Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/UnijswoTz-2cu10Ko0VLy97AGU8.roa
File:                     UnijswoTz-2cu10Ko0VLy97AGU8.roa (raw, json)
Hash identifier:          t7d6kOe+ADfiYasHmXIfIdjKVDX8p0Au4D0z3TNFsYc=
Subject key identifier:   52:78:A3:B3:0A:13:CF:ED:9C:BB:5D:0A:A3:45:4B:CB:DE:C0:19:4F
Certificate issuer:       /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial:       018C8C03A58865AE1A472C40F7BAE31CA612
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/UnijswoTz-2cu10Ko0VLy97AGU8.roa
Signing time:             Thu 21 Dec 2023 10:54:58 +0000
ROA not before:           Thu 21 Dec 2023 10:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210315
IP address blocks:        91.231.201.0/24 maxlen: 24
                          91.231.200.0/24 maxlen: 24
                          195.88.254.0/24 maxlen: 24
                          195.88.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8c:03:a5:88:65:ae:1a:47:2c:40:f7:ba:e3:1c:a6:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
        Validity
            Not Before: Dec 21 10:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5278a3b30a13cfed9cbb5d0aa3454bcbdec0194f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:91:32:6c:a7:8b:a9:76:c2:63:0a:6f:5b:50:
                    f2:64:24:14:cc:27:7f:00:77:83:af:62:1b:b6:9d:
                    ac:38:84:18:9e:82:fb:64:42:db:70:c5:85:8f:c3:
                    2d:64:9c:f5:0e:b4:5a:ea:53:37:b1:4a:39:31:d7:
                    42:5c:99:60:6b:d6:88:57:32:53:82:0d:ea:d1:c0:
                    57:f4:7d:7b:f3:81:73:86:f4:6e:80:69:ac:07:59:
                    88:b7:46:7b:2c:72:8b:fd:e2:2e:44:e9:99:1d:6a:
                    68:f9:bf:30:3d:74:1d:3d:1e:08:7e:74:e8:59:6f:
                    0b:16:bc:3d:e0:cf:8a:1b:2a:59:e2:ce:70:eb:e6:
                    21:c0:4d:7e:d6:3c:9d:aa:57:44:16:eb:58:e4:84:
                    dd:77:ae:14:9a:be:e9:47:de:25:5d:40:51:7b:16:
                    c1:0e:9d:22:d9:1c:aa:95:77:47:f3:47:f7:b3:74:
                    68:6e:ce:6a:1d:57:ef:a5:69:5d:aa:e3:af:d1:02:
                    bb:ff:39:e8:f3:a1:01:22:58:0f:0d:ca:c9:81:e6:
                    d4:62:65:90:b7:8f:29:32:66:97:9f:64:2e:aa:e2:
                    10:42:49:65:55:32:6a:ac:ae:b3:fa:a9:42:dc:80:
                    3e:c8:27:39:42:2d:c2:e0:d0:e9:0f:67:ad:53:24:
                    99:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:78:A3:B3:0A:13:CF:ED:9C:BB:5D:0A:A3:45:4B:CB:DE:C0:19:4F
            X509v3 Authority Key Identifier:
                keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/UnijswoTz-2cu10Ko0VLy97AGU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.231.200.0/23
                  195.88.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         18:d0:bf:d9:61:23:6c:45:5d:7e:14:f5:ad:c0:f2:2e:4a:3c:
         ce:94:ac:16:19:ae:66:43:d1:67:46:be:b6:00:7e:c5:9d:c0:
         82:58:74:de:66:50:03:7e:10:58:5b:82:9c:3e:de:d3:25:04:
         b4:04:28:f1:41:fd:3d:eb:83:3e:d1:1e:df:5d:a0:d9:96:16:
         cc:51:75:80:33:87:80:0b:13:46:35:ff:1e:02:83:3a:fa:3c:
         35:a7:1c:ce:e4:44:2c:9f:93:3f:79:a2:b0:85:57:27:76:8d:
         17:63:01:1c:f8:e2:76:a7:f2:eb:50:65:cc:28:3e:f1:21:d1:
         7e:cd:ce:46:6b:0a:11:e4:33:f2:7c:14:e6:91:31:fc:b7:98:
         8e:b5:e1:16:8e:62:e4:b8:76:d2:45:7e:3a:9f:f4:6a:37:a5:
         70:d5:3f:a2:f4:76:50:fa:63:2c:02:7e:82:2b:01:12:2a:b3:
         ff:a2:c5:ad:9e:c2:d8:93:ae:da:7f:4a:0b:3e:8f:b5:ad:6d:
         4b:a8:18:28:57:a5:77:e7:8e:18:02:65:d0:77:36:2b:86:92:
         f8:b5:31:52:f0:78:b9:00:1f:0d:c2:d3:4a:87:0d:af:10:d0:
         d5:99:c4:ff:6e:99:5b:77:43:c0:bc:79:06:7d:73:01:cc:00:
         f7:59:9e:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyMA6WIZa4aRyxA97rjHKYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThl
YmY5MzQwHhcNMjMxMjIxMTA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjc4YTNiMzBhMTNjZmVkOWNiYjVkMGFhMzQ1NGJjYmRlYzAxOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJEybKeLqXbCYwpvW1DyZCQUzCd/
AHeDr2Ibtp2sOIQYnoL7ZELbcMWFj8MtZJz1DrRa6lM3sUo5MddCXJlga9aIVzJT
gg3q0cBX9H1784FzhvRugGmsB1mIt0Z7LHKL/eIuROmZHWpo+b8wPXQdPR4IfnTo
WW8LFrw94M+KGypZ4s5w6+YhwE1+1jydqldEFutY5ITdd64Umr7pR94lXUBRexbB
Dp0i2RyqlXdH80f3s3Robs5qHVfvpWldquOv0QK7/zno86EBIlgPDcrJgebUYmWQ
t48pMmaXn2QuquIQQkllVTJqrK6z+qlC3IA+yCc5Qi3C4NDpD2etUySZCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJ4o7MKE8/tnLtdCqNFS8vewBlPMB8GA1UdIwQY
MBaAFDTQ7HrEw5Hk7LqdCjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUt
YjdjMjY5NmJhZTUwLzEvVW5panN3b1R6LTJjdTEwS28wVkx5OTdBR1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUw
LzEvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+fIAwQB
w1j+MA0GCSqGSIb3DQEBCwUAA4IBAQAY0L/ZYSNsRV1+FPWtwPIuSjzOlKwWGa5m
Q9FnRr62AH7FncCCWHTeZlADfhBYW4KcPt7TJQS0BCjxQf0964M+0R7fXaDZlhbM
UXWAM4eACxNGNf8eAoM6+jw1pxzO5EQsn5M/eaKwhVcndo0XYwEc+OJ2p/LrUGXM
KD7xIdF+zc5GawoR5DPyfBTmkTH8t5iOteEWjmLkuHbSRX46n/RqN6Vw1T+i9HZQ
+mMsAn6CKwESKrP/osWtnsLYk67af0oLPo+1rW1LqBgoV6V3544YAmXQdzYrhpL4
tTFS8Hi5AB8NwtNKhw2vENDVmcT/bplbd0PAvHkGfXMBzAD3WZ7n
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:59 2024 by rpki-client on console-ams.rpki-client.org