Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/kLXAnM2snGQ3H7Gf0X1xiW6gbYQ.roa
File:                     kLXAnM2snGQ3H7Gf0X1xiW6gbYQ.roa (raw, json)
Hash identifier:          OnwmQeomppS+ZTcfDAf1rQKI2/JylfH4MYvw8Gr4OQ4=
Subject key identifier:   90:B5:C0:9C:CD:AC:9C:64:37:1F:B1:9F:D1:7D:71:89:6E:A0:6D:84
Certificate issuer:       /CN=bf5599c26755f4a4d4f540e2ffd7b74a39053da3
Certificate serial:       018CC424C7F4F51D69FD2EF2DABF60CCDB1F
Authority key identifier: BF:55:99:C2:67:55:F4:A4:D4:F5:40:E2:FF:D7:B7:4A:39:05:3D:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/kLXAnM2snGQ3H7Gf0X1xiW6gbYQ.roa
Signing time:             Mon 01 Jan 2024 08:29:53 +0000
ROA not before:           Mon 01 Jan 2024 08:29:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8758
IP address blocks:        91.199.76.0/24 maxlen: 24
                          2001:67c:470::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 13:48:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:c7:f4:f5:1d:69:fd:2e:f2:da:bf:60:cc:db:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf5599c26755f4a4d4f540e2ffd7b74a39053da3
        Validity
            Not Before: Jan  1 08:29:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=90b5c09ccdac9c64371fb19fd17d71896ea06d84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:bc:51:cc:76:88:b0:c8:a1:3d:8f:d1:2a:ca:
                    f0:37:1e:cc:8a:cf:d8:3e:96:4c:0b:14:ac:d9:69:
                    98:e0:bc:e4:74:da:7b:fe:00:56:83:e0:32:3e:5a:
                    4c:04:b0:f2:46:e3:8c:9a:02:f4:c7:85:e6:2e:9b:
                    d2:b1:1b:a1:91:2f:cd:dd:5b:f8:5f:33:b6:6d:85:
                    07:a2:45:e9:57:13:69:53:f9:f2:c8:48:35:95:b7:
                    17:0e:2d:c9:1d:c2:b0:7c:95:21:df:e2:4b:e9:b6:
                    f9:c6:cd:ec:ee:0b:36:49:5a:a3:32:c3:e4:30:b1:
                    37:db:0e:2c:e1:55:14:3d:4d:52:37:3c:29:d2:6b:
                    a8:e9:33:c1:10:89:64:72:a7:93:dc:15:e9:9b:cb:
                    b3:c0:f9:cd:71:d8:60:ce:5f:40:03:26:34:84:dd:
                    f7:85:a0:57:e6:35:24:42:52:4f:bb:ce:f6:f5:2e:
                    c0:68:06:61:c1:32:2a:3c:f3:65:2b:8c:b2:0f:f1:
                    2f:b1:1b:7b:1e:95:ee:cf:f2:b9:e2:c0:73:aa:78:
                    48:33:b7:40:5a:27:ec:46:34:b2:af:f5:35:b4:1c:
                    2b:c9:ed:e1:c7:5d:d7:2a:cb:23:48:88:f6:07:a8:
                    4d:aa:4c:fb:93:40:72:a8:4a:bc:73:51:e2:3e:36:
                    4c:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:B5:C0:9C:CD:AC:9C:64:37:1F:B1:9F:D1:7D:71:89:6E:A0:6D:84
            X509v3 Authority Key Identifier:
                keyid:BF:55:99:C2:67:55:F4:A4:D4:F5:40:E2:FF:D7:B7:4A:39:05:3D:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/kLXAnM2snGQ3H7Gf0X1xiW6gbYQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/v1WZwmdV9KTU9UDi_9e3SjkFPaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.76.0/24
