Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/AFJCohUdoKNQRcFMMYyeD9KSCpU.roa
File:                     AFJCohUdoKNQRcFMMYyeD9KSCpU.roa (raw, json)
Hash identifier:          hnTI62Y8afDcF+CWClStIXLj3y8SAE4OhEv/UbY9T3A=
Subject key identifier:   00:52:42:A2:15:1D:A0:A3:50:45:C1:4C:31:8C:9E:0F:D2:92:0A:95
Certificate issuer:       /CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
Certificate serial:       018572FA4946A3497D88EC893196FC5D5BBE
Authority key identifier: 3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/AFJCohUdoKNQRcFMMYyeD9KSCpU.roa
Signing time:             Mon 02 Jan 2023 14:54:43 +0000
ROA not before:           Mon 02 Jan 2023 14:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200802
IP address blocks:        185.95.104.0/24 maxlen: 24
                          185.95.105.0/24 maxlen: 24
                          185.95.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Dec 2023 08:21:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:fa:49:46:a3:49:7d:88:ec:89:31:96:fc:5d:5b:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
        Validity
            Not Before: Jan  2 14:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=005242a2151da0a35045c14c318c9e0fd2920a95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:eb:98:db:de:73:98:94:5e:d8:34:0f:06:fb:
                    4b:e0:a3:86:4a:e8:33:32:61:51:af:9d:0c:d3:a6:
                    7c:db:a4:c1:ae:36:2a:cd:f3:00:c8:36:7e:80:21:
                    23:f7:6f:25:d0:81:dc:0f:9b:71:30:6f:77:5c:34:
                    1b:bc:8c:3a:e9:a3:14:67:9a:a9:bc:f1:a0:07:0d:
                    4c:05:1b:6a:17:fc:bd:f3:84:93:48:ba:3c:7e:63:
                    f7:21:27:73:62:49:38:54:66:c9:b6:5f:05:1b:75:
                    59:23:b1:2d:3c:8e:c4:87:e0:31:e8:41:9b:cf:22:
                    a4:51:e1:eb:75:ab:dc:b2:4c:82:a1:89:a3:0b:b1:
                    85:36:33:b1:8b:02:8a:fa:ea:db:6e:31:6d:84:b5:
                    93:21:c0:e3:85:dc:bc:f6:f8:ed:3c:89:67:1c:48:
                    95:cb:92:36:90:2f:e6:bb:a9:f6:6e:77:81:a7:91:
                    f4:0f:16:40:93:24:20:55:08:6f:ea:ec:8b:14:68:
                    8a:23:e0:5f:e0:fb:ef:93:bd:ca:9e:16:9f:d5:cb:
                    92:f7:f5:4d:fc:c9:ac:60:3e:29:42:74:67:76:47:
                    c7:bf:e5:b0:d2:61:8f:97:8f:3a:a1:0f:7b:c1:55:
                    f9:73:c3:d8:34:b9:0f:4b:b8:a6:e7:c4:8d:ff:c2:
                    6d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:52:42:A2:15:1D:A0:A3:50:45:C1:4C:31:8C:9E:0F:D2:92:0A:95
            X509v3 Authority Key Identifier:
                keyid:3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/AFJCohUdoKNQRcFMMYyeD9KSCpU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.104.0-185.95.106.255

    Signature Algorithm: sha256WithRSAEncryption
         7a:bf:0a:59:1a:6c:9b:12:d6:0d:1d:5a:c6:06:1d:6b:7c:e9:
         a2:b8:b3:43:87:a2:01:d8:f1:2b:6d:07:54:7c:f6:1e:ee:75:
         2e:70:1f:8f:2d:3c:b5:35:7f:40:45:19:49:b2:62:98:a2:aa:
         36:3a:47:65:e7:04:63:fe:16:13:af:4a:3d:03:e0:fa:68:e3:
         0f:e4:24:9f:9a:c7:78:a4:b1:9f:d2:fb:27:26:96:8d:c2:e5:
         9c:9c:8d:fd:72:c5:9b:d4:c2:2d:b4:b2:e8:d8:91:70:d3:32:
         23:b1:b6:b3:68:99:83:8c:c7:a0:25:2e:bb:d6:ea:f2:6f:06:
         ed:f8:5a:86:bb:dc:63:40:d5:b9:0e:03:f1:0d:76:29:f3:8a:
         bc:04:26:11:e2:8d:bc:99:e7:02:51:d7:9b:cf:4f:d0:2e:8e:
         8d:78:d4:16:85:eb:c4:22:5e:11:d2:1a:f8:c3:2a:26:6e:93:
         6c:a6:d9:ba:3f:1d:f2:d3:16:d6:d0:83:42:bd:30:c5:79:04:
         32:2a:8c:c0:8b:4d:5b:ea:31:3a:89:d1:78:69:a0:9c:3b:e7:
         85:ae:ef:76:47:10:57:29:d6:0f:a1:97:87:dd:a0:35:fa:39:
         c0:da:76:2f:c6:da:f4:46:a0:d7:90:59:91:00:3e:1e:59:a3:
         f0:ed:de:54
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVy+klGo0l9iOyJMZb8XVu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2RjM2QwMjI4MjhlNGY1YjM2YmRlZjdhMThiMGJiMGNm
YmFlMDkwHhcNMjMwMTAyMTQ1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDUyNDJhMjE1MWRhMGEzNTA0NWMxNGMzMThjOWUwZmQyOTIwYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeuY295zmJRe2DQPBvtL4KOGSugz
MmFRr50M06Z826TBrjYqzfMAyDZ+gCEj928l0IHcD5txMG93XDQbvIw66aMUZ5qp
vPGgBw1MBRtqF/y984STSLo8fmP3ISdzYkk4VGbJtl8FG3VZI7EtPI7Eh+Ax6EGb
zyKkUeHrdavcskyCoYmjC7GFNjOxiwKK+urbbjFthLWTIcDjhdy89vjtPIlnHEiV
y5I2kC/mu6n2bneBp5H0DxZAkyQgVQhv6uyLFGiKI+Bf4Pvvk73Knhaf1cuS9/VN
/MmsYD4pQnRndkfHv+Ww0mGPl486oQ97wVX5c8PYNLkPS7im58SN/8JtvwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFABSQqIVHaCjUEXBTDGMng/SkgqVMB8GA1UdIwQY
MBaAFDt9w9Aigo5PWza973oYsLsM+64JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGIt
NzE5NDhlM2M5YWQ0LzEvQUZKQ29oVWRvS05RUmNGTU1ZeWVEOUtTQ3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGItNzE5NDhlM2M5YWQ0
LzEvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5X2gD
BAC5X2owDQYJKoZIhvcNAQELBQADggEBAHq/ClkabJsS1g0dWsYGHWt86aK4s0OH
ogHY8SttB1R89h7udS5wH48tPLU1f0BFGUmyYpiiqjY6R2XnBGP+FhOvSj0D4Ppo
4w/kJJ+ax3iksZ/S+ycmlo3C5Zycjf1yxZvUwi20sujYkXDTMiOxtrNomYOMx6Al
LrvW6vJvBu34Woa73GNA1bkOA/ENdinzirwEJhHijbyZ5wJR15vPT9Aujo141BaF
68QiXhHSGvjDKiZuk2ym2bo/HfLTFtbQg0K9MMV5BDIqjMCLTVvqMTqJ0XhpoJw7
54Wu73ZHEFcp1g+hl4fdoDX6OcDadi/G2vRGoNeQWZEAPh5Zo/Dt3lQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org