Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/JE4zl4FN1Rkbz1-fuiGWvHHXaTw.roa
File:                     JE4zl4FN1Rkbz1-fuiGWvHHXaTw.roa (raw, json)
Hash identifier:          odo+TglyThmDj8Fhj+dXeYgORdCrEWosSlni2KVcmz0=
Subject key identifier:   24:4E:33:97:81:4D:D5:19:1B:CF:5F:9F:BA:21:96:BC:71:D7:69:3C
Certificate issuer:       /CN=191ee3af820563494647551a5206ef0c45cf95c9
Certificate serial:       01856F5DEF91D8A0E1BB1E6F54DEB49E28BD
Authority key identifier: 19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/JE4zl4FN1Rkbz1-fuiGWvHHXaTw.roa
Signing time:             Sun 01 Jan 2023 22:05:05 +0000
ROA not before:           Sun 01 Jan 2023 22:05:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12727
IP address blocks:        95.131.18.0/23 maxlen: 23
                          95.131.20.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 30 Jan 2023 13:51:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:ef:91:d8:a0:e1:bb:1e:6f:54:de:b4:9e:28:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=191ee3af820563494647551a5206ef0c45cf95c9
        Validity
            Not Before: Jan  1 22:05:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=244e3397814dd5191bcf5f9fba2196bc71d7693c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d3:17:27:69:aa:3a:ca:99:ac:74:39:eb:81:
                    63:c9:b5:04:a1:9a:75:97:12:d5:37:5b:2d:7b:00:
                    56:8e:1f:c6:f5:74:73:3f:0f:c2:27:12:77:3a:26:
                    6e:3f:6a:22:15:92:c7:e2:d6:5a:2e:81:44:c1:6c:
                    f1:e6:38:4d:de:09:f7:55:a0:34:ce:a6:f6:b9:66:
                    26:ce:5d:87:0c:5c:03:a6:8e:83:b7:72:e2:df:90:
                    ce:ca:d0:0d:d4:d0:d8:2f:56:f6:6a:98:9c:af:1b:
                    ab:b4:bd:92:d4:eb:4f:b1:5f:4f:fa:20:e8:af:ea:
                    c8:63:3f:5b:d3:0f:0e:65:56:a2:d4:5f:ac:2f:91:
                    03:37:ac:0c:54:d2:29:ee:11:25:aa:22:97:cb:b0:
                    03:ce:03:83:48:cb:2b:89:b6:88:08:a0:bc:12:8a:
                    f8:c5:b7:3f:16:c0:9c:ce:89:da:64:ba:7a:6c:2b:
                    31:90:65:0d:9c:a8:57:ee:7f:da:ce:4c:3d:e8:b1:
                    49:65:da:a7:70:d5:74:59:fb:30:29:01:46:79:46:
                    a7:ca:71:28:46:32:c0:13:fc:f7:ed:8f:f7:19:00:
                    72:ed:61:c6:96:5d:ee:8f:37:91:1a:14:26:42:03:
                    17:2e:e9:5d:b7:60:a6:51:c7:4d:47:ab:5a:09:93:
                    82:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:4E:33:97:81:4D:D5:19:1B:CF:5F:9F:BA:21:96:BC:71:D7:69:3C
            X509v3 Authority Key Identifier:
                keyid:19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/JE4zl4FN1Rkbz1-fuiGWvHHXaTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.131.18.0-95.131.23.255

