Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/ojVzKMYMmUOfmKzWWV-zaqicqlg.roa
File:                     ojVzKMYMmUOfmKzWWV-zaqicqlg.roa (raw, json)
Hash identifier:          x6ctj0mE5M3sQKcKvXx4s5TJj8q4QpZMc2rDSt7ZJOk=
Subject key identifier:   A2:35:73:28:C6:0C:99:43:9F:98:AC:D6:59:5F:B3:6A:A8:9C:AA:58
Certificate issuer:       /CN=0dd441c3ffae829842249e944b03851081f4d9e0
Certificate serial:       018C64C4218FD2B91FCF739F95D7E74855A1
Authority key identifier: 0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/ojVzKMYMmUOfmKzWWV-zaqicqlg.roa
Signing time:             Wed 13 Dec 2023 20:00:24 +0000
ROA not before:           Wed 13 Dec 2023 20:00:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44016
IP address blocks:        91.235.168.0/24 maxlen: 24
                          193.23.60.0/24 maxlen: 24
                          2a09:8400::/29 maxlen: 48
                          2a0f:75c0::/29 maxlen: 48
                          2001:67c:2d78::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:64:c4:21:8f:d2:b9:1f:cf:73:9f:95:d7:e7:48:55:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dd441c3ffae829842249e944b03851081f4d9e0
        Validity
            Not Before: Dec 13 20:00:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2357328c60c99439f98acd6595fb36aa89caa58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:fa:e4:2e:83:27:f4:99:0c:74:6a:44:04:5f:
                    7c:72:7a:9a:12:c7:78:25:67:7f:02:4f:cf:bf:21:
                    89:ce:9d:bb:f7:71:bf:9c:c2:dc:32:b1:76:65:f3:
                    c9:49:d3:3b:07:dd:8a:01:45:1a:94:d7:c1:22:b2:
                    1f:ea:ae:44:0c:a9:b6:78:fc:53:cf:63:a9:ae:b3:
                    99:2e:19:1a:68:37:c4:c2:21:bb:39:c8:bb:e1:30:
                    70:08:5b:59:7b:e0:4d:a5:4f:52:f6:ec:89:48:b8:
                    49:2f:9c:cc:17:09:72:b5:7f:03:69:93:e1:fe:d8:
                    6b:90:2a:c3:e8:8a:90:31:25:95:2d:60:3e:fa:09:
                    ba:a4:ac:c5:98:93:3f:70:c2:b4:26:ff:11:1b:c1:
                    c9:b4:fe:a8:d6:4e:ca:fc:ba:f4:6d:9a:8e:a9:72:
                    3f:48:bc:bc:3d:fc:5c:43:48:4b:cc:ff:4b:26:f5:
                    f6:81:00:cc:43:ab:a7:c6:3a:23:81:b2:0f:ab:84:
                    ed:2e:bf:b3:74:13:62:1c:9c:38:f2:17:86:cd:97:
                    24:8a:1b:98:8e:7e:22:47:99:83:8d:13:93:d1:c4:
                    bf:c2:1e:86:27:dc:be:56:47:18:42:85:4a:94:a5:
                    01:08:d7:ae:13:d8:32:b8:9b:66:9f:02:0d:5d:4a:
                    cb:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:35:73:28:C6:0C:99:43:9F:98:AC:D6:59:5F:B3:6A:A8:9C:AA:58
            X509v3 Authority Key Identifier:
                keyid:0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/ojVzKMYMmUOfmKzWWV-zaqicqlg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.235.168.0/24
