:a3:49:f9:c5:b5:6e:b3:67:f1:c3:24:
                    a4:fd:fe:a8:89:ed:f0:c5:18:1c:e5:8e:ba:d6:9f:
                    5f:f7:f0:66:84:78:7d:53:5e:23:d7:0d:38:e7:79:
                    27:ee:07:6d:11:dc:bb:86:8a:87:6b:a2:04:63:f6:
                    e7:6d:96:5d:1d:95:8a:ad:ca:49:74:50:1c:48:11:
                    6f:5d:c7:4b:3a:73:b7:6a:e8:13:c0:bb:19:77:95:
                    6b:19:01:92:2a:2b:c1:7b:77:28:ea:31:99:71:44:
                    15:51:58:af:21:74:78:9e:7b:e4:92:3a:c0:b7:e2:
                    53:55:fa:5b:82:af:af:6e:dc:10:7d:86:a4:d1:d0:
                    cd:74:86:b9:c7:e3:27:8b:84:70:b5:fc:bf:01:60:
                    6e:7d:c1:64:1d:79:35:99:27:cf:c9:0d:04:16:db:
                    8b:1b:87:29:b4:71:c0:07:6a:f6:7d:33:04:f1:88:
                    a9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:96:CE:F7:2E:8D:C5:47:E7:37:59:87:03:B3:E6:D5:57:FC:B6:30
            X509v3 Authority Key Identifier:
                keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/PZbO9y6NxUfnN1mHA7Pm1Vf8tjA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.43.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:e8:75:c4:33:70:4e:47:55:1e:83:4b:54:cf:7b:ab:78:cf:
         6a:39:81:ce:14:f2:e8:16:be:b8:ac:ec:dd:79:b9:a3:60:27:
         1a:0e:92:70:ed:65:98:87:6d:08:43:65:ae:36:33:79:c6:c7:
         8c:2c:58:d2:ba:a8:eb:57:f3:4c:97:af:57:b9:45:31:0d:3f:
         5b:1a:1a:0a:56:05:f1:18:3e:a5:57:89:46:95:0b:98:dd:42:
         9a:86:e5:3c:3b:56:b7:31:6e:f4:d4:34:9d:d3:6f:c0:27:a6:
         ad:fe:b6:cb:d2:40:a7:d8:9b:d1:cd:81:a7:f3:29:05:04:9e:
         ae:6a:1d:55:59:26:5d:b0:93:1d:ec:69:b6:07:96:35:d9:f8:
         b1:b0:b0:ed:2a:b5:79:30:c7:0e:ba:a3:2c:c3:e1:1f:87:66:
         be:32:42:f2:38:08:c8:87:50:60:39:4f:3b:f1:b1:1d:39:6a:
         59:bd:36:ed:39:76:c6:6b:5e:0c:91:0a:f4:28:e9:f3:cf:8e:
         16:f1:0d:92:5f:41:e9:0d:db:7a:a5:7a:ba:60:3f:0d:9c:41:
         74:67:29:8c:36:78:83:c6:7e:f5:c4:f3:f7:a0:2f:6f:19:90:
         0d:7e:aa:12:c5:64:32:b1:07:71:6c:6f:ca:f8:86:f6:45:3b:
         a4:a1:b8:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfnR3NBBweWciOR6ZcnpPgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTI2YTczY2U4ZjlmNjJjMTRhMTFhMmVhOTEzZWMyNzNk
NThjNDYwHhcNMjMwNTA0MTUwMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDk2Y2VmNzJlOGRjNTQ3ZTczNzU5ODcwM2IzZTZkNTU3ZmNiNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxUFzW5qexBeCop+9LMvFValQwLh
PEpyCuCzQEGNHBdM5rFYkKTOtkdUt+OOc5kbTGoIAPBs53JnlXecMdgsGNUmRnmC
Q6D648VvC8Czo0n5xbVus2fxwySk/f6oie3wxRgc5Y661p9f9/BmhHh9U14j1w04
53kn7gdtEdy7hoqHa6IEY/bnbZZdHZWKrcpJdFAcSBFvXcdLOnO3augTwLsZd5Vr
GQGSKivBe3co6jGZcUQVUVivIXR4nnvkkjrAt+JTVfpbgq+vbtwQfYak0dDNdIa5
x+Mni4Rwtfy/AWBufcFkHXk1mSfPyQ0EFtuLG4cptHHAB2r2fTME8YipqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2WzvcujcVH5zdZhwOz5tVX/LYwMB8GA1UdIwQY
MBaAFJpSanPOj59iwUoRouqRPsJz1YxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMt
N2QxNmI5MGRiZTcyLzEvUFpiTzl5Nk54VWZuTjFtSEE3UG0xVmY4dGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMtN2QxNmI5MGRiZTcy
LzEvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuQMA0G
CSqGSIb3DQEBCwUAA4IBAQAj6HXEM3BOR1Ueg0tUz3ureM9qOYHOFPLoFr64rOzd
ebmjYCcaDpJw7WWYh20IQ2WuNjN5xseMLFjSuqjrV/NMl69XuUUxDT9bGhoKVgXx
GD6lV4lGlQuY3UKahuU8O1a3MW701DSd02/AJ6at/rbL0kCn2JvRzYGn8ykFBJ6u
ah1VWSZdsJMd7Gm2B5Y12fixsLDtKrV5MMcOuqMsw+Efh2a+MkLyOAjIh1BgOU87
8bEdOWpZvTbtOXbGa14MkQr0KOnzz44W8Q2SX0HpDdt6pXq6YD8NnEF0ZymMNniD
xn71xPP3oC9vGZANfqoSxWQysQdxbG/K+Ib2RTukobgt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:26 2024 by rpki-client on console-ams.rpki-client.org