Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/AwzuvXp76K3tTyLw4WWKwkIFWz4.roa
File:                     AwzuvXp76K3tTyLw4WWKwkIFWz4.roa (raw, json)
Hash identifier:          5PMWrMYLwaFAFJYWCH+/ODGCDjJfKy+3wGqT0gBr7T0=
Subject key identifier:   03:0C:EE:BD:7A:7B:E8:AD:ED:4F:22:F0:E1:65:8A:C2:42:05:5B:3E
Certificate issuer:       /CN=626d24d6bf353963fe5afa25b0a59667152a86d0
Certificate serial:       01856E0AF61625A107BC9E506AB701897967
Authority key identifier: 62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/AwzuvXp76K3tTyLw4WWKwkIFWz4.roa
Signing time:             Sun 01 Jan 2023 15:54:50 +0000
ROA not before:           Sun 01 Jan 2023 15:54:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5518
IP address blocks:        195.10.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:0a:f6:16:25:a1:07:bc:9e:50:6a:b7:01:89:79:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=626d24d6bf353963fe5afa25b0a59667152a86d0
        Validity
            Not Before: Jan  1 15:54:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=030ceebd7a7be8aded4f22f0e1658ac242055b3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:04:c2:a6:70:11:92:1a:5f:e2:94:76:d1:0f:
                    95:be:ed:cb:d2:46:7a:10:0c:bd:4e:b2:8d:9f:bc:
                    cf:b5:ba:b5:7f:7c:d0:19:4d:cb:31:46:33:8d:a8:
                    dc:83:a6:b0:8e:cd:c3:af:ab:e9:62:33:31:22:96:
                    7b:37:f1:09:af:d3:78:28:42:e5:8e:14:b3:f4:4e:
                    8c:85:49:7d:6f:2d:c1:c8:6f:42:8f:89:11:0c:9a:
                    0b:d8:52:58:bf:56:0b:c2:af:ff:69:d2:63:8f:47:
                    e7:6c:af:ef:44:dd:8f:bf:1b:bc:03:8e:11:2d:9d:
                    de:eb:29:ab:ff:24:d3:64:dd:36:20:4b:f0:c8:e1:
                    a6:32:49:4c:83:4b:05:f6:98:03:a7:91:44:c6:01:
                    60:01:66:d4:97:42:25:38:ed:6b:1f:1a:b4:6d:ae:
                    48:b1:99:a4:00:09:0d:9f:a9:d4:ef:d1:e6:86:35:
                    78:a1:02:05:0d:25:a5:fd:ae:79:a6:41:dc:0c:09:
                    b9:34:d9:37:6f:bb:b6:e5:b7:1b:35:f1:3a:57:dc:
                    2f:d0:b1:81:43:c7:51:9a:54:60:b9:5a:90:9f:ef:
                    f9:fe:89:e4:60:4c:2b:e4:e9:01:69:41:ea:8d:ca:
                    62:b5:2d:24:06:af:37:f3:f9:0f:b5:da:1e:a1:25:
                    b1:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:0C:EE:BD:7A:7B:E8:AD:ED:4F:22:F0:E1:65:8A:C2:42:05:5B:3E
            X509v3 Authority Key Identifier:
                keyid:62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/AwzuvXp76K3tTyLw4WWKwkIFWz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e3:0a:a5:0b:4b:b2:e1:15:fb:d1:43:da:4e:db:68:4e:28:7c:
         da:c8:00:f5:0b:af:97:aa:c5:44:9f:4d:04:20:31:6e:bf:7c:
         3b:28:5f:72:40:4d:02:56:aa:32:b8:ee:ef:2a:49:65:5e:31:
         5d:44:c9:89:4f:a4:5a:51:74:46:0d:79:ba:7b:86:ab:1b:37:
         af:31:43:b3:64:3b:83:bc:4c:7d:23:72:e0:75:08:c2:2a:a5:
         e6:44:fb:53:ee:cb:23:d6:42:6b:fa:ac:a4:cd:10:f9:7c:d9:
         a2:c3:49:5d:df:4f:0f:6d:af:72:69:8f:d4:ec:31:c5:42:e8:
         ba:db:81:36:34:e2:14:c7:64:1b:f6:30:63:d1:b4:72:d6:75:
         46:70:12:10:43:09:df:9c:ed:57:70:70:0f:7c:43:2a:fc:a9:
         a3:b1:3a:4c:33:65:30:18:bf:da:dd:bf:a4:18:23:ee:d8:45:
         ed:83:22:60:ce:63:1b:63:de:1a:5f:08:04:d6:2a:72:b8:83:
         25:d8:7d:68:48:98:cb:3e:ea:43:58:d7:a3:53:fe:53:d2:33:
         0b:c0:09:5c:63:40:ed:a2:4b:b7:0c:66:86:09:97:63:ab:69:
         d1:d4:ab:3d:d9:58:8d:97:01:cf:d8:6a:6e:33:2f:24:72:5e:
         13:b2:b4:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuCvYWJaEHvJ5QarcBiXlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmQyNGQ2YmYzNTM5NjNmZTVhZmEyNWIwYTU5NjY3MTUy
YTg2ZDAwHhcNMjMwMTAxMTU1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzBjZWViZDdhN2JlOGFkZWQ0ZjIyZjBlMTY1OGFjMjQyMDU1YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgTCpnARkhpf4pR20Q+Vvu3L0kZ6
EAy9TrKNn7zPtbq1f3zQGU3LMUYzjajcg6awjs3Dr6vpYjMxIpZ7N/EJr9N4KELl
jhSz9E6MhUl9by3ByG9Cj4kRDJoL2FJYv1YLwq//adJjj0fnbK/vRN2Pvxu8A44R
LZ3e6ymr/yTTZN02IEvwyOGmMklMg0sF9pgDp5FExgFgAWbUl0IlOO1rHxq0ba5I
sZmkAAkNn6nU79HmhjV4oQIFDSWl/a55pkHcDAm5NNk3b7u25bcbNfE6V9wv0LGB
Q8dRmlRguVqQn+/5/onkYEwr5OkBaUHqjcpitS0kBq838/kPtdoeoSWx+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMM7r16e+it7U8i8OFlisJCBVs+MB8GA1UdIwQY
MBaAFGJtJNa/NTlj/lr6JbCllmcVKobQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEt
YWM4MDliYmFlNzM3LzEvQXd6dXZYcDc2SzN0VHlMdzRXV0t3a0lGV3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEtYWM4MDliYmFlNzM3
LzEvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrYMA0G
CSqGSIb3DQEBCwUAA4IBAQDjCqULS7LhFfvRQ9pO22hOKHzayAD1C6+XqsVEn00E
IDFuv3w7KF9yQE0CVqoyuO7vKkllXjFdRMmJT6RaUXRGDXm6e4arGzevMUOzZDuD
vEx9I3LgdQjCKqXmRPtT7ssj1kJr+qykzRD5fNmiw0ld308Pba9yaY/U7DHFQui6
24E2NOIUx2Qb9jBj0bRy1nVGcBIQQwnfnO1XcHAPfEMq/KmjsTpMM2UwGL/a3b+k
GCPu2EXtgyJgzmMbY94aXwgE1ipyuIMl2H1oSJjLPupDWNejU/5T0jMLwAlcY0Dt
oku3DGaGCZdjq2nR1Ks92ViNlwHP2GpuMy8kcl4TsrQp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org