Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/4Px68PCg2qM5QYJtHeKesApT1Qw.roa
File:                     4Px68PCg2qM5QYJtHeKesApT1Qw.roa (raw, json)
Hash identifier:          XGPyJQds6VX1fGiYqVlGog6ZPjLSNmk6xS9u/WcJexw=
Subject key identifier:   E0:FC:7A:F0:F0:A0:DA:A3:39:41:82:6D:1D:E2:9E:B0:0A:53:D5:0C
Certificate issuer:       /CN=13764a52c85e07e33749743d23a5a24d096df147
Certificate serial:       01890239EBF1305AF56DA8451EBFB6D5F8B1
Authority key identifier: 13:76:4A:52:C8:5E:07:E3:37:49:74:3D:23:A5:A2:4D:09:6D:F1:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/4Px68PCg2qM5QYJtHeKesApT1Qw.roa
Signing time:             Wed 28 Jun 2023 13:38:17 +0000
ROA not before:           Wed 28 Jun 2023 13:38:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        185.147.148.0/22 maxlen: 24
                          95.131.240.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:02:39:eb:f1:30:5a:f5:6d:a8:45:1e:bf:b6:d5:f8:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13764a52c85e07e33749743d23a5a24d096df147
        Validity
            Not Before: Jun 28 13:38:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0fc7af0f0a0daa33941826d1de29eb00a53d50c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3c:49:82:9e:05:03:f6:a3:df:c6:98:6d:5f:
                    99:6b:d1:0f:34:b2:b8:8e:3b:1b:e6:d1:04:07:93:
                    e7:1f:78:23:a5:07:81:eb:42:eb:e4:21:6a:62:07:
                    bd:4f:e5:14:71:28:0d:e5:fd:9f:87:14:4f:69:b7:
                    72:f3:f3:d4:e8:1f:b6:c4:38:2c:82:d9:30:07:70:
                    5b:dd:d3:e4:3c:90:7b:28:eb:52:2c:00:a5:a1:b8:
                    c9:d8:97:30:21:20:1e:97:3c:da:ab:7c:98:66:4f:
                    a8:19:72:e1:3e:13:62:d3:a1:f5:4a:89:d7:26:cb:
                    fd:a3:f7:16:58:20:71:1e:c6:86:04:67:ba:7f:f9:
                    62:c3:df:52:5c:a4:8f:c1:18:80:7f:72:86:34:2b:
                    34:60:26:35:bf:d7:b4:c1:2f:67:62:bc:8a:c2:7c:
                    8f:b1:b6:5c:22:d7:7a:a0:8b:01:dd:cf:d3:21:8f:
                    ed:4a:15:8b:50:34:e8:69:e8:fd:8a:95:0b:c6:2f:
                    c3:26:dd:9b:cb:3f:43:0d:7e:1b:ae:7c:87:3b:16:
                    ea:96:20:96:8d:ad:65:ec:a8:3c:ff:54:2b:f0:8e:
                    2e:e7:0d:a2:cc:46:ef:c9:7e:ea:ea:f3:e2:89:6c:
                    f3:db:0e:bd:f1:05:c3:cd:1c:68:5e:cd:36:13:f5:
                    eb:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:FC:7A:F0:F0:A0:DA:A3:39:41:82:6D:1D:E2:9E:B0:0A:53:D5:0C
            X509v3 Authority Key Identifier:
                keyid:13:76:4A:52:C8:5E:07:E3:37:49:74:3D:23:A5:A2:4D:09:6D:F1:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/4Px68PCg2qM5QYJtHeKesApT1Qw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.131.240.0/21
