Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/fc4690-080f-4018-89a1-93b4fe5157ec/1/uWkxNaVpdy7lXB87rXYgc0_EKBQ.roa
File:                     uWkxNaVpdy7lXB87rXYgc0_EKBQ.roa (raw, json)
Hash identifier:          iNPH9lNxwlx1PNJuH8RA+50GIwduGrdNF/RVgI40830=
Subject key identifier:   B9:69:31:35:A5:69:77:2E:E5:5C:1F:3B:AD:76:20:73:4F:C4:28:14
Certificate issuer:       /CN=96f2da2fa1bc8ed2f2bc6b703a8bf15340f97cfa
Certificate serial:       0185B5282B473603BFA5485C69559E38F9FF
Authority key identifier: 96:F2:DA:2F:A1:BC:8E:D2:F2:BC:6B:70:3A:8B:F1:53:40:F9:7C:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lvLaL6G8jtLyvGtwOovxU0D5fPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/fc4690-080f-4018-89a1-93b4fe5157ec/1/uWkxNaVpdy7lXB87rXYgc0_EKBQ.roa
Signing time:             Sun 15 Jan 2023 11:19:46 +0000
ROA not before:           Sun 15 Jan 2023 11:19:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197645
IP address blocks:        91.223.212.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:b5:28:2b:47:36:03:bf:a5:48:5c:69:55:9e:38:f9:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96f2da2fa1bc8ed2f2bc6b703a8bf15340f97cfa
        Validity
            Not Before: Jan 15 11:19:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b9693135a569772ee55c1f3bad7620734fc42814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b3:35:e4:9c:a8:d8:8c:0c:05:9f:d9:30:82:
                    a7:c1:35:f9:80:6c:32:4d:fe:dc:24:eb:9f:34:80:
                    55:4e:ec:2d:d5:04:bf:e1:f9:f8:23:3f:b8:f6:8a:
                    f7:9f:5b:ae:b0:0c:8b:8b:7c:ee:80:12:ad:fc:da:
                    a3:48:d1:50:43:af:dc:ee:fd:8a:e2:1a:cf:14:1c:
                    40:ce:41:02:0f:dc:38:65:f6:b8:61:f7:c0:69:b9:
                    a4:85:da:27:18:89:3c:05:ef:e9:0b:22:59:71:b6:
                    45:1b:b3:99:f7:93:b7:06:18:a5:a8:d1:66:bc:2a:
                    4d:88:ec:7b:67:c7:f6:9d:91:4e:54:b4:54:0e:f7:
                    be:9e:a2:fe:37:2f:9c:e7:a7:c7:a6:4b:0a:cd:c4:
                    73:de:11:25:a0:fc:3f:e9:1f:d3:f7:d6:5f:23:89:
                    b9:79:f5:55:06:c5:a9:95:3d:00:06:38:2a:17:1c:
                    1b:05:17:a2:28:8d:f4:08:80:8e:68:39:7e:32:73:
                    ee:41:b5:31:ac:28:ca:66:7c:01:97:94:a6:7e:59:
                    df:ef:09:cc:64:0b:39:d9:3a:a9:9d:80:2b:07:ca:
                    33:68:f2:9b:81:63:a3:7a:26:7a:fe:ab:6e:fb:cb:
                    6f:52:27:ab:38:46:df:09:ee:54:1c:31:68:5c:34:
                    b6:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:69:31:35:A5:69:77:2E:E5:5C:1F:3B:AD:76:20:73:4F:C4:28:14
            X509v3 Authority Key Identifier:
