Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kCOrlbFK_g7EpEv0qToiiu7fL4k.roa
File:                     kCOrlbFK_g7EpEv0qToiiu7fL4k.roa (raw, json)
Hash identifier:          zBL6dTjoDGcr/TppV3gDl/aTKL98z1tqx08/cQB1CbE=
Subject key identifier:   90:23:AB:95:B1:4A:FE:0E:C4:A4:4B:F4:A9:3A:22:8A:EE:DF:2F:89
Certificate issuer:       /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial:       018CB4491ECD98742B541D4809374DF68409
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kCOrlbFK_g7EpEv0qToiiu7fL4k.roa
Signing time:             Fri 29 Dec 2023 06:35:40 +0000
ROA not before:           Fri 29 Dec 2023 06:35:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        91.190.190.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b4:49:1e:cd:98:74:2b:54:1d:48:09:37:4d:f6:84:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
        Validity
            Not Before: Dec 29 06:35:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9023ab95b14afe0ec4a44bf4a93a228aeedf2f89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:71:ae:0b:55:5d:02:67:bf:62:25:f0:75:a2:
                    cc:ab:5a:3c:a1:92:78:1e:d1:ee:42:74:38:d8:ba:
                    14:31:65:52:1b:bc:e0:59:e1:c0:6e:b0:d8:d8:d5:
                    36:2b:14:a0:7a:8e:be:99:39:43:a4:1f:e6:ca:cf:
                    44:d3:a5:07:7e:41:d9:54:cc:4b:4a:f8:de:57:8e:
                    c4:2e:1f:28:bb:45:42:bd:4f:8e:02:4a:56:cd:3f:
                    d4:bc:a5:18:b4:68:f5:d2:4a:44:a3:ec:ef:d2:b7:
                    86:76:b6:e7:ba:98:ff:a1:17:5f:18:a2:ad:d7:01:
                    d1:6a:b7:45:70:1d:f6:d6:0f:a7:14:43:64:ac:33:
                    5a:b6:b4:a8:75:40:3b:40:a6:29:88:5c:df:eb:eb:
                    f9:38:55:88:5d:88:f9:32:13:44:73:d0:bf:7a:68:
                    29:a7:8a:e4:fb:46:2e:0e:94:d3:db:c2:d3:02:b7:
                    77:a6:1c:b7:34:5f:fb:b7:52:0e:71:87:34:87:58:
                    60:f5:e8:8a:9b:55:0e:dc:8e:28:63:fe:64:9b:e6:
                    a5:27:77:de:18:c5:1a:5e:ab:65:f9:42:c7:2e:d7:
                    22:d7:5f:51:46:48:b1:f5:7b:50:05:a4:87:59:56:
                    a4:f3:b8:21:a3:21:a2:53:90:f0:11:fd:1d:dc:5f:
                    2d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:23:AB:95:B1:4A:FE:0E:C4:A4:4B:F4:A9:3A:22:8A:EE:DF:2F:89
            X509v3 Authority Key Identifier:
                keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kCOrlbFK_g7EpEv0qToiiu7fL4k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.190.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:b5:9d:b9:45:a6:a5:7c:d7:a4:13:1b:47:d5:38:67:2b:78:
         6e:5c:86:60:cf:40:6d:34:75:ae:c6:d1:ab:7b:e6:eb:cd:e5:
         6e:9f:a1:57:94:56:87:02:17:4d:d8:75:8d:fd:20:01:06:86:
         60:e8:e7:4c:39:07:53:6e:4c:c1:7b:e7:84:40:a0:8e:1f:cb:
         bd:14:d5:a4:df:61:74:fb:70:a7:81:72:9f:1f:cd:c6:0b:ec:
         70:d7:4d:69:cb:05:55:70:d0:b7:2f:df:90:dd:d1:06:78:61:
         43:46:50:55:eb:f4:93:a2:d2:4b:cc:08:76:b2:5c:03:7b:23:
         d9:e6:f8:bf:15:2f:5e:fb:23:8e:04:bf:0a:04:83:91:74:bc:
         b0:99:8c:1c:cb:60:17:de:18:d1:db:17:73:90:33:49:bb:1f:
         41:8d:01:53:a0:86:b7:dc:41:70:e0:19:31:79:32:74:3c:a4:
         4e:d0:51:97:77:cc:77:4f:3c:4c:ac:46:c6:cd:4c:0f:6a:b0:
         4e:f7:19:26:9e:09:2e:84:66:b2:a9:f1:f9:b9:01:68:ca:2f:
         4c:35:74:dc:ba:93:b3:c6:5e:44:66:e7:25:4c:eb:4e:98:1d:
         47:d8:1b:65:d5:71:25:ff:fd:af:d4:78:c0:54:d4:a2:75:af:
         5a:68:d8:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy0SR7NmHQrVB1ICTdN9oQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMxMjI5MDYzNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDIzYWI5NWIxNGFmZTBlYzRhNDRiZjRhOTNhMjI4YWVlZGYyZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXGuC1VdAme/YiXwdaLMq1o8oZJ4
HtHuQnQ42LoUMWVSG7zgWeHAbrDY2NU2KxSgeo6+mTlDpB/mys9E06UHfkHZVMxL
SvjeV47ELh8ou0VCvU+OAkpWzT/UvKUYtGj10kpEo+zv0reGdrbnupj/oRdfGKKt
1wHRardFcB321g+nFENkrDNatrSodUA7QKYpiFzf6+v5OFWIXYj5MhNEc9C/emgp
p4rk+0YuDpTT28LTArd3phy3NF/7t1IOcYc0h1hg9eiKm1UO3I4oY/5km+alJ3fe
GMUaXqtl+ULHLtci119RRkix9XtQBaSHWVak87ghoyGiU5DwEf0d3F8tewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAjq5WxSv4OxKRL9Kk6Ioru3y+JMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEva0NPcmxiRktfZzdFcEV2MHFUb2lpdTdmTDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW76+MA0G
CSqGSIb3DQEBCwUAA4IBAQAUtZ25RaalfNekExtH1ThnK3huXIZgz0BtNHWuxtGr
e+brzeVun6FXlFaHAhdN2HWN/SABBoZg6OdMOQdTbkzBe+eEQKCOH8u9FNWk32F0
+3CngXKfH83GC+xw101pywVVcNC3L9+Q3dEGeGFDRlBV6/STotJLzAh2slwDeyPZ
5vi/FS9e+yOOBL8KBIORdLywmYwcy2AX3hjR2xdzkDNJux9BjQFToIa33EFw4Bkx
eTJ0PKRO0FGXd8x3TzxMrEbGzUwParBO9xkmngkuhGayqfH5uQFoyi9MNXTcupOz
xl5EZuclTOtOmB1H2Btl1XEl//2v1HjAVNSida9aaNgX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:21 2024 by rpki-client on console-ams.rpki-client.org