                IPv6:
                  2001:67c:470::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:21:30:70:3f:71:89:5c:3a:22:d5:d6:3c:54:c0:41:1d:b8:
         af:ab:64:6e:98:ee:a4:59:12:30:81:0a:ed:4b:ea:4c:1c:be:
         7d:3f:c1:65:6c:2c:d8:aa:3b:6f:99:b0:ec:6c:66:d8:9d:b1:
         00:fb:e1:8d:aa:d6:d3:2e:5b:1e:93:84:c9:ef:92:7a:df:c6:
         4f:0d:f7:a1:f2:27:f5:30:ef:ee:d3:34:04:8f:e7:2f:2e:20:
         7a:de:6a:d7:ae:95:5a:8a:89:a8:f3:4c:43:6a:11:93:30:38:
         f6:85:67:ad:ae:22:b3:85:ce:36:4e:b7:32:df:43:22:f1:d4:
         28:1e:a7:29:b0:33:0f:ed:f4:38:fc:f2:19:04:fd:90:6d:a4:
         aa:f9:5e:1d:42:3e:be:ae:15:58:16:65:78:71:cf:8d:22:96:
         da:1e:96:b0:46:0b:0f:23:1b:15:a3:77:2b:48:1d:fa:87:82:
         c2:fe:0b:43:9c:3c:69:6b:db:19:b0:fe:45:cb:87:35:ad:31:
         14:95:e3:42:a0:94:27:f8:9f:2c:49:5b:77:2b:c4:52:2f:5a:
         c9:73:d5:67:51:6e:08:f7:81:96:cc:f5:bc:4f:eb:bc:7d:a9:
         28:25:bf:38:d7:1e:4b:8e:a4:28:46:b4:95:92:f1:73:86:be:
         27:89:60:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJMf09R1p/S7y2r9gzNsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTU5OWMyNjc1NWY0YTRkNGY1NDBlMmZmZDdiNzRhMzkw
NTNkYTMwHhcNMjQwMTAxMDgyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI1YzA5Y2NkYWM5YzY0MzcxZmIxOWZkMTdkNzE4OTZlYTA2ZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLxRzHaIsMihPY/RKsrwNx7Mis/Y
PpZMCxSs2WmY4LzkdNp7/gBWg+AyPlpMBLDyRuOMmgL0x4XmLpvSsRuhkS/N3Vv4
XzO2bYUHokXpVxNpU/nyyEg1lbcXDi3JHcKwfJUh3+JL6bb5xs3s7gs2SVqjMsPk
MLE32w4s4VUUPU1SNzwp0muo6TPBEIlkcqeT3BXpm8uzwPnNcdhgzl9AAyY0hN33
haBX5jUkQlJPu8729S7AaAZhwTIqPPNlK4yyD/EvsRt7HpXuz/K54sBzqnhIM7dA
WifsRjSyr/U1tBwrye3hx13XKssjSIj2B6hNqkz7k0ByqEq8c1HiPjZM5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJC1wJzNrJxkNx+xn9F9cYluoG2EMB8GA1UdIwQY
MBaAFL9VmcJnVfSk1PVA4v/Xt0o5BT2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFXWndtZFY5S1RVOVVEaV85ZTNTamtGUGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMDE2OTYtODNkZC00MzZmLWI0N2Mt
M2UxYjg0MzJmYzcwLzEva0xYQW5NMnNuR1EzSDdHZjBYMXhpVzZnYllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMDE2OTYtODNkZC00MzZmLWI0N2MtM2UxYjg0MzJmYzcw
LzEvdjFXWndtZFY5S1RVOVVEaV85ZTNTamtGUGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8dMMA8E
AgACMAkDBwAgAQZ8BHAwDQYJKoZIhvcNAQELBQADggEBAGAhMHA/cYlcOiLV1jxU
wEEduK+rZG6Y7qRZEjCBCu1L6kwcvn0/wWVsLNiqO2+ZsOxsZtidsQD74Y2q1tMu
Wx6ThMnvknrfxk8N96HyJ/Uw7+7TNASP5y8uIHreateulVqKiajzTENqEZMwOPaF
Z62uIrOFzjZOtzLfQyLx1CgepymwMw/t9Dj88hkE/ZBtpKr5Xh1CPr6uFVgWZXhx
z40iltoelrBGCw8jGxWjdytIHfqHgsL+C0OcPGlr2xmw/kXLhzWtMRSV40KglCf4
nyxJW3crxFIvWslz1WdRbgj3gZbM9bxP67x9qSglvzjXHkuOpChGtJWS8XOGvieJ
YKk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:54 2024 by rpki-client on console-ams.rpki-client.org