                keyid:96:F2:DA:2F:A1:BC:8E:D2:F2:BC:6B:70:3A:8B:F1:53:40:F9:7C:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvLaL6G8jtLyvGtwOovxU0D5fPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/fc4690-080f-4018-89a1-93b4fe5157ec/1/uWkxNaVpdy7lXB87rXYgc0_EKBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/fc4690-080f-4018-89a1-93b4fe5157ec/1/lvLaL6G8jtLyvGtwOovxU0D5fPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:b2:77:27:7f:ae:8d:e6:e8:d1:1b:ab:a6:22:a8:70:c5:26:
         29:0c:63:6a:f6:27:13:42:aa:06:e0:44:53:67:c3:5c:ce:fb:
         12:62:14:d9:5f:a7:42:f6:1e:c4:e6:ad:25:bd:9c:16:2c:bc:
         a3:fb:43:b1:95:73:5a:d6:0e:da:1c:27:ce:09:5e:97:e5:55:
         92:8e:14:35:5d:b8:cf:41:bc:8e:b2:c8:40:01:f7:54:88:f7:
         ce:fa:ec:a6:8f:c8:14:29:09:02:af:7e:04:a4:62:ae:01:14:
         51:4c:3c:b1:5d:ea:d1:99:15:36:f1:b5:c1:91:36:4b:7d:3e:
         99:61:38:33:96:37:5f:20:b4:38:0b:f9:ff:16:03:fd:37:56:
         31:e0:8e:d5:21:ea:2b:f5:55:ab:fe:0d:1e:ba:90:c4:88:9e:
         3a:4d:15:b1:ac:57:7c:62:df:51:9d:b5:8d:a6:de:67:a3:1d:
         9c:f6:75:cf:fa:42:5f:83:0b:20:26:ff:28:2b:cb:6f:01:00:
         b9:ae:bb:6f:37:ee:d0:ea:88:d1:59:c6:73:26:9f:57:cc:c9:
         4d:ca:be:dd:50:9e:d9:15:92:7e:65:03:b3:ef:95:bf:9e:ab:
         9e:e6:93:44:80:ab:c4:21:12:b2:a4:58:d8:56:22:1a:e4:d6:
         b1:8d:54:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW1KCtHNgO/pUhcaVWeOPn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjJkYTJmYTFiYzhlZDJmMmJjNmI3MDNhOGJmMTUzNDBm
OTdjZmEwHhcNMjMwMTE1MTExOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTY5MzEzNWE1Njk3NzJlZTU1YzFmM2JhZDc2MjA3MzRmYzQyODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybM15Jyo2IwMBZ/ZMIKnwTX5gGwy
Tf7cJOufNIBVTuwt1QS/4fn4Iz+49or3n1uusAyLi3zugBKt/NqjSNFQQ6/c7v2K
4hrPFBxAzkECD9w4Zfa4YffAabmkhdonGIk8Be/pCyJZcbZFG7OZ95O3BhilqNFm
vCpNiOx7Z8f2nZFOVLRUDve+nqL+Ny+c56fHpksKzcRz3hEloPw/6R/T99ZfI4m5
efVVBsWplT0ABjgqFxwbBReiKI30CICOaDl+MnPuQbUxrCjKZnwBl5Smflnf7wnM
ZAs52TqpnYArB8ozaPKbgWOjeiZ6/qtu+8tvUierOEbfCe5UHDFoXDS24wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlpMTWlaXcu5VwfO612IHNPxCgUMB8GA1UdIwQY
MBaAFJby2i+hvI7S8rxrcDqL8VNA+Xz6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZMYUw2RzhqdEx5dkd0d09vdnhVMEQ1ZlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9mYzQ2OTAtMDgwZi00MDE4LTg5YTEt
OTNiNGZlNTE1N2VjLzEvdVdreE5hVnBkeTdsWEI4N3JYWWdjMF9FS0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9mYzQ2OTAtMDgwZi00MDE4LTg5YTEtOTNiNGZlNTE1N2Vj
LzEvbHZMYUw2RzhqdEx5dkd0d09vdnhVMEQ1ZlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/UMA0G
CSqGSIb3DQEBCwUAA4IBAQAzsncnf66N5ujRG6umIqhwxSYpDGNq9icTQqoG4ERT
Z8NczvsSYhTZX6dC9h7E5q0lvZwWLLyj+0OxlXNa1g7aHCfOCV6X5VWSjhQ1XbjP
QbyOsshAAfdUiPfO+uymj8gUKQkCr34EpGKuARRRTDyxXerRmRU28bXBkTZLfT6Z
YTgzljdfILQ4C/n/FgP9N1Yx4I7VIeor9VWr/g0eupDEiJ46TRWxrFd8Yt9RnbWN
pt5nox2c9nXP+kJfgwsgJv8oK8tvAQC5rrtvN+7Q6ojRWcZzJp9XzMlNyr7dUJ7Z
FZJ+ZQOz75W/nque5pNEgKvEIRKypFjYViIa5NaxjVT6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:58 2024 by rpki-client on console-fra.rpki-client.org