Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/e0cf43-e4c0-46f7-bde8-16fd5ba4f0e4/1/A1Fe98SHqyJoDRMHmmrLk5Iit70.roa
File:                     A1Fe98SHqyJoDRMHmmrLk5Iit70.roa (raw, json)
Hash identifier:          mEsTFtsQ6IG4tN0fq883hJijrhpWs034M4XKjn4STus=
Subject key identifier:   03:51:5E:F7:C4:87:AB:22:68:0D:13:07:9A:6A:CB:93:92:22:B7:BD
Certificate issuer:       /CN=495e500149ce8d71b9604b589e0c32fea07a98b8
Certificate serial:       018E2E480EA53798AC09A73392A9DD2EA4B9
Authority key identifier: 49:5E:50:01:49:CE:8D:71:B9:60:4B:58:9E:0C:32:FE:A0:7A:98:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SV5QAUnOjXG5YEtYngwy_qB6mLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/e0cf43-e4c0-46f7-bde8-16fd5ba4f0e4/1/A1Fe98SHqyJoDRMHmmrLk5Iit70.roa
Signing time:             Mon 11 Mar 2024 16:10:58 +0000
ROA not before:           Mon 11 Mar 2024 16:10:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212150
IP address blocks:        195.182.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 Apr 2024 06:04:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:2e:48:0e:a5:37:98:ac:09:a7:33:92:a9:dd:2e:a4:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=495e500149ce8d71b9604b589e0c32fea07a98b8
        Validity
            Not Before: Mar 11 16:10:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=03515ef7c487ab22680d13079a6acb939222b7bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:e4:d2:e8:25:8f:0b:4c:d9:e9:1f:5c:b5:e3:
                    dc:ea:1c:e4:af:9a:f6:84:8e:29:40:98:e3:4a:67:
                    76:12:eb:c9:99:8c:ac:34:b9:b2:2f:a6:39:65:7b:
                    88:7e:15:3c:6e:40:7a:19:c2:a6:0c:be:ae:cb:2d:
                    0f:b6:75:01:cd:90:b9:50:3b:77:66:36:5d:5c:b9:
                    dd:fa:34:cc:3c:9f:ab:10:92:6b:70:84:ee:40:54:
                    96:ee:e6:dc:7b:4f:2e:be:f4:05:8a:13:1d:6f:c7:
                    24:de:76:a7:15:23:43:c4:d7:36:33:d0:36:e3:fb:
                    ec:a5:f3:9d:cf:f0:35:25:99:a4:a0:db:b0:3d:df:
                    f4:c0:5d:4e:06:69:e9:d1:be:61:87:7b:a5:48:a4:
                    46:f9:1b:88:61:dd:66:3a:3d:7d:ce:50:7a:f8:f7:
                    8e:9a:a8:ae:f2:c8:07:01:ae:ac:c3:b4:0b:30:fc:
                    f8:63:aa:72:bb:ac:d4:2d:72:0d:b2:12:6d:7d:ec:
                    3e:e8:49:2c:b4:0a:63:20:b9:1a:de:c2:ad:2c:6c:
                    e4:1b:ad:c5:98:8f:8d:e8:3b:65:9d:ce:ef:79:c7:
                    40:42:82:36:df:3c:9e:a9:8d:19:a2:c3:d7:c2:6d:
                    48:1d:ed:d6:e5:3b:8b:0f:5e:e6:5a:30:3b:21:f3:
                    7e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:51:5E:F7:C4:87:AB:22:68:0D:13:07:9A:6A:CB:93:92:22:B7:BD
            X509v3 Authority Key Identifier:
