Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/757eae-f439-4c50-969c-5b6d7bcf8081/1/ZPOWf9UVNmHrC3uEg6Miu9yNlmo.roa
File:                     ZPOWf9UVNmHrC3uEg6Miu9yNlmo.roa (raw, json)
Hash identifier:          303vrvZvAAOFq4V+nl4pq+IZcqoBWtxPq7el2LsuZro=
Subject key identifier:   64:F3:96:7F:D5:15:36:61:EB:0B:7B:84:83:A3:22:BB:DC:8D:96:6A
Certificate issuer:       /CN=6a03e10b6ea3b8f362cfb23aef589c77771e7eca
Certificate serial:       01890641B80E12D9A5F25C61FEEF0F31205F
Authority key identifier: 6A:03:E1:0B:6E:A3:B8:F3:62:CF:B2:3A:EF:58:9C:77:77:1E:7E:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/agPhC26juPNiz7I671icd3cefso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/757eae-f439-4c50-969c-5b6d7bcf8081/1/ZPOWf9UVNmHrC3uEg6Miu9yNlmo.roa
Signing time:             Thu 29 Jun 2023 08:25:17 +0000
ROA not before:           Thu 29 Jun 2023 08:25:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56798
IP address blocks:        195.114.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:06:41:b8:0e:12:d9:a5:f2:5c:61:fe:ef:0f:31:20:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a03e10b6ea3b8f362cfb23aef589c77771e7eca
        Validity
            Not Before: Jun 29 08:25:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64f3967fd5153661eb0b7b8483a322bbdc8d966a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a1:7d:e5:ff:41:b4:70:01:7b:22:4a:6d:61:
                    63:31:ae:ab:2f:c3:3b:51:ac:64:cd:ce:f6:67:1b:
                    63:94:c1:13:58:4b:cf:ed:d3:2a:af:0e:f4:22:e3:
                    4d:ff:82:35:49:26:42:53:1f:d7:34:b2:c2:1b:3e:
                    e5:86:95:fc:e8:d4:6a:9d:cd:08:d1:5e:a9:59:b5:
                    9a:da:49:d1:6f:63:96:89:8a:4f:ac:da:8b:57:ca:
                    64:bc:46:81:39:a3:55:9a:d6:a2:6e:52:a7:de:15:
                    95:60:8f:11:fa:78:e8:4a:88:f7:72:b3:5d:1f:ff:
                    72:f8:b2:ef:0b:c4:f5:d9:ee:66:c6:85:d5:01:dc:
                    1c:f2:8d:c9:2e:b2:a0:00:fe:73:d9:0b:95:ba:86:
                    5e:2c:5a:71:26:35:f2:8b:c5:8a:99:f8:78:50:96:
                    63:28:de:7f:44:7a:47:1a:98:10:05:8e:b2:91:43:
                    35:e3:a2:a5:d2:f5:10:01:08:6c:d3:cc:24:28:a0:
                    ab:9b:7b:a0:4b:82:0d:a9:81:6e:86:4f:c9:c2:aa:
                    c0:49:5e:ab:40:b5:be:f8:92:1b:32:09:63:75:a0:
                    ed:5c:15:ee:e6:ba:f3:3d:9d:89:0a:40:09:65:8f:
                    d6:c4:c5:1b:be:65:7a:9f:5a:dc:ba:57:3f:b0:83:
                    ea:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:F3:96:7F:D5:15:36:61:EB:0B:7B:84:83:A3:22:BB:DC:8D:96:6A
            X509v3 Authority Key Identifier:
