Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/1-V5zyEnH2_6HdY1ARXaiyt5Lkc.roa
File:                     1-V5zyEnH2_6HdY1ARXaiyt5Lkc.roa (raw, json)
Hash identifier:          JSnII5uleEgd4dSza8hC0UOzuDj5SNig1U2+R54cDts=
Subject key identifier:   D7:E5:79:CF:21:27:1F:6F:FA:1D:D6:35:01:15:DA:8B:2B:79:2E:47
Certificate issuer:       /CN=4e36cce2142ca18b505897158d26e5839d2b417f
Certificate serial:       018570F093D5DFC37877C1229CF88E17797F
Authority key identifier: 4E:36:CC:E2:14:2C:A1:8B:50:58:97:15:8D:26:E5:83:9D:2B:41:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TjbM4hQsoYtQWJcVjSblg50rQX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/1-V5zyEnH2_6HdY1ARXaiyt5Lkc.roa
Signing time:             Mon 02 Jan 2023 05:24:52 +0000
ROA not before:           Mon 02 Jan 2023 05:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51520
IP address blocks:        91.194.2.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:f0:93:d5:df:c3:78:77:c1:22:9c:f8:8e:17:79:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e36cce2142ca18b505897158d26e5839d2b417f
        Validity
            Not Before: Jan  2 05:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7e579cf21271f6ffa1dd6350115da8b2b792e47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:9e:88:ae:ab:b9:73:57:2e:27:d1:8f:6e:48:
                    25:45:b2:55:74:d4:c7:56:93:ff:38:06:f5:e4:55:
                    b2:33:d8:7e:a5:ac:86:c5:be:74:9d:a2:5b:3c:5c:
                    ad:1b:cd:c2:c6:84:66:12:36:93:24:b5:b4:5d:26:
                    7f:34:c4:8a:4c:ba:56:ce:c8:9b:36:ae:60:64:31:
                    fc:fc:61:cb:3e:8f:d0:87:ab:8a:c8:f3:a0:f1:b1:
                    39:34:51:97:9d:e3:35:43:af:21:74:b0:63:7b:e7:
                    dc:92:6e:51:14:80:60:36:42:d2:e9:c6:9f:ff:d4:
                    1b:c3:de:5a:4d:b0:a2:05:a7:5e:9e:5a:db:be:5f:
                    e3:64:d2:96:0f:97:98:73:c6:5a:f4:29:4a:e1:f2:
                    2b:db:58:82:72:67:80:c3:ec:5b:89:3f:01:21:9c:
                    31:b0:af:8b:3b:d9:95:40:2e:15:cb:9b:42:09:ad:
                    b1:d9:9d:62:7e:a2:07:ab:30:11:58:f4:43:f5:bb:
                    85:6c:1c:c9:c7:02:e2:6d:c8:b8:45:fa:f2:32:18:
                    a6:d8:87:06:32:ae:cc:06:aa:93:48:68:98:09:e8:
                    83:5f:25:58:5e:7f:84:0d:95:04:67:93:f2:f2:2a:
                    2b:34:2d:73:b5:e9:e3:89:d2:27:b3:b9:09:a3:81:
                    97:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:E5:79:CF:21:27:1F:6F:FA:1D:D6:35:01:15:DA:8B:2B:79:2E:47
            X509v3 Authority Key Identifier:
                keyid:4E:36:CC:E2:14:2C:A1:8B:50:58:97:15:8D:26:E5:83:9D:2B:41:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TjbM4hQsoYtQWJcVjSblg50rQX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/1-V5zyEnH2_6HdY1ARXaiyt5Lkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/220b38-77ca-4de4-8b86-9f845c546470/1/TjbM4hQsoYtQWJcVjSblg50rQX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.194.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:c5:9d:7a:b2:78:ff:6b:0a:14:1a:db:81:22:98:80:60:ad:
