Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/9KOVMIWjCmnYbQQwAR2ohiDNxwQ.roa
File:                     9KOVMIWjCmnYbQQwAR2ohiDNxwQ.roa (raw, json)
Hash identifier:          x/D+DyDl4lZSdc1HCSOQhDJCpxQlhIOfwnpkVcsyGH4=
Subject key identifier:   F4:A3:95:30:85:A3:0A:69:D8:6D:04:30:01:1D:A8:86:20:CD:C7:04
Certificate issuer:       /CN=ca434d399d93a19d8a8108456c5575096c2ae588
Certificate serial:       018CB0169210801B021C873D5D20EEA94D76
Authority key identifier: CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/9KOVMIWjCmnYbQQwAR2ohiDNxwQ.roa
Signing time:             Thu 28 Dec 2023 11:01:58 +0000
ROA not before:           Thu 28 Dec 2023 11:01:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     196970
IP address blocks:        195.191.228.0/24 maxlen: 24
                          195.191.228.0/23 maxlen: 23
                          195.191.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b0:16:92:10:80:1b:02:1c:87:3d:5d:20:ee:a9:4d:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca434d399d93a19d8a8108456c5575096c2ae588
        Validity
            Not Before: Dec 28 11:01:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4a3953085a30a69d86d0430011da88620cdc704
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:24:cf:32:21:17:f2:8d:57:f3:2c:c8:54:30:
                    47:3d:85:f2:00:db:28:29:ac:d9:6f:aa:74:7e:d0:
                    67:7e:d5:3f:2d:6f:93:70:7f:2f:1a:ba:ff:ea:b0:
                    dd:ad:5c:6d:aa:d5:8e:8a:b9:ac:96:85:2b:e6:b8:
                    4e:da:cc:96:2a:df:6d:65:ff:d6:c0:26:b0:49:1f:
                    23:ca:b5:6c:7e:37:5a:89:16:76:47:e0:78:f4:ea:
                    12:f7:e9:a3:ff:ba:4b:01:a4:10:f9:6f:d7:d9:30:
                    f5:fc:94:6a:3b:33:69:43:fa:2a:21:94:e0:01:6e:
                    09:1d:71:ad:64:48:bb:e8:95:63:9a:bf:ab:9b:61:
                    2b:ae:24:c1:e8:86:c8:ca:1c:4f:e8:aa:e8:d7:11:
                    5d:10:a2:18:de:82:7c:71:d0:89:60:6b:a0:4f:b4:
                    7c:bf:ab:82:3b:64:cb:37:dc:c7:af:01:c5:cd:8b:
                    02:d0:e5:44:24:e7:64:09:cb:c1:7d:91:1d:ff:fa:
                    04:91:92:51:01:d1:35:21:5d:46:fe:97:36:bf:e8:
                    77:d3:19:de:e3:4c:92:8d:ab:76:14:45:85:f4:11:
                    f8:41:7c:21:97:f5:9c:8a:11:b0:68:e7:41:36:01:
                    29:0b:98:00:2d:25:b5:97:42:30:19:79:39:af:c5:
                    38:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:A3:95:30:85:A3:0A:69:D8:6D:04:30:01:1D:A8:86:20:CD:C7:04
            X509v3 Authority Key Identifier:
                keyid:CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/9KOVMIWjCmnYbQQwAR2ohiDNxwQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.191.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2c:b5:23:48:ba:c3:0a:a6:ec:30:7b:33:53:bf:89:67:e4:89:
         25:d2:b8:ae:fd:09:7f:8e:e6:5b:7c:a6:02:5c:29:47:18:78:
         71:98:19:fc:4d:97:23:7a:71:e5:41:d3:b5:53:a7:96:ba:1b:
         4e:0a:f5:12:91:43:57:e7:5c:4a:00:b2:98:b9:cd:16:81:0e:
         55:9b:b8:74:19:da:79:90:43:f3:b1:57:bc:0b:c8:fd:fa:26:
         b9:2f:cf:99:7a:a2:1d:40:68:d8:29:25:ba:b2:08:71:0d:bb:
         c4:bd:f3:03:70:12:93:10:d9:80:78:56:14:44:60:ae:50:90:
         10:62:3f:30:b5:c2:1f:27:26:87:37:1d:06:8a:d7:41:35:fc:
         45:b0:f4:a1:f8:ef:f9:07:8f:8c:e8:93:7c:c8:a0:68:d6:b8:
         f4:5a:20:7c:de:57:19:f0:0e:c6:d5:ad:2c:eb:ce:73:33:94:
         ce:ec:6b:5d:e2:25:9e:f4:66:42:6c:f2:20:52:3f:31:97:4c:
         8e:74:cd:8d:e2:8f:94:0d:46:0a:23:f9:0c:ad:df:9a:6b:b2:
         4d:fc:2c:6c:5c:bd:ea:7e:1c:a5:ff:d8:ff:35:32:ea:8b:34:
         ee:23:8d:e1:c2:4d:60:a1:b7:e3:f6:77:58:e8:1d:39:38:36:
         46:6f:74:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYywFpIQgBsCHIc9XSDuqU12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDM0ZDM5OWQ5M2ExOWQ4YTgxMDg0NTZjNTU3NTA5NmMy
YWU1ODgwHhcNMjMxMjI4MTEwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGEzOTUzMDg1YTMwYTY5ZDg2ZDA0MzAwMTFkYTg4NjIwY2RjNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCTPMiEX8o1X8yzIVDBHPYXyANso
KazZb6p0ftBnftU/LW+TcH8vGrr/6rDdrVxtqtWOirmsloUr5rhO2syWKt9tZf/W
wCawSR8jyrVsfjdaiRZ2R+B49OoS9+mj/7pLAaQQ+W/X2TD1/JRqOzNpQ/oqIZTg
AW4JHXGtZEi76JVjmr+rm2ErriTB6IbIyhxP6Kro1xFdEKIY3oJ8cdCJYGugT7R8
v6uCO2TLN9zHrwHFzYsC0OVEJOdkCcvBfZEd//oEkZJRAdE1IV1G/pc2v+h30xne
40ySjat2FEWF9BH4QXwhl/WcihGwaOdBNgEpC5gALSW1l0IwGXk5r8U4bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSjlTCFowpp2G0EMAEdqIYgzccEMB8GA1UdIwQY
MBaAFMpDTTmdk6GdioEIRWxVdQlsKuWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEt
ZGIyMzY4MjcxOTEzLzEvOUtPVk1JV2pDbW5ZYlFRd0FSMm9oaUROeHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEtZGIyMzY4MjcxOTEz
LzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7/kMA0G
CSqGSIb3DQEBCwUAA4IBAQAstSNIusMKpuwwezNTv4ln5Ikl0riu/Ql/juZbfKYC
XClHGHhxmBn8TZcjenHlQdO1U6eWuhtOCvUSkUNX51xKALKYuc0WgQ5Vm7h0Gdp5
kEPzsVe8C8j9+ia5L8+ZeqIdQGjYKSW6sghxDbvEvfMDcBKTENmAeFYURGCuUJAQ
Yj8wtcIfJyaHNx0GitdBNfxFsPSh+O/5B4+M6JN8yKBo1rj0WiB83lcZ8A7G1a0s
685zM5TO7Gtd4iWe9GZCbPIgUj8xl0yOdM2N4o+UDUYKI/kMrd+aa7JN/CxsXL3q
fhyl/9j/NTLqizTuI43hwk1gobfj9ndY6B05ODZGb3Su
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:16 2024 by rpki-client on console-ams.rpki-client.org