Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/ztKOXdlqoa-PS16yNTbbSczXQ4o.roa
File:                     ztKOXdlqoa-PS16yNTbbSczXQ4o.roa (raw, json)
Hash identifier:          Nnes56Szvz/kYXdbtSXTCLya9D1RiC47Rl36dvvnSxM=
Subject key identifier:   CE:D2:8E:5D:D9:6A:A1:AF:8F:4B:5E:B2:35:36:DB:49:CC:D7:43:8A
Certificate issuer:       /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial:       018571BA3C0B7E0B925804C19F5B0A28E4E8
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/ztKOXdlqoa-PS16yNTbbSczXQ4o.roa
Signing time:             Mon 02 Jan 2023 09:05:08 +0000
ROA not before:           Mon 02 Jan 2023 09:05:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51823
IP address blocks:        91.220.132.0/24 maxlen: 24
                          193.3.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:3c:0b:7e:0b:92:58:04:c1:9f:5b:0a:28:e4:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
        Validity
            Not Before: Jan  2 09:05:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ced28e5dd96aa1af8f4b5eb23536db49ccd7438a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:fe:f0:aa:56:df:d6:5b:fd:eb:af:16:46:99:
                    49:28:1a:2e:8d:46:56:d3:50:5f:0e:cd:69:aa:ff:
                    90:98:b6:e4:60:84:22:3b:22:f1:f5:1c:e8:d4:91:
                    33:b8:b7:6b:6b:17:4d:9b:95:6a:c3:ba:21:1b:b2:
                    6f:e9:56:23:0b:53:a3:1f:6d:0b:3b:35:82:3c:61:
                    c6:d5:f4:a1:d4:71:b5:70:7e:d6:3d:bd:b6:3f:a6:
                    93:cc:e3:f9:a6:49:f8:ec:15:86:3b:d7:b4:dd:4e:
                    8f:b9:47:29:97:fa:ae:f6:ab:e9:00:35:f9:d9:39:
                    4c:57:93:b3:60:ec:7b:0d:5a:3e:3b:2d:ff:b4:1e:
                    27:32:ff:db:5a:04:85:c3:69:22:2e:19:fb:9f:a4:
                    34:9f:e5:8f:87:fe:24:4d:17:57:69:37:3b:8c:3c:
                    67:b4:8b:37:47:5a:8b:98:2b:47:d6:83:d0:29:21:
                    27:71:6e:19:85:58:65:2c:ff:3a:b2:01:a7:a1:5f:
                    60:9e:65:1b:76:80:27:2c:25:4a:c3:6d:bb:3e:9d:
                    5b:f5:b4:6e:ce:eb:e2:72:ee:96:19:94:e1:e6:8d:
                    5f:ab:74:95:df:c7:da:b3:1d:9d:fb:97:b2:b0:ea:
                    15:af:ee:cd:51:d5:90:1b:37:d2:79:e4:51:2b:0c:
                    84:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:D2:8E:5D:D9:6A:A1:AF:8F:4B:5E:B2:35:36:DB:49:CC:D7:43:8A
            X509v3 Authority Key Identifier:
                keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/ztKOXdlqoa-PS16yNTbbSczXQ4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.132.0/24
                  193.3.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:db:76:1c:a4:a3:d3:c4:15:14:20:be:58:3e:c9:99:20:23:
         7c:85:ff:c4:a9:11:bf:00:bc:2c:56:e2:52:bd:05:b9:5d:f5:
         58:9d:85:be:e3:8d:ae:9e:14:89:59:c0:58:34:c0:1c:91:7e:
         35:22:13:3b:26:be:be:ab:73:5c:87:7e:99:eb:e9:24:7e:53:
         19:09:01:b5:72:1e:69:8d:8e:33:55:95:a4:2c:05:95:04:e9:
         44:0f:c9:f5:ba:59:06:a7:52:91:1c:0c:fe:cf:dc:7a:e8:c0:
         1c:ca:b5:85:62:8a:51:35:4a:22:87:36:bd:e2:b5:b5:80:db:
         42:46:07:c4:27:79:49:e0:5e:49:03:a9:77:0a:1c:f0:91:44:
         e6:c6:e7:e0:fa:70:86:68:1e:da:3e:6d:62:5a:c4:12:d8:f7:
         f1:33:1f:08:7d:83:55:c2:7e:b6:62:5e:a8:61:55:3e:75:fa:
         97:ae:25:32:1d:1a:98:4b:9f:b4:76:3a:b6:14:74:e9:84:23:
         68:f2:2f:48:f0:67:3d:80:c3:e2:c9:5e:48:dc:55:40:de:b8:
         f9:a6:73:f9:73:7a:d0:f7:9f:41:f2:88:7f:41:a1:47:5b:e1:
         47:54:36:5d:70:4a:48:51:89:6e:04:8a:3e:13:c9:7c:14:05:
         08:e1:cc:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxujwLfguSWATBn1sKKOToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjMwMTAyMDkwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQyOGU1ZGQ5NmFhMWFmOGY0YjVlYjIzNTM2ZGI0OWNjZDc0MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf7wqlbf1lv9668WRplJKBoujUZW
01BfDs1pqv+QmLbkYIQiOyLx9Rzo1JEzuLdraxdNm5Vqw7ohG7Jv6VYjC1OjH20L
OzWCPGHG1fSh1HG1cH7WPb22P6aTzOP5pkn47BWGO9e03U6PuUcpl/qu9qvpADX5
2TlMV5OzYOx7DVo+Oy3/tB4nMv/bWgSFw2kiLhn7n6Q0n+WPh/4kTRdXaTc7jDxn
tIs3R1qLmCtH1oPQKSEncW4ZhVhlLP86sgGnoV9gnmUbdoAnLCVKw227Pp1b9bRu
zuvicu6WGZTh5o1fq3SV38fasx2d+5eysOoVr+7NUdWQGzfSeeRRKwyE9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM7Sjl3ZaqGvj0tesjU220nM10OKMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvenRLT1hkbHFvYS1QUzE2eU5UYmJTY3pYUTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yEAwQA
wQOsMA0GCSqGSIb3DQEBCwUAA4IBAQBy23YcpKPTxBUUIL5YPsmZICN8hf/EqRG/
ALwsVuJSvQW5XfVYnYW+442unhSJWcBYNMAckX41IhM7Jr6+q3Nch36Z6+kkflMZ
CQG1ch5pjY4zVZWkLAWVBOlED8n1ulkGp1KRHAz+z9x66MAcyrWFYopRNUoihza9
4rW1gNtCRgfEJ3lJ4F5JA6l3ChzwkUTmxufg+nCGaB7aPm1iWsQS2PfxMx8IfYNV
wn62Yl6oYVU+dfqXriUyHRqYS5+0djq2FHTphCNo8i9I8Gc9gMPiyV5I3FVA3rj5
pnP5c3rQ959B8oh/QaFHW+FHVDZdcEpIUYluBIo+E8l8FAUI4cy3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:19 2024 by rpki-client on console-ams.rpki-client.org