Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/R6vPprH4VGPr8iJviP2zaWJqA_A.roa
File:                     R6vPprH4VGPr8iJviP2zaWJqA_A.roa (raw, json)
Hash identifier:          jrVmMLzpOQhrLak+4VUW5HgJ3Ddhip3tlmgIJFI3CFU=
Subject key identifier:   47:AB:CF:A6:B1:F8:54:63:EB:F2:22:6F:88:FD:B3:69:62:6A:03:F0
Certificate issuer:       /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial:       018D7A07EAA220549A8FCAED0999C846F2E0
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/R6vPprH4VGPr8iJviP2zaWJqA_A.roa
Signing time:             Mon 05 Feb 2024 16:09:15 +0000
ROA not before:           Mon 05 Feb 2024 16:09:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200373
IP address blocks:        95.141.242.0/24 maxlen: 24
                          2a13:3f80::/32 maxlen: 32
                          2a13:3f83::/32 maxlen: 32
                          2a13:3f84::/32 maxlen: 32
                          2a13:3f85::/32 maxlen: 32
                          2a13:3f86::/32 maxlen: 32
                          2a13:3f87::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 17 Feb 2024 20:08:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7a:07:ea:a2:20:54:9a:8f:ca:ed:09:99:c8:46:f2:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
        Validity
            Not Before: Feb  5 16:09:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=47abcfa6b1f85463ebf2226f88fdb369626a03f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:74:c6:34:5d:35:03:e3:76:8a:a9:72:19:2e:
                    38:de:ff:0b:3a:9d:da:a1:b1:a7:e1:bf:f3:ce:8d:
                    20:52:bc:38:c5:ad:09:3f:f4:4e:ae:51:0f:b2:32:
                    66:ac:66:0d:2e:e7:25:3c:b6:2e:10:ec:7e:96:1c:
                    ab:70:be:9b:d9:aa:ae:18:17:22:93:ff:d2:4d:cf:
                    28:b1:aa:cc:44:10:24:f2:71:d6:fb:ac:38:b6:0d:
                    c3:23:1e:fd:20:e3:e9:db:b8:20:6f:6f:fc:92:1c:
                    36:19:33:dc:a5:be:19:22:14:d8:cd:23:a2:c1:a0:
                    b3:8d:83:48:ed:2f:5d:45:74:30:05:bc:ea:ca:7e:
                    4e:37:94:91:4c:6b:36:5a:f0:21:e3:d5:2d:3c:06:
                    48:d5:8c:b5:6c:28:ba:6a:34:7c:14:be:fc:c8:3d:
                    f8:db:c0:4f:a7:7d:64:49:e7:d8:b3:79:43:17:69:
                    97:ee:b3:fa:c3:c8:a4:75:5c:4e:a9:de:7a:0b:b8:
                    c7:20:90:d6:f9:37:28:ff:d6:d9:36:b9:ad:04:58:
                    f9:5a:83:32:68:cb:ca:24:38:7b:62:b3:9d:9c:cb:
                    7e:f7:f8:0e:10:07:8e:10:6f:a3:60:f1:30:56:00:
                    67:1f:b0:d0:33:92:c2:86:fd:ff:bb:aa:07:8b:88:
                    70:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:AB:CF:A6:B1:F8:54:63:EB:F2:22:6F:88:FD:B3:69:62:6A:03:F0
            X509v3 Authority Key Identifier:
                keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/R6vPprH4VGPr8iJviP2zaWJqA_A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.141.242.0/24
                IPv6:
                  2a13:3f80::/32
                  2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         0f:ab:5a:fc:12:e5:f6:db:3a:7b:e5:75:50:a6:7a:58:dc:0e:
         bf:2a:ec:91:f5:9a:d5:26:a6:45:f7:c5:14:15:d4:1a:ce:f7:
         99:ff:08:c8:0c:e1:a7:10:37:3f:3e:f6:c5:02:d9:fe:1e:0e:
         3b:b2:57:dd:1d:94:6f:be:44:d8:75:5b:49:19:31:de:a3:95:
         35:6b:33:2b:fa:cb:04:87:26:d1:ee:a1:d5:cd:c8:c1:af:97:
         30:90:0f:3f:22:b8:7d:66:54:8c:2a:5a:00:c9:d8:0c:6b:47:
         2b:5e:9c:8f:ae:46:d6:ca:7d:e5:7f:a1:d8:16:fa:da:d2:03:
         99:84:2c:b6:9a:5c:a3:0a:0f:0e:f2:1a:c7:9e:43:76:a6:60:
         6b:3c:ed:56:08:df:7b:53:94:e6:39:5b:7f:d3:5c:10:43:17:
         24:d4:20:3c:95:2f:52:bd:c3:63:6c:98:2c:1d:69:de:f0:25:
         13:f2:47:f3:6b:c9:03:90:b1:fc:08:6d:78:55:43:aa:79:9a:
         b2:cd:b4:57:c1:db:38:bd:3c:73:d4:3b:f1:ea:16:f1:f6:56:
         39:40:b8:c7:cd:64:6c:ee:a6:41:d2:34:dd:99:bd:1b:d5:42:
         42:c5:da:17:09:17:57:76:d6:5c:14:48:07:14:64:3a:a7:25:
         8b:1e:e9:b3
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY16B+qiIFSaj8rtCZnIRvLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjQwMjA1MTYwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FiY2ZhNmIxZjg1NDYzZWJmMjIyNmY4OGZkYjM2OTYyNmEwM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3TGNF01A+N2iqlyGS443v8LOp3a
obGn4b/zzo0gUrw4xa0JP/ROrlEPsjJmrGYNLuclPLYuEOx+lhyrcL6b2aquGBci
k//STc8osarMRBAk8nHW+6w4tg3DIx79IOPp27ggb2/8khw2GTPcpb4ZIhTYzSOi
waCzjYNI7S9dRXQwBbzqyn5ON5SRTGs2WvAh49UtPAZI1Yy1bCi6ajR8FL78yD34
28BPp31kSefYs3lDF2mX7rP6w8ikdVxOqd56C7jHIJDW+Tco/9bZNrmtBFj5WoMy
aMvKJDh7YrOdnMt+9/gOEAeOEG+jYPEwVgBnH7DQM5LChv3/u6oHi4hwuQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFEerz6ax+FRj6/Iib4j9s2liagPwMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvUjZ2UHBySDRWR1ByOGlKdmlQMnphV0pxQV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAX43yMB0E
AgACMBcDBQAqEz+AMA4DBQAqEz+DAwUDKhM/gDANBgkqhkiG9w0BAQsFAAOCAQEA
D6ta/BLl9ts6e+V1UKZ6WNwOvyrskfWa1SamRffFFBXUGs73mf8IyAzhpxA3Pz72
xQLZ/h4OO7JX3R2Ub75E2HVbSRkx3qOVNWszK/rLBIcm0e6h1c3Iwa+XMJAPPyK4
fWZUjCpaAMnYDGtHK16cj65G1sp95X+h2Bb62tIDmYQstppcowoPDvIax55DdqZg
azztVgjfe1OU5jlbf9NcEEMXJNQgPJUvUr3DY2yYLB1p3vAlE/JH82vJA5Cx/Aht
eFVDqnmass20V8HbOL08c9Q78eoW8fZWOUC4x81kbO6mQdI03Zm9G9VCQsXaFwkX
V3bWXBRIBxRkOqclix7psw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:11 2024 by rpki-client on console-ams.rpki-client.org