Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/b7NFK4_C9u5QDBr3d16f7monRe0.roa
File:                     b7NFK4_C9u5QDBr3d16f7monRe0.roa (raw, json)
Hash identifier:          VVZim+x7Z+dBjOk2QZhReuZKnCPGTem33TU8d863oiI=
Subject key identifier:   6F:B3:45:2B:8F:C2:F6:EE:50:0C:1A:F7:77:5E:9F:EE:6A:27:45:ED
Certificate issuer:       /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial:       01892C338EBBC2EE8281F0A19E2513D70DFB
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/b7NFK4_C9u5QDBr3d16f7monRe0.roa
Signing time:             Thu 06 Jul 2023 17:15:23 +0000
ROA not before:           Thu 06 Jul 2023 17:15:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        195.114.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 08:49:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2c:33:8e:bb:c2:ee:82:81:f0:a1:9e:25:13:d7:0d:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
        Validity
            Not Before: Jul  6 17:15:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6fb3452b8fc2f6ee500c1af7775e9fee6a2745ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:27:4a:6f:8d:f1:4a:ef:de:55:3f:67:70:45:
                    68:f9:b6:3e:8a:b2:96:0d:8d:42:90:ff:4d:9c:27:
                    39:bb:cc:d3:d5:d8:c6:af:a0:39:e0:0a:38:a2:5b:
                    97:eb:22:70:67:25:b3:92:0d:d0:02:6d:7e:43:5e:
                    a6:2c:f0:6d:ef:e8:1d:6c:14:06:54:40:d9:92:01:
                    b2:75:09:aa:60:a6:e8:0c:e0:4e:ae:d1:e0:cc:cf:
                    fd:4d:d9:52:01:51:a4:b7:79:2c:4f:65:c4:90:52:
                    57:fc:3d:f9:75:6c:d3:c9:9a:3d:ef:ef:30:bd:9a:
                    fc:d1:40:fd:2a:3e:c9:84:fc:79:eb:57:f1:1f:57:
                    57:8a:37:cc:c0:f1:9e:95:bc:47:9c:f2:ca:fa:fc:
                    8c:38:ac:4b:d5:a4:6f:77:99:05:34:92:0f:03:1c:
                    03:df:21:37:c7:35:db:cc:dd:5b:43:da:ce:f2:08:
                    98:4c:37:71:fe:42:b9:9f:1e:a9:35:5b:1f:98:61:
                    8c:ba:51:80:6c:2e:22:16:9f:17:d4:21:e4:b2:ac:
                    85:8d:12:4a:f4:73:00:4d:ba:38:2b:83:e0:68:96:
                    2e:8d:69:9c:42:c2:46:02:7c:c2:50:73:f1:44:3a:
                    13:a3:d4:6c:68:3f:36:4e:05:5a:5f:fd:0c:35:59:
                    b8:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:B3:45:2B:8F:C2:F6:EE:50:0C:1A:F7:77:5E:9F:EE:6A:27:45:ED
            X509v3 Authority Key Identifier:
                keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/b7NFK4_C9u5QDBr3d16f7monRe0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.114.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:5d:a3:0d:cb:96:25:37:5b:59:74:a6:94:98:7c:e4:a3:a2:
         59:db:73:9b:b4:d4:97:76:4a:4f:48:ec:4e:2c:37:16:8a:68:
         a9:24:89:bc:30:b1:c2:1f:0e:c4:b0:98:d6:98:34:37:55:c2:
         5b:3e:71:e8:66:90:32:4a:26:c2:48:60:f2:b5:96:a8:67:89:
         7d:d5:01:4d:94:48:c7:72:8e:fd:34:1f:c3:ce:84:49:b0:9b:
         f5:dd:fd:0b:8a:1f:5c:ce:3a:bb:48:78:be:f1:21:36:8b:fb:
         6f:eb:0f:13:1d:88:a4:92:04:c6:5e:a4:21:06:0b:02:3f:dd:
         35:64:0e:c4:85:46:a3:c1:69:1f:90:5e:b3:7d:92:0b:1a:e9:
         1e:e0:53:1e:1d:89:6e:ff:a8:8a:ff:42:63:67:c2:bd:ce:38:
         c1:06:65:a2:9e:ef:50:13:d8:d9:ed:fb:8b:9c:58:d3:96:82:
         d5:3e:77:ee:0d:05:0e:77:25:7b:ae:d8:88:16:e5:d8:1c:54:
         b1:07:57:f7:35:83:86:d2:30:58:18:3a:3c:e6:78:ff:58:ee:
         3c:c5:21:aa:91:c2:b2:ea:1d:6b:e4:25:3d:f0:d5:2c:e3:88:
         24:b1:06:45:7b:d2:34:2f:cb:ca:81:76:a1:a5:e6:2e:6a:ba:
         7a:a4:f7:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYksM467wu6CgfChniUT1w37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwNzA2MTcxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmIzNDUyYjhmYzJmNmVlNTAwYzFhZjc3NzVlOWZlZTZhMjc0NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSdKb43xSu/eVT9ncEVo+bY+irKW
DY1CkP9NnCc5u8zT1djGr6A54Ao4oluX6yJwZyWzkg3QAm1+Q16mLPBt7+gdbBQG
VEDZkgGydQmqYKboDOBOrtHgzM/9TdlSAVGkt3ksT2XEkFJX/D35dWzTyZo97+8w
vZr80UD9Kj7JhPx561fxH1dXijfMwPGelbxHnPLK+vyMOKxL1aRvd5kFNJIPAxwD
3yE3xzXbzN1bQ9rO8giYTDdx/kK5nx6pNVsfmGGMulGAbC4iFp8X1CHksqyFjRJK
9HMATbo4K4PgaJYujWmcQsJGAnzCUHPxRDoTo9RsaD82TgVaX/0MNVm4uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+zRSuPwvbuUAwa93den+5qJ0XtMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvYjdORks0X0M5dTVRREJyM2QxNmY3bW9uUmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3LHMA0G
CSqGSIb3DQEBCwUAA4IBAQCzXaMNy5YlN1tZdKaUmHzko6JZ23ObtNSXdkpPSOxO
LDcWimipJIm8MLHCHw7EsJjWmDQ3VcJbPnHoZpAySibCSGDytZaoZ4l91QFNlEjH
co79NB/DzoRJsJv13f0Lih9czjq7SHi+8SE2i/tv6w8THYikkgTGXqQhBgsCP901
ZA7EhUajwWkfkF6zfZILGuke4FMeHYlu/6iK/0JjZ8K9zjjBBmWinu9QE9jZ7fuL
nFjTloLVPnfuDQUOdyV7rtiIFuXYHFSxB1f3NYOG0jBYGDo85nj/WO48xSGqkcKy
6h1r5CU98NUs44gksQZFe9I0L8vKgXahpeYuarp6pPfI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:18 2024 by rpki-client on console-fra.rpki-client.org