    Signature Algorithm: sha256WithRSAEncryption
         07:99:f4:94:19:67:ab:73:07:ef:59:0e:f4:79:a1:fa:9f:df:
         05:66:61:29:8d:e9:75:32:83:ca:f7:2c:76:eb:57:0b:25:4e:
         77:d9:c0:93:9b:53:63:ae:b8:23:e1:ad:4b:24:ad:e6:8a:ad:
         0b:e3:2f:14:1f:1f:d8:39:09:93:35:d8:54:d4:37:ad:d8:f4:
         98:e8:c0:5b:1a:0c:ac:bc:e2:99:9b:2c:9c:df:8d:9a:57:43:
         a1:bb:cb:2a:ae:f8:d5:33:65:fa:0d:83:8d:ef:95:51:65:c1:
         66:b1:ca:e0:b9:da:9e:91:29:6f:f9:ec:6f:a4:94:51:04:c8:
         06:2a:04:e6:0d:1e:76:53:dc:c3:6f:b4:5f:66:69:d1:2e:47:
         1a:2d:ab:bd:31:db:46:70:f4:f9:02:31:23:e7:c2:86:09:cb:
         5a:d4:be:3f:67:0a:7d:85:d8:be:e1:c3:36:01:75:b4:13:36:
         aa:21:bc:dd:80:2f:bb:f4:a6:ad:6c:60:7c:b4:19:ef:de:38:
         eb:44:92:37:dd:ff:ce:5d:6a:ac:70:7a:36:f1:d1:3c:18:09:
         c1:e0:57:79:c3:95:93:2e:a9:3b:77:49:f3:d1:71:77:34:9d:
         9c:0c:fa:4f:95:6a:a2:21:6a:34:96:e5:40:ad:70:67:bb:41:
         77:5c:8c:c1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvXe+R2KDhux5vVN60nii9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWVlM2FmODIwNTYzNDk0NjQ3NTUxYTUyMDZlZjBjNDVj
Zjk1YzkwHhcNMjMwMTAxMjIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDRlMzM5NzgxNGRkNTE5MWJjZjVmOWZiYTIxOTZiYzcxZDc2OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNMXJ2mqOsqZrHQ564FjybUEoZp1
lxLVN1stewBWjh/G9XRzPw/CJxJ3OiZuP2oiFZLH4tZaLoFEwWzx5jhN3gn3VaA0
zqb2uWYmzl2HDFwDpo6Dt3Li35DOytAN1NDYL1b2apicrxurtL2S1OtPsV9P+iDo
r+rIYz9b0w8OZVai1F+sL5EDN6wMVNIp7hElqiKXy7ADzgODSMsribaICKC8Eor4
xbc/FsCczonaZLp6bCsxkGUNnKhX7n/azkw96LFJZdqncNV0WfswKQFGeUanynEo
RjLAE/z37Y/3GQBy7WHGll3ujzeRGhQmQgMXLuldt2CmUcdNR6taCZOCfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCROM5eBTdUZG89fn7ohlrxx12k8MB8GA1UdIwQY
MBaAFBke46+CBWNJRkdVGlIG7wxFz5XJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1I3anI0SUZZMGxHUjFVYVVnYnZERVhQbGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hM2RmODEtMjA5Ni00OTNkLWIxMDYt
NDZkNmNlYTIwMzQyLzEvSkU0emw0Rk4xUmtiejEtZnVpR1d2SEhYYVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hM2RmODEtMjA5Ni00OTNkLWIxMDYtNDZkNmNlYTIwMzQy
LzEvR1I3anI0SUZZMGxHUjFVYVVnYnZERVhQbGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFfgxID
BANfgxAwDQYJKoZIhvcNAQELBQADggEBAAeZ9JQZZ6tzB+9ZDvR5ofqf3wVmYSmN
6XUyg8r3LHbrVwslTnfZwJObU2OuuCPhrUskreaKrQvjLxQfH9g5CZM12FTUN63Y
9JjowFsaDKy84pmbLJzfjZpXQ6G7yyqu+NUzZfoNg43vlVFlwWaxyuC52p6RKW/5
7G+klFEEyAYqBOYNHnZT3MNvtF9madEuRxotq70x20Zw9PkCMSPnwoYJy1rUvj9n
Cn2F2L7hwzYBdbQTNqohvN2AL7v0pq1sYHy0Ge/eOOtEkjfd/85daqxwejbx0TwY
CcHgV3nDlZMuqTt3SfPRcXc0nZwM+k+VaqIhajSW5UCtcGe7QXdcjME=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:19 2024 by rpki-client on console-fra.rpki-client.org