Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/cHeiX9enA2ZoJ33kae1kHmZ1zQ0.roa
File:                     cHeiX9enA2ZoJ33kae1kHmZ1zQ0.roa (raw, json)
Hash identifier:          xWWvXx5RNQp5rP6Tz9Bp6MNNHkJJLJJdcb2483jICP0=
Subject key identifier:   70:77:A2:5F:D7:A7:03:66:68:27:7D:E4:69:ED:64:1E:66:75:CD:0D
Certificate issuer:       /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial:       018573686E8BE120FE66904E9AE9321DF4C5
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/cHeiX9enA2ZoJ33kae1kHmZ1zQ0.roa
Signing time:             Mon 02 Jan 2023 16:55:01 +0000
ROA not before:           Mon 02 Jan 2023 16:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48823
IP address blocks:        95.129.48.0/21 maxlen: 24
                          134.0.24.0/21 maxlen: 24
                          185.11.136.0/22 maxlen: 24
                          2a03:2900::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 28 Dec 2023 03:37:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:68:6e:8b:e1:20:fe:66:90:4e:9a:e9:32:1d:f4:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
        Validity
            Not Before: Jan  2 16:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7077a25fd7a7036668277de469ed641e6675cd0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:45:ea:35:d7:e4:39:d7:a9:f4:16:94:f4:0a:
                    4c:d1:7e:99:37:40:a3:7a:9f:3a:8c:3d:72:05:6a:
                    f2:dd:af:60:d6:5d:fe:09:66:7b:6d:8f:1f:af:40:
                    c4:5c:8b:4f:f2:64:0c:cd:76:79:d0:04:e8:4b:35:
                    3c:8c:1a:df:40:33:34:8a:e5:1d:3a:0b:48:17:35:
                    75:98:22:8e:83:b5:2d:e7:7c:17:85:69:83:97:57:
                    aa:cd:4b:fe:59:3f:f5:fc:8c:60:08:c5:d5:35:cf:
                    42:84:66:d9:13:e6:37:44:08:e1:87:73:e0:8c:14:
                    c5:76:25:bc:9a:ab:84:53:0e:cb:8b:7a:3d:43:53:
                    ed:44:09:b2:42:41:d1:ce:a2:69:df:b7:33:4b:63:
                    c6:a7:be:5c:58:3a:02:d0:d2:83:4e:3b:dc:00:2b:
                    f1:a0:ef:7c:0c:cd:cb:ca:a4:6e:fd:33:40:59:8f:
                    d9:28:63:79:17:3c:ee:75:17:68:6b:07:f9:52:1e:
                    2e:cd:3c:c1:77:e0:f0:8a:09:e3:2c:11:bc:88:fe:
                    92:9a:51:31:85:65:68:1e:70:b9:06:0a:ae:f7:9f:
                    e6:bd:a6:b8:94:17:e2:b3:44:9d:57:f3:40:3a:5e:
                    3a:c3:4c:b9:e2:f4:8a:94:13:2e:0a:bb:97:48:98:
                    d3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:77:A2:5F:D7:A7:03:66:68:27:7D:E4:69:ED:64:1E:66:75:CD:0D
            X509v3 Authority Key Identifier:
                keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/cHeiX9enA2ZoJ33kae1kHmZ1zQ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.129.48.0/21
                  134.0.24.0/21
                  185.11.136.0/22
                IPv6:
                  2a03:2900::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:0d:99:2f:5b:b6:70:3b:91:e2:22:41:85:bb:1e:41:99:f8:
         bb:fa:fd:af:fa:0d:c1:ff:7d:d2:34:a1:09:c5:fd:00:a3:55:
         32:b1:5c:82:01:ae:15:98:ea:66:48:ed:43:09:4e:8a:78:e4:
         fa:fd:fa:04:34:38:1e:70:d4:09:1c:c4:9a:fe:2a:45:33:c8:
         1b:73:5f:02:77:0a:e3:3c:90:cf:91:ff:71:2e:4b:43:5b:41:
         7f:b2:c5:8f:80:74:90:51:c4:10:17:cc:1e:b4:7f:6c:12:2b:
         6a:30:9a:e0:e9:c0:fc:ac:36:fa:c9:74:71:1f:c9:d7:f2:f4:
         08:17:84:86:c0:15:af:32:55:6c:ea:5b:ed:fd:65:73:e5:b6:
         ae:dc:50:1e:40:11:f7:9e:95:cb:31:ce:92:15:ec:35:eb:c3:
         97:42:5e:0f:23:95:eb:46:90:12:5d:86:a9:fe:55:47:1e:6b:
         7d:f0:b6:72:b1:45:b2:85:88:62:a9:4d:c8:ec:2f:76:b7:11:
         72:60:7d:93:f1:8a:01:87:ef:9c:14:12:ad:9b:0b:52:0e:3d:
         e9:d6:19:c7:09:18:68:9a:a5:22:14:27:f8:11:2d:00:98:2a:
         1d:2b:8e:b8:19:32:df:21:b8:c3:45:22:c4:be:00:81:23:3a:
         54:5c:f6:58
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzaG6L4SD+ZpBOmukyHfTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjMwMTAyMTY1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc3YTI1ZmQ3YTcwMzY2NjgyNzdkZTQ2OWVkNjQxZTY2NzVjZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUXqNdfkOdep9BaU9ApM0X6ZN0Cj
ep86jD1yBWry3a9g1l3+CWZ7bY8fr0DEXItP8mQMzXZ50AToSzU8jBrfQDM0iuUd
OgtIFzV1mCKOg7Ut53wXhWmDl1eqzUv+WT/1/IxgCMXVNc9ChGbZE+Y3RAjhh3Pg
jBTFdiW8mquEUw7Li3o9Q1PtRAmyQkHRzqJp37czS2PGp75cWDoC0NKDTjvcACvx
oO98DM3LyqRu/TNAWY/ZKGN5FzzudRdoawf5Uh4uzTzBd+DwignjLBG8iP6SmlEx
hWVoHnC5Bgqu95/mvaa4lBfis0SdV/NAOl46w0y54vSKlBMuCruXSJjTDwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHB3ol/XpwNmaCd95GntZB5mdc0NMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvY0hlaVg5ZW5BMlpvSjMza2FlMWtIbVoxelEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX4EwAwQD
hgAYAwQCuQuIMA0EAgACMAcDBQAqAykAMA0GCSqGSIb3DQEBCwUAA4IBAQCDDZkv
W7ZwO5HiIkGFux5Bmfi7+v2v+g3B/33SNKEJxf0Ao1UysVyCAa4VmOpmSO1DCU6K
eOT6/foENDgecNQJHMSa/ipFM8gbc18CdwrjPJDPkf9xLktDW0F/ssWPgHSQUcQQ
F8wetH9sEitqMJrg6cD8rDb6yXRxH8nX8vQIF4SGwBWvMlVs6lvt/WVz5bau3FAe
QBH3npXLMc6SFew168OXQl4PI5XrRpASXYap/lVHHmt98LZysUWyhYhiqU3I7C92
txFyYH2T8YoBh++cFBKtmwtSDj3p1hnHCRhomqUiFCf4ES0AmCodK464GTLfIbjD
RSLEvgCBIzpUXPZY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:29 2024 by rpki-client on console-ams.rpki-client.org