                  193.23.60.0/24
                IPv6:
                  2001:67c:2d78::/48
                  2a09:8400::/29
                  2a0f:75c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         25:dc:59:85:70:32:84:ec:8b:92:ae:fd:ad:2a:f1:bd:eb:25:
         52:18:22:57:ac:7c:65:84:ed:c3:1d:84:78:e5:53:45:b1:a8:
         d0:45:5d:c1:4a:85:40:a9:84:02:95:88:0e:94:e9:67:03:bb:
         eb:6e:6c:1a:51:9f:5b:e0:47:86:19:1b:c0:f5:4b:ff:04:b0:
         ef:85:f4:4f:be:72:17:b8:ef:ba:15:e1:23:76:24:01:3f:03:
         02:45:c6:a2:df:c1:7d:8a:ff:fe:c4:ea:ca:1d:d8:0e:c0:fb:
         f6:27:f0:ea:6d:19:76:95:38:25:42:90:d5:4c:b5:ef:8e:9c:
         c3:3c:ca:4d:a7:f4:16:c9:c3:1e:fd:e8:0e:f5:62:d2:b6:92:
         fa:29:b3:2f:a3:fa:db:b2:b5:9f:5f:c6:13:72:ca:16:67:59:
         6d:b9:7b:a4:d7:0f:ad:bd:93:8c:e0:a9:96:4d:e9:7b:8c:c2:
         77:c9:11:59:37:71:c2:8c:c2:8b:f2:28:51:c5:e3:08:62:27:
         94:6e:26:65:dc:d1:ea:ba:5d:61:60:77:09:c1:cf:28:fc:7c:
         67:ca:2c:8e:e2:a1:79:6b:34:1c:8e:56:4e:fb:a1:c1:3b:12:
         e7:c9:67:7c:90:26:79:13:ae:46:fe:0c:62:36:e1:82:d2:35:
         e8:fb:17:eb
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYxkxCGP0rkfz3OfldfnSFWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDQ0MWMzZmZhZTgyOTg0MjI0OWU5NDRiMDM4NTEwODFm
NGQ5ZTAwHhcNMjMxMjEzMjAwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM1NzMyOGM2MGM5OTQzOWY5OGFjZDY1OTVmYjM2YWE4OWNhYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvrkLoMn9JkMdGpEBF98cnqaEsd4
JWd/Ak/PvyGJzp2793G/nMLcMrF2ZfPJSdM7B92KAUUalNfBIrIf6q5EDKm2ePxT
z2OprrOZLhkaaDfEwiG7Oci74TBwCFtZe+BNpU9S9uyJSLhJL5zMFwlytX8DaZPh
/thrkCrD6IqQMSWVLWA++gm6pKzFmJM/cMK0Jv8RG8HJtP6o1k7K/Lr0bZqOqXI/
SLy8PfxcQ0hLzP9LJvX2gQDMQ6unxjojgbIPq4TtLr+zdBNiHJw48heGzZckihuY
jn4iR5mDjROT0cS/wh6GJ9y+VkcYQoVKlKUBCNeuE9gyuJtmnwINXUrLpwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFKI1cyjGDJlDn5is1llfs2qonKpYMB8GA1UdIwQY
MBaAFA3UQcP/roKYQiSelEsDhRCB9NngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMt
ZTljOTEzMjgzNmZmLzEvb2pWektNWU1tVU9mbUt6V1dWLXphcWljcWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMtZTljOTEzMjgzNmZm
LzEvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzASBAIAATAMAwQAW+uoAwQA
wRc8MB0EAgACMBcDBwAgAQZ8LXgDBQMqCYQAAwUDKg91wDANBgkqhkiG9w0BAQsF
AAOCAQEAJdxZhXAyhOyLkq79rSrxveslUhgiV6x8ZYTtwx2EeOVTRbGo0EVdwUqF
QKmEApWIDpTpZwO7625sGlGfW+BHhhkbwPVL/wSw74X0T75yF7jvuhXhI3YkAT8D
AkXGot/BfYr//sTqyh3YDsD79ifw6m0ZdpU4JUKQ1Uy1746cwzzKTaf0FsnDHv3o
DvVi0raS+imzL6P627K1n1/GE3LKFmdZbbl7pNcPrb2TjOCplk3pe4zCd8kRWTdx
wozCi/IoUcXjCGInlG4mZdzR6rpdYWB3CcHPKPx8Z8osjuKheWs0HI5WTvuhwTsS
58lnfJAmeROuRv4MYjbhgtI16PsX6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:38 2024 by rpki-client on console-fra.rpki-client.org