Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/bjUDD79sCkRaszGCpYd5WROSNZk.roa
File:                     bjUDD79sCkRaszGCpYd5WROSNZk.roa (raw, json)
Hash identifier:          ezk/H7+riEgk2G8YvIlY8F5oDsuhoSHmivTz8gKbGYM=
Subject key identifier:   6E:35:03:0F:BF:6C:0A:44:5A:B3:31:82:A5:87:79:59:13:92:35:99
Certificate issuer:       /CN=0c7161e622f63c0db8568d8cb4c4d7c0d9808346
Certificate serial:       01856E1D33972B4BF6A727D1DD113E0ED52E
Authority key identifier: 0C:71:61:E6:22:F6:3C:0D:B8:56:8D:8C:B4:C4:D7:C0:D9:80:83:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/bjUDD79sCkRaszGCpYd5WROSNZk.roa
Signing time:             Sun 01 Jan 2023 16:14:45 +0000
ROA not before:           Sun 01 Jan 2023 16:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212122
IP address blocks:        195.7.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:1d:33:97:2b:4b:f6:a7:27:d1:dd:11:3e:0e:d5:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c7161e622f63c0db8568d8cb4c4d7c0d9808346
        Validity
            Not Before: Jan  1 16:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6e35030fbf6c0a445ab33182a587795913923599
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3d:56:48:0f:6e:23:20:1f:18:4a:bd:1a:73:
                    9d:dc:94:b0:91:3a:1c:eb:57:6f:aa:d1:18:1b:1e:
                    45:5b:43:37:35:c3:99:c3:66:8c:be:75:15:e8:7a:
                    a2:62:98:cb:c0:90:ae:b4:43:a6:6d:68:3d:84:70:
                    ea:be:38:f6:3a:f4:6f:e3:f3:2e:9d:ad:60:33:9a:
                    87:93:c8:de:f4:f7:79:eb:62:f5:e4:a7:f6:39:e9:
                    ee:46:cc:9d:63:67:30:78:77:fa:d1:df:11:26:0c:
                    c4:52:e0:07:2d:e8:0e:fd:c7:79:a2:d2:46:56:aa:
                    c3:c8:93:e9:ca:3c:50:48:45:f0:ed:09:96:60:83:
                    75:6b:a8:a1:07:9a:98:28:1b:f0:7c:95:fd:b3:59:
                    17:4a:2d:bb:22:b7:d6:2c:6f:c7:e9:b6:a5:b7:f0:
                    fc:c7:59:2d:fa:23:0e:b4:32:d1:d0:e5:0a:da:bd:
                    b4:28:68:1c:dd:82:84:3e:d4:c1:fe:10:a1:54:88:
                    3c:c5:a7:11:11:ac:0c:df:9b:1e:aa:96:aa:5e:25:
                    bb:3a:17:05:0b:3f:8b:c0:dd:75:cb:9e:ac:3b:64:
                    16:c4:09:32:35:a4:d4:9a:e6:d4:f4:83:a2:88:65:
                    38:8c:f6:07:35:ce:92:7e:cb:d7:38:9b:ad:3f:3b:
                    4f:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:35:03:0F:BF:6C:0A:44:5A:B3:31:82:A5:87:79:59:13:92:35:99
            X509v3 Authority Key Identifier:
                keyid:0C:71:61:E6:22:F6:3C:0D:B8:56:8D:8C:B4:C4:D7:C0:D9:80:83:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/bjUDD79sCkRaszGCpYd5WROSNZk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.7.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:69:58:f6:85:c7:96:10:db:61:44:5d:9d:dd:2e:c5:a4:10:
         76:a7:62:1b:a9:c7:7b:4c:85:7b:23:3f:c7:9f:9f:78:42:fe:
         a8:e3:03:41:fc:90:cc:db:5c:b0:ff:27:c7:6f:f4:07:c9:57:
         67:a7:6a:7f:c3:97:43:ce:fc:57:67:1d:87:d8:a7:bf:c8:5c:
         63:d2:24:c1:5d:5f:39:04:da:a0:01:b5:80:fb:40:70:cf:26:
         66:d9:47:39:2b:35:b5:86:b0:a3:a1:5e:46:1f:5c:13:0e:48:
         1f:96:10:79:21:d2:bc:85:c3:03:8d:33:05:e3:e9:ec:3e:6e:
         c5:8a:86:cb:06:ad:d5:4d:ab:fc:78:bd:d4:97:a2:65:e7:d6:
         f4:36:c0:86:32:59:e6:c8:9e:fe:91:22:3f:74:9f:a4:36:c3:
         2a:0f:89:52:a1:47:53:e3:4f:e9:b6:c5:08:5f:79:b2:23:0e:
         90:5e:a8:9d:01:ff:8f:5d:a8:e3:66:3b:43:82:62:a8:32:b0:
         1c:53:f8:87:5c:5e:82:07:9f:fd:c2:3c:c4:91:7d:3e:5d:6f:
         3b:b4:78:e6:e9:88:75:a9:ca:54:35:23:33:e8:b7:d0:1b:6b:
         bb:16:75:fb:3b:23:08:26:05:1d:cb:73:f5:74:de:44:85:96:
         82:c5:5b:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuHTOXK0v2pyfR3RE+DtUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNzE2MWU2MjJmNjNjMGRiODU2OGQ4Y2I0YzRkN2MwZDk4
MDgzNDYwHhcNMjMwMTAxMTYxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTM1MDMwZmJmNmMwYTQ0NWFiMzMxODJhNTg3Nzk1OTEzOTIzNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz1WSA9uIyAfGEq9GnOd3JSwkToc
61dvqtEYGx5FW0M3NcOZw2aMvnUV6HqiYpjLwJCutEOmbWg9hHDqvjj2OvRv4/Mu
na1gM5qHk8je9Pd562L15Kf2OenuRsydY2cweHf60d8RJgzEUuAHLegO/cd5otJG
VqrDyJPpyjxQSEXw7QmWYIN1a6ihB5qYKBvwfJX9s1kXSi27IrfWLG/H6balt/D8
x1kt+iMOtDLR0OUK2r20KGgc3YKEPtTB/hChVIg8xacREawM35seqpaqXiW7OhcF
Cz+LwN11y56sO2QWxAkyNaTUmubU9IOiiGU4jPYHNc6SfsvXOJutPztPlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG41Aw+/bApEWrMxgqWHeVkTkjWZMB8GA1UdIwQY
MBaAFAxxYeYi9jwNuFaNjLTE18DZgINGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREhGaDVpTDJQQTI0Vm8yTXRNVFh3Tm1BZzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMWYwOGMtMDY1ZS00YWMxLThlODAt
YjE1ZTNmMDllMDFiLzEvYmpVREQ3OXNDa1Jhc3pHQ3BZZDVXUk9TTlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMWYwOGMtMDY1ZS00YWMxLThlODAtYjE1ZTNmMDllMDFi
LzEvREhGaDVpTDJQQTI0Vm8yTXRNVFh3Tm1BZzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwcKMA0G
CSqGSIb3DQEBCwUAA4IBAQCaaVj2hceWENthRF2d3S7FpBB2p2Ibqcd7TIV7Iz/H
n594Qv6o4wNB/JDM21yw/yfHb/QHyVdnp2p/w5dDzvxXZx2H2Ke/yFxj0iTBXV85
BNqgAbWA+0BwzyZm2Uc5KzW1hrCjoV5GH1wTDkgflhB5IdK8hcMDjTMF4+nsPm7F
iobLBq3VTav8eL3Ul6Jl59b0NsCGMlnmyJ7+kSI/dJ+kNsMqD4lSoUdT40/ptsUI
X3myIw6QXqidAf+PXajjZjtDgmKoMrAcU/iHXF6CB5/9wjzEkX0+XW87tHjm6Yh1
qcpUNSMz6LfQG2u7FnX7OyMIJgUdy3P1dN5EhZaCxVuO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org