                keyid:6A:03:E1:0B:6E:A3:B8:F3:62:CF:B2:3A:EF:58:9C:77:77:1E:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agPhC26juPNiz7I671icd3cefso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/757eae-f439-4c50-969c-5b6d7bcf8081/1/ZPOWf9UVNmHrC3uEg6Miu9yNlmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/757eae-f439-4c50-969c-5b6d7bcf8081/1/agPhC26juPNiz7I671icd3cefso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.114.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:ff:fa:76:b6:dc:e8:11:e9:09:9d:7b:6a:97:3f:ac:e7:e4:
         f2:94:76:e4:c3:04:c9:85:ce:94:c2:82:b7:fb:99:1e:1b:45:
         eb:66:10:bc:49:bb:ee:2c:06:ef:7a:d7:fc:c3:ac:57:09:19:
         6f:11:eb:73:e6:51:c8:5a:33:4c:db:1c:de:d7:d9:ff:53:af:
         b9:fa:02:12:af:bd:1e:3a:dd:13:33:f2:ca:27:fb:4e:8b:23:
         06:ee:3d:d2:03:71:88:83:d7:82:1a:1f:76:5e:4c:c3:70:7f:
         50:15:5e:a9:65:66:ea:26:f0:15:68:0c:f8:34:1c:cb:4b:9a:
         57:b6:65:9d:e3:be:78:82:04:b5:e5:fd:e9:e9:2a:8f:d8:59:
         92:9d:ce:4b:62:ae:3c:84:c9:86:63:15:59:18:3f:87:cf:d9:
         bb:e9:3c:89:a5:e4:dd:9a:be:80:2e:9f:33:7e:9d:d2:a7:8b:
         50:3c:50:0a:a8:e2:6a:71:05:2b:12:f3:1f:ce:25:2d:2d:cf:
         c8:34:e2:32:bd:ac:e4:c7:05:66:17:92:09:43:38:a0:10:dd:
         f4:91:00:62:d5:03:79:b1:43:1f:83:4c:f2:af:0f:09:cf:42:
         8a:0a:6c:93:bb:8a:54:1e:ca:fb:73:38:cb:f1:ec:35:71:0e:
         15:5f:2f:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkGQbgOEtml8lxh/u8PMSBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMDNlMTBiNmVhM2I4ZjM2MmNmYjIzYWVmNTg5Yzc3Nzcx
ZTdlY2EwHhcNMjMwNjI5MDgyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGYzOTY3ZmQ1MTUzNjYxZWIwYjdiODQ4M2EzMjJiYmRjOGQ5NjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6F95f9BtHABeyJKbWFjMa6rL8M7
Uaxkzc72ZxtjlMETWEvP7dMqrw70IuNN/4I1SSZCUx/XNLLCGz7lhpX86NRqnc0I
0V6pWbWa2knRb2OWiYpPrNqLV8pkvEaBOaNVmtaiblKn3hWVYI8R+njoSoj3crNd
H/9y+LLvC8T12e5mxoXVAdwc8o3JLrKgAP5z2QuVuoZeLFpxJjXyi8WKmfh4UJZj
KN5/RHpHGpgQBY6ykUM146Kl0vUQAQhs08wkKKCrm3ugS4INqYFuhk/JwqrASV6r
QLW++JIbMgljdaDtXBXu5rrzPZ2JCkAJZY/WxMUbvmV6n1rculc/sIPqeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTzln/VFTZh6wt7hIOjIrvcjZZqMB8GA1UdIwQY
MBaAFGoD4Qtuo7jzYs+yOu9YnHd3Hn7KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWdQaEMyNmp1UE5pejdJNjcxaWNkM2NlZnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83NTdlYWUtZjQzOS00YzUwLTk2OWMt
NWI2ZDdiY2Y4MDgxLzEvWlBPV2Y5VVZObUhyQzN1RWc2TWl1OXlObG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83NTdlYWUtZjQzOS00YzUwLTk2OWMtNWI2ZDdiY2Y4MDgx
LzEvYWdQaEMyNmp1UE5pejdJNjcxaWNkM2NlZnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3J9MA0G
CSqGSIb3DQEBCwUAA4IBAQBk//p2ttzoEekJnXtqlz+s5+TylHbkwwTJhc6UwoK3
+5keG0XrZhC8SbvuLAbvetf8w6xXCRlvEetz5lHIWjNM2xze19n/U6+5+gISr70e
Ot0TM/LKJ/tOiyMG7j3SA3GIg9eCGh92XkzDcH9QFV6pZWbqJvAVaAz4NBzLS5pX
tmWd4754ggS15f3p6SqP2FmSnc5LYq48hMmGYxVZGD+Hz9m76TyJpeTdmr6ALp8z
fp3Sp4tQPFAKqOJqcQUrEvMfziUtLc/INOIyvazkxwVmF5IJQzigEN30kQBi1QN5
sUMfg0zyrw8Jz0KKCmyTu4pUHsr7czjL8ew1cQ4VXy8A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:48 2024 by rpki-client on console-ams.rpki-client.org