Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/dKd36jOf2zU_aqpfLz9jmcpbElM.roa
File:                     dKd36jOf2zU_aqpfLz9jmcpbElM.roa (raw, json)
Hash identifier:          l1F2Nqze93tC5fKL9seavGoytEIjbyBbn/N88ybDdog=
Subject key identifier:   74:A7:77:EA:33:9F:DB:35:3F:6A:AA:5F:2F:3F:63:99:CA:5B:12:53
Certificate issuer:       /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial:       01856F14AD254FABBD570351A0699AF58108
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/dKd36jOf2zU_aqpfLz9jmcpbElM.roa
Signing time:             Sun 01 Jan 2023 20:45:04 +0000
ROA not before:           Sun 01 Jan 2023 20:45:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197171
IP address blocks:        195.246.124.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:ad:25:4f:ab:bd:57:03:51:a0:69:9a:f5:81:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
        Validity
            Not Before: Jan  1 20:45:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=74a777ea339fdb353f6aaa5f2f3f6399ca5b1253
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d0:4e:c4:9d:42:6f:f1:19:0e:9a:da:c2:87:
                    88:ac:cf:d3:7c:16:2d:80:f3:b0:16:8d:fd:1a:b4:
                    1a:05:4a:5c:79:18:41:ee:34:90:94:9a:3a:a9:32:
                    45:2d:3a:7b:6a:f2:c8:54:66:79:6b:83:18:71:0a:
                    22:c9:67:13:57:51:b8:41:a5:4b:b4:09:cc:0b:f8:
                    5f:70:77:e9:09:e9:d7:3e:b7:6d:b4:30:df:20:9f:
                    53:76:f8:ed:50:e8:dc:52:0a:92:a7:e4:f5:a9:e2:
                    15:c4:34:c2:b8:e9:5e:fb:ea:02:fb:a6:12:42:72:
                    e0:7d:d0:44:6d:e0:ba:5f:95:f4:80:cc:ca:39:5b:
                    ea:5e:f7:3e:b8:11:18:5d:26:85:33:78:18:38:53:
                    af:78:b5:c1:35:04:4c:80:42:73:58:73:9e:8f:27:
                    0f:78:3c:a7:28:25:2e:82:d5:a3:38:fd:d9:21:89:
                    c9:ae:45:92:94:f1:23:0c:2a:5b:56:64:8f:8c:55:
                    fd:5d:a6:b3:21:f0:0d:f5:04:10:65:7f:4e:fc:9b:
                    90:6c:36:74:ff:d4:8f:3d:9f:77:5c:29:e1:cb:d8:
                    ab:e8:f0:9d:bc:83:13:70:4d:b0:9f:4f:af:4e:84:
                    e5:99:a2:7a:e3:62:c8:07:9d:01:9c:d3:be:52:ae:
                    13:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:A7:77:EA:33:9F:DB:35:3F:6A:AA:5F:2F:3F:63:99:CA:5B:12:53
            X509v3 Authority Key Identifier:
                keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/dKd36jOf2zU_aqpfLz9jmcpbElM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.246.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3d:7d:9e:ea:9d:20:71:36:57:b0:df:60:a9:67:f5:18:d0:0a:
         7d:e9:c1:ed:a3:c7:6e:27:34:5e:2b:f9:c6:79:82:4b:c5:90:
         4d:f8:2e:bd:31:57:e1:42:a9:80:1a:f1:7e:b5:1e:f5:b3:6f:
         11:eb:ff:3e:53:da:ec:f1:a5:d3:4f:0c:20:98:1a:16:e2:82:
         c6:f0:cc:c7:c4:70:74:62:6c:54:7c:33:5b:77:35:98:78:65:
         40:46:86:64:68:ec:be:20:d8:06:98:ee:7f:a6:87:8f:f8:8d:
         fa:2d:7d:8c:bc:b9:82:c4:6a:5b:6e:b7:35:6c:8b:3b:d5:15:
         32:dc:ac:c7:77:e9:5f:34:ca:f7:24:a2:9c:ef:70:a7:c2:e6:
         5b:4c:8b:64:e1:e5:89:f0:ca:3b:02:53:5f:2e:8e:d1:a2:bf:
         32:84:68:8f:24:cf:f8:c8:76:0a:81:af:11:e6:41:d4:ce:32:
         2b:78:41:35:ba:42:57:d6:3f:79:04:2d:ea:fa:e9:b5:15:8b:
         1b:ab:5e:66:16:62:d0:8d:80:a1:a0:23:5d:7f:ec:ec:33:15:
         ae:da:1a:7a:53:d4:01:04:79:e3:c9:da:ce:7a:b9:89:77:8a:
         f8:3c:0c:4e:66:61:ac:43:8a:46:72:68:06:3b:98:76:00:63:
         4b:26:1b:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFK0lT6u9VwNRoGma9YEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGE3NzdlYTMzOWZkYjM1M2Y2YWFhNWYyZjNmNjM5OWNhNWIxMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltBOxJ1Cb/EZDprawoeIrM/TfBYt
gPOwFo39GrQaBUpceRhB7jSQlJo6qTJFLTp7avLIVGZ5a4MYcQoiyWcTV1G4QaVL
tAnMC/hfcHfpCenXPrdttDDfIJ9TdvjtUOjcUgqSp+T1qeIVxDTCuOle++oC+6YS
QnLgfdBEbeC6X5X0gMzKOVvqXvc+uBEYXSaFM3gYOFOveLXBNQRMgEJzWHOejycP
eDynKCUugtWjOP3ZIYnJrkWSlPEjDCpbVmSPjFX9XaazIfAN9QQQZX9O/JuQbDZ0
/9SPPZ93XCnhy9ir6PCdvIMTcE2wn0+vToTlmaJ642LIB50BnNO+Uq4TowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSnd+ozn9s1P2qqXy8/Y5nKWxJTMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvZEtkMzZqT2YyelVfYXFwZkx6OWptY3BiRWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/Z8MA0G
CSqGSIb3DQEBCwUAA4IBAQA9fZ7qnSBxNlew32CpZ/UY0Ap96cHto8duJzReK/nG
eYJLxZBN+C69MVfhQqmAGvF+tR71s28R6/8+U9rs8aXTTwwgmBoW4oLG8MzHxHB0
YmxUfDNbdzWYeGVARoZkaOy+INgGmO5/poeP+I36LX2MvLmCxGpbbrc1bIs71RUy
3KzHd+lfNMr3JKKc73CnwuZbTItk4eWJ8Mo7AlNfLo7Ror8yhGiPJM/4yHYKga8R
5kHUzjIreEE1ukJX1j95BC3q+um1FYsbq15mFmLQjYChoCNdf+zsMxWu2hp6U9QB
BHnjydrOermJd4r4PAxOZmGsQ4pGcmgGO5h2AGNLJhu+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:53 2024 by rpki-client on console-ams.rpki-client.org