                  185.147.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:f4:d3:91:c0:68:b1:7d:a9:03:79:f0:f8:d6:2d:72:eb:a2:
         09:ea:52:cc:db:2f:25:a4:ee:18:01:c5:db:7a:17:89:b0:d8:
         88:87:12:74:8a:8e:77:7d:63:dc:a3:89:2e:2d:9d:3f:62:1f:
         fc:ba:68:b8:54:a6:02:27:be:ae:38:02:1d:ea:63:a4:43:5b:
         19:4f:90:8d:ac:c7:e1:79:af:44:88:fa:33:94:43:c5:d0:bc:
         2f:da:05:2c:d3:25:3f:a4:a1:04:29:85:a6:be:f5:8c:4c:70:
         34:c3:9f:99:e1:86:b5:4f:45:e3:f8:47:85:d2:95:49:c5:50:
         ea:ef:6c:38:50:8a:33:0c:d4:8c:0b:30:3d:90:f1:30:03:54:
         64:08:ff:7f:82:94:41:fb:68:ea:a1:af:8b:69:f0:26:75:d3:
         c1:b7:b5:e5:2e:8e:74:aa:a6:df:07:a0:03:61:21:b3:de:8b:
         fd:b0:27:42:9c:43:d1:e6:c5:03:85:9a:37:b7:4c:94:02:dc:
         24:e4:74:8c:53:65:e8:05:18:7b:c0:01:eb:99:c0:be:8c:fc:
         4d:a5:73:d4:47:e0:d8:26:f2:d6:b4:50:63:a8:2b:dc:45:f3:
         0f:4b:41:ef:0e:ab:8b:4b:b7:1c:97:97:26:c5:8b:b3:f9:d6:
         9d:5c:48:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkCOevxMFr1bahFHr+21fixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzY0YTUyYzg1ZTA3ZTMzNzQ5NzQzZDIzYTVhMjRkMDk2
ZGYxNDcwHhcNMjMwNjI4MTMzODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGZjN2FmMGYwYTBkYWEzMzk0MTgyNmQxZGUyOWViMDBhNTNkNTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzxJgp4FA/aj38aYbV+Za9EPNLK4
jjsb5tEEB5PnH3gjpQeB60Lr5CFqYge9T+UUcSgN5f2fhxRPabdy8/PU6B+2xDgs
gtkwB3Bb3dPkPJB7KOtSLAClobjJ2JcwISAelzzaq3yYZk+oGXLhPhNi06H1SonX
Jsv9o/cWWCBxHsaGBGe6f/liw99SXKSPwRiAf3KGNCs0YCY1v9e0wS9nYryKwnyP
sbZcItd6oIsB3c/TIY/tShWLUDToaej9ipULxi/DJt2byz9DDX4brnyHOxbqliCW
ja1l7Kg8/1Qr8I4u5w2izEbvyX7q6vPiiWzz2w698QXDzRxoXs02E/XrVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOD8evDwoNqjOUGCbR3inrAKU9UMMB8GA1UdIwQY
MBaAFBN2SlLIXgfjN0l0PSOlok0JbfFHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNaS1VzaGVCLU0zU1hROUk2V2lUUWx0OFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lNGU1MzEtNmJlZS00MTg5LWJhN2Mt
MjAzZTQ1NjE2MzA2LzEvNFB4NjhQQ2cycU01UVlKdEhlS2VzQXBUMVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lNGU1MzEtNmJlZS00MTg5LWJhN2MtMjAzZTQ1NjE2MzA2
LzEvRTNaS1VzaGVCLU0zU1hROUk2V2lUUWx0OFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4PwAwQC
uZOUMA0GCSqGSIb3DQEBCwUAA4IBAQCT9NORwGixfakDefD41i1y66IJ6lLM2y8l
pO4YAcXbeheJsNiIhxJ0io53fWPco4kuLZ0/Yh/8umi4VKYCJ76uOAId6mOkQ1sZ
T5CNrMfhea9EiPozlEPF0Lwv2gUs0yU/pKEEKYWmvvWMTHA0w5+Z4Ya1T0Xj+EeF
0pVJxVDq72w4UIozDNSMCzA9kPEwA1RkCP9/gpRB+2jqoa+LafAmddPBt7XlLo50
qqbfB6ADYSGz3ov9sCdCnEPR5sUDhZo3t0yUAtwk5HSMU2XoBRh7wAHrmcC+jPxN
pXPUR+DYJvLWtFBjqCvcRfMPS0HvDquLS7ccl5cmxYuz+dadXEg6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:53 2024 by rpki-client on console-ams.rpki-client.org