Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/j3vxqGH-YffbHbB3_NQFqcONQGg.roa
File:                     j3vxqGH-YffbHbB3_NQFqcONQGg.roa (raw, json)
Hash identifier:          jJSfS8CUPvIymbZ1Mf7hDejneFVH/OQ8oLe/CK0vNlU=
Subject key identifier:   8F:7B:F1:A8:61:FE:61:F7:DB:1D:B0:77:FC:D4:05:A9:C3:8D:40:68
Certificate issuer:       /CN=36900183cf08a6e5bc807846294a46062e190e3b
Certificate serial:       0187E23B7FC41D7D64CD45B8B76512045A70
Authority key identifier: 36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/j3vxqGH-YffbHbB3_NQFqcONQGg.roa
Signing time:             Wed 03 May 2023 15:29:22 +0000
ROA not before:           Wed 03 May 2023 15:29:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        80.91.218.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e2:3b:7f:c4:1d:7d:64:cd:45:b8:b7:65:12:04:5a:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36900183cf08a6e5bc807846294a46062e190e3b
        Validity
            Not Before: May  3 15:29:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f7bf1a861fe61f7db1db077fcd405a9c38d4068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:83:22:e8:45:7e:6f:97:90:ef:f0:e1:4d:41:
                    04:31:3b:6f:a6:e8:b8:37:93:64:6c:f9:9a:6a:89:
                    79:82:f5:72:3e:a7:47:94:2c:27:78:f6:14:a4:61:
                    bb:4f:64:30:94:f8:8f:30:a9:9a:cf:0b:9b:58:ab:
                    fe:8c:9b:d5:cb:d3:ed:b0:c9:3f:2e:18:47:0b:bf:
                    79:15:b4:e3:0d:d7:2a:79:85:29:61:a7:96:06:e3:
                    1d:e1:2d:0c:64:74:1a:e2:ae:39:17:ae:bf:16:98:
                    59:7c:75:5a:4e:db:69:28:40:da:7a:56:c5:07:e6:
                    05:23:af:83:c6:0d:9d:d7:25:c0:08:ca:db:89:15:
                    25:8b:48:16:59:4c:70:83:5c:1e:1e:83:79:85:f3:
                    fb:75:4d:5d:de:93:7d:0e:b0:ea:85:c7:ed:6b:fd:
                    8b:b5:a6:f1:66:2e:65:8c:c8:a3:41:ab:ca:c8:bc:
                    c1:c3:0f:a7:66:41:67:aa:e8:a8:5e:56:37:9f:0a:
                    58:4d:1f:27:c8:64:e0:fa:6b:57:bc:14:c5:69:82:
                    7b:e9:8a:62:cc:d4:57:8f:1b:23:04:ea:e2:24:5f:
                    89:09:2e:57:d6:af:ae:0c:8b:25:65:75:42:0d:4e:
                    0b:2d:34:e4:cf:58:35:14:79:2a:41:31:c1:ba:ba:
                    d4:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:7B:F1:A8:61:FE:61:F7:DB:1D:B0:77:FC:D4:05:A9:C3:8D:40:68
            X509v3 Authority Key Identifier:
                keyid:36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/j3vxqGH-YffbHbB3_NQFqcONQGg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.91.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:d9:6c:13:01:1f:ff:86:0d:52:a4:b5:49:7f:45:18:26:b3:
         7b:d0:48:d0:8d:45:c4:a4:12:43:34:19:55:e0:7b:c6:1c:0c:
         4d:0e:06:b8:f1:81:04:28:35:32:18:c5:c8:89:1e:05:d9:52:
         fb:69:c1:e1:9b:86:27:b2:2b:c4:bb:0b:16:08:63:f4:b3:37:
         1b:cc:2d:30:61:fd:41:c0:51:6b:9c:df:f3:49:6d:a1:b1:f5:
         4d:41:3e:63:32:7c:ac:62:9b:ef:57:48:4a:30:46:8d:91:31:
         b6:79:b6:f0:c6:6a:5b:a9:a7:a8:7e:d6:75:c4:52:ac:84:ee:
         98:a3:9c:43:65:30:c8:db:6c:8b:3f:20:3a:0d:ec:44:21:55:
         ea:f7:cf:3e:ff:a0:00:9e:d2:58:e7:a0:34:e5:76:1e:6e:3c:
         00:1d:3e:20:4f:a5:ee:98:6d:87:fe:97:b4:97:fc:82:eb:0a:
         78:d3:84:dd:b2:76:68:10:a9:a1:0f:55:00:cb:72:22:57:71:
         f6:8a:83:56:2b:7d:e9:a9:11:8a:de:bc:52:b9:27:90:e2:91:
         18:d3:7a:6d:94:0e:42:c8:af:ab:9d:f0:70:27:97:40:c8:70:
         9a:83:52:df:b1:92:72:14:c3:26:72:62:1c:7f:ed:36:92:a7:
         0d:9c:b3:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfiO3/EHX1kzUW4t2USBFpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTAwMTgzY2YwOGE2ZTViYzgwNzg0NjI5NGE0NjA2MmUx
OTBlM2IwHhcNMjMwNTAzMTUyOTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjdiZjFhODYxZmU2MWY3ZGIxZGIwNzdmY2Q0MDVhOWMzOGQ0MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYMi6EV+b5eQ7/DhTUEEMTtvpui4
N5NkbPmaaol5gvVyPqdHlCwnePYUpGG7T2QwlPiPMKmazwubWKv+jJvVy9PtsMk/
LhhHC795FbTjDdcqeYUpYaeWBuMd4S0MZHQa4q45F66/FphZfHVaTttpKEDaelbF
B+YFI6+Dxg2d1yXACMrbiRUli0gWWUxwg1weHoN5hfP7dU1d3pN9DrDqhcfta/2L
tabxZi5ljMijQavKyLzBww+nZkFnquioXlY3nwpYTR8nyGTg+mtXvBTFaYJ76Ypi
zNRXjxsjBOriJF+JCS5X1q+uDIslZXVCDU4LLTTkz1g1FHkqQTHBurrU5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI978ahh/mH32x2wd/zUBanDjUBoMB8GA1UdIwQY
MBaAFDaQAYPPCKblvIB4RilKRgYuGQ47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBBQmc4OElwdVc4Z0hoR0tVcEdCaTRaRGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81YTMyYmMtMDgzNi00N2VjLWI1YjMt
MmY1YjZhODNmYWYzLzEvajN2eHFHSC1ZZmZiSGJCM19OUUZxY09OUUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81YTMyYmMtMDgzNi00N2VjLWI1YjMtMmY1YjZhODNmYWYz
LzEvTnBBQmc4OElwdVc4Z0hoR0tVcEdCaTRaRGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvaMA0G
CSqGSIb3DQEBCwUAA4IBAQCW2WwTAR//hg1SpLVJf0UYJrN70EjQjUXEpBJDNBlV
4HvGHAxNDga48YEEKDUyGMXIiR4F2VL7acHhm4YnsivEuwsWCGP0szcbzC0wYf1B
wFFrnN/zSW2hsfVNQT5jMnysYpvvV0hKMEaNkTG2ebbwxmpbqaeoftZ1xFKshO6Y
o5xDZTDI22yLPyA6DexEIVXq988+/6AAntJY56A05XYebjwAHT4gT6XumG2H/pe0
l/yC6wp404TdsnZoEKmhD1UAy3IiV3H2ioNWK33pqRGK3rxSuSeQ4pEY03ptlA5C
yK+rnfBwJ5dAyHCag1LfsZJyFMMmcmIcf+02kqcNnLO8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:52 2024 by rpki-client on console-ams.rpki-client.org