         5d:7d:c6:bb:d2:c7:d3:31:d8:4a:43:82:b3:b9:c0:6f:fe:5f:
         e4:37:84:e1:54:3c:03:ad:4f:c4:36:b6:d6:b5:17:24:ee:c2:
         16:11:ff:e0:36:bb:f5:f5:98:6e:54:bc:bf:8e:38:ce:12:1c:
         8c:e7:26:c0:48:06:64:93:e9:b3:b4:84:49:a0:29:e3:7c:ab:
         9c:d6:c6:23:00:a4:06:27:89:10:85:dc:dc:74:20:5e:0e:17:
         0f:2d:e8:6a:18:d8:68:a5:cf:a5:73:10:71:bd:ff:7b:92:40:
         03:c1:26:c8:8f:47:8b:9e:8a:ad:47:23:6a:91:21:60:5a:71:
         72:19:ab:1b:fd:00:37:aa:a2:e6:3f:35:ff:2a:58:f7:89:fb:
         97:cb:40:81:0d:47:2c:81:bc:dc:91:df:e0:c2:05:c8:67:95:
         97:6a:6c:22:02:6a:18:08:ec:a8:69:44:b4:80:a1:a9:6c:ee:
         28:3d:ee:eb:be:22:17:45:8b:0a:15:7e:71:b4:06:fa:b3:9d:
         c2:5e:eb:8c:7a:a6:1a:25:f5:b9:54:a8:f8:74:03:5a:5c:53:
         80:a5:00:4b:3e:a6:f2:e5:c4:b9:33:7f:6e:10:97:20:43:43:
         0c:63:39:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8JPV38N4d8EinPiOF3l/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMzZjY2UyMTQyY2ExOGI1MDU4OTcxNThkMjZlNTgzOWQy
YjQxN2YwHhcNMjMwMTAyMDUyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U1NzljZjIxMjcxZjZmZmExZGQ2MzUwMTE1ZGE4YjJiNzkyZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J6Irqu5c1cuJ9GPbkglRbJVdNTH
VpP/OAb15FWyM9h+payGxb50naJbPFytG83CxoRmEjaTJLW0XSZ/NMSKTLpWzsib
Nq5gZDH8/GHLPo/Qh6uKyPOg8bE5NFGXneM1Q68hdLBje+fckm5RFIBgNkLS6caf
/9Qbw95aTbCiBadenlrbvl/jZNKWD5eYc8Za9ClK4fIr21iCcmeAw+xbiT8BIZwx
sK+LO9mVQC4Vy5tCCa2x2Z1ifqIHqzARWPRD9buFbBzJxwLibci4RfryMhim2IcG
Mq7MBqqTSGiYCeiDXyVYXn+EDZUEZ5Py8iorNC1ztenjidIns7kJo4GXAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNflec8hJx9v+h3WNQEV2osreS5HMB8GA1UdIwQY
MBaAFE42zOIULKGLUFiXFY0m5YOdK0F/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGpiTTRoUXNvWXRRV0pjVmpTYmxnNTByUVg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8yMjBiMzgtNzdjYS00ZGU0LThiODYt
OWY4NDVjNTQ2NDcwLzEvMS1WNXp5RW5IMl82SGRZMUFSWGFpeXQ1TGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8yMjBiMzgtNzdjYS00ZGU0LThiODYtOWY4NDVjNTQ2NDcw
LzEvVGpiTTRoUXNvWXRRV0pjVmpTYmxnNTByUVg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8ICMA0G
CSqGSIb3DQEBCwUAA4IBAQAfxZ16snj/awoUGtuBIpiAYK1dfca70sfTMdhKQ4Kz
ucBv/l/kN4ThVDwDrU/ENrbWtRck7sIWEf/gNrv19ZhuVLy/jjjOEhyM5ybASAZk
k+mztIRJoCnjfKuc1sYjAKQGJ4kQhdzcdCBeDhcPLehqGNhopc+lcxBxvf97kkAD
wSbIj0eLnoqtRyNqkSFgWnFyGasb/QA3qqLmPzX/Klj3ifuXy0CBDUcsgbzckd/g
wgXIZ5WXamwiAmoYCOyoaUS0gKGpbO4oPe7rviIXRYsKFX5xtAb6s53CXuuMeqYa
JfW5VKj4dANaXFOApQBLPqby5cS5M39uEJcgQ0MMYzmX
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:42 2024 by rpki-client on console-ams.rpki-client.org