                keyid:49:5E:50:01:49:CE:8D:71:B9:60:4B:58:9E:0C:32:FE:A0:7A:98:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SV5QAUnOjXG5YEtYngwy_qB6mLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e0cf43-e4c0-46f7-bde8-16fd5ba4f0e4/1/A1Fe98SHqyJoDRMHmmrLk5Iit70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e0cf43-e4c0-46f7-bde8-16fd5ba4f0e4/1/SV5QAUnOjXG5YEtYngwy_qB6mLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.182.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:68:f4:de:5d:39:4f:15:43:98:fe:79:6d:9c:f3:f2:08:08:
         93:94:7d:01:b3:60:40:3a:20:c5:57:4a:37:a0:68:55:51:e9:
         eb:bf:01:51:7c:79:cd:57:02:d7:df:58:23:25:a0:e1:00:21:
         02:51:7a:ec:3c:5f:1b:23:47:18:0f:93:54:c0:8e:6c:f6:f5:
         15:de:1a:c7:9c:f1:48:2f:53:84:35:c2:d3:c7:b9:6a:e3:b7:
         49:b0:6f:e6:9a:63:0f:c9:4c:ed:46:6a:ab:78:ce:b9:2d:20:
         4f:03:43:bf:34:e8:e3:24:aa:36:02:9e:b3:c4:dd:8f:66:f5:
         c2:60:83:86:ec:7f:a6:6e:ab:1d:14:d1:3c:16:bf:70:e7:bc:
         a5:14:79:16:12:64:1e:60:2d:5b:9a:ee:b8:86:02:9f:76:1f:
         1e:26:13:70:a8:66:a6:99:54:71:38:f5:c5:0a:68:be:e4:da:
         3f:3b:8b:06:8e:cf:e4:8c:9d:d1:9d:4e:0f:8f:2d:37:5f:98:
         40:a4:bd:32:49:ee:11:0d:33:f5:32:8a:ad:1d:b0:3d:14:3b:
         36:fc:33:ac:dd:15:ff:a5:49:fe:05:05:12:d4:9b:45:6f:4a:
         51:37:cb:8c:0c:c9:2e:61:81:52:46:be:08:d5:a4:af:7d:05:
         1d:0c:13:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4uSA6lN5isCaczkqndLqS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NWU1MDAxNDljZThkNzFiOTYwNGI1ODllMGMzMmZlYTA3
YTk4YjgwHhcNMjQwMzExMTYxMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzUxNWVmN2M0ODdhYjIyNjgwZDEzMDc5YTZhY2I5MzkyMjJiN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+TS6CWPC0zZ6R9ctePc6hzkr5r2
hI4pQJjjSmd2EuvJmYysNLmyL6Y5ZXuIfhU8bkB6GcKmDL6uyy0PtnUBzZC5UDt3
ZjZdXLnd+jTMPJ+rEJJrcITuQFSW7ubce08uvvQFihMdb8ck3nanFSNDxNc2M9A2
4/vspfOdz/A1JZmkoNuwPd/0wF1OBmnp0b5hh3ulSKRG+RuIYd1mOj19zlB6+PeO
mqiu8sgHAa6sw7QLMPz4Y6pyu6zULXINshJtfew+6EkstApjILka3sKtLGzkG63F
mI+N6Dtlnc7vecdAQoI23zyeqY0ZosPXwm1IHe3W5TuLD17mWjA7IfN+QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANRXvfEh6siaA0TB5pqy5OSIre9MB8GA1UdIwQY
MBaAFEleUAFJzo1xuWBLWJ4MMv6gepi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1Y1UUFVbk9qWEc1WUV0WW5nd3lfcUI2bUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lMGNmNDMtZTRjMC00NmY3LWJkZTgt
MTZmZDViYTRmMGU0LzEvQTFGZTk4U0hxeUpvRFJNSG1tckxrNUlpdDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lMGNmNDMtZTRjMC00NmY3LWJkZTgtMTZmZDViYTRmMGU0
LzEvU1Y1UUFVbk9qWEc1WUV0WW5nd3lfcUI2bUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7YZMA0G
CSqGSIb3DQEBCwUAA4IBAQBSaPTeXTlPFUOY/nltnPPyCAiTlH0Bs2BAOiDFV0o3
oGhVUenrvwFRfHnNVwLX31gjJaDhACECUXrsPF8bI0cYD5NUwI5s9vUV3hrHnPFI
L1OENcLTx7lq47dJsG/mmmMPyUztRmqreM65LSBPA0O/NOjjJKo2Ap6zxN2PZvXC
YIOG7H+mbqsdFNE8Fr9w57ylFHkWEmQeYC1bmu64hgKfdh8eJhNwqGammVRxOPXF
Cmi+5No/O4sGjs/kjJ3RnU4Pjy03X5hApL0ySe4RDTP1MoqtHbA9FDs2/DOs3RX/
pUn+BQUS1JtFb0pRN8uMDMkuYYFSRr4I1aSvfQUdDBMk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:50 2024 by rpki-client on console-fra.rpki-client.org