Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/JOvx0TSelhyT2WLtJ0NjB2kgkgQ.roa
File:                     JOvx0TSelhyT2WLtJ0NjB2kgkgQ.roa (raw, json)
Hash identifier:          mJSn8hg+SHd8qRk5MDwztBcCQFJxyIcWJRg33KXXY9U=
Subject key identifier:   24:EB:F1:D1:34:9E:96:1C:93:D9:62:ED:27:43:63:07:69:20:92:04
Certificate issuer:       /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial:       018B612E74F29B7E477AAF0ADEBDADDAAF7D
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/JOvx0TSelhyT2WLtJ0NjB2kgkgQ.roa
Signing time:             Tue 24 Oct 2023 10:15:16 +0000
ROA not before:           Tue 24 Oct 2023 10:15:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.126.158.0/23 maxlen: 24
                          91.221.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Dec 2023 08:21:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:61:2e:74:f2:9b:7e:47:7a:af:0a:de:bd:ad:da:af:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
        Validity
            Not Before: Oct 24 10:15:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24ebf1d1349e961c93d962ed2743630769209204
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:64:85:ca:bd:35:8f:e9:d2:c9:87:eb:24:cf:
                    a8:d5:cc:62:a1:8c:ef:8b:8a:71:9d:43:9c:82:25:
                    10:50:6d:cd:93:36:8a:4b:5b:91:89:7e:db:73:46:
                    ab:ae:7a:f1:6a:3c:bd:c3:56:82:1c:11:68:df:7b:
                    78:5d:73:c9:fe:bd:cb:28:68:31:f2:ec:e4:b9:3d:
                    4e:8f:2a:c8:a1:9b:24:3b:8a:ad:c7:6f:47:68:d9:
                    f7:e8:1f:7b:9d:43:20:e0:4c:32:d5:2d:2a:d2:71:
                    d7:e4:a9:1c:4a:49:17:e1:a1:5e:a1:2d:f4:da:0b:
                    64:b0:55:5d:d6:10:b4:f1:2a:3e:0a:71:34:ef:de:
                    b4:65:ba:a6:5e:5d:24:98:b8:e4:83:d1:e9:6e:72:
                    cb:9a:b8:e2:02:d5:4c:3b:8d:69:b4:32:41:20:f6:
                    7d:3a:3d:da:5c:33:e0:a7:23:c8:9a:f2:5c:79:86:
                    b8:d2:c3:a5:78:68:37:d9:54:ac:cd:52:b5:a2:c0:
                    79:05:57:ab:bc:49:80:ac:75:f2:1b:3d:6d:e9:c0:
                    7f:f6:73:e6:c0:1e:25:d9:98:aa:4c:bf:1f:f0:fd:
                    82:16:80:2d:bc:f2:c1:27:20:c9:2e:61:60:18:eb:
                    54:8e:2c:3a:26:77:2a:ff:21:d4:f4:74:0d:d2:28:
                    c5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:EB:F1:D1:34:9E:96:1C:93:D9:62:ED:27:43:63:07:69:20:92:04
            X509v3 Authority Key Identifier:
                keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/JOvx0TSelhyT2WLtJ0NjB2kgkgQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.221.232.0/24
                  185.126.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         63:60:a6:c7:cd:7e:15:38:b3:02:0a:65:50:66:9d:ca:8b:d9:
         85:7a:1c:90:36:aa:d7:af:61:b2:6f:25:40:1f:8e:d6:ff:e7:
         df:43:a6:07:28:a1:dc:44:cd:05:55:5a:7a:a5:b6:ba:e9:22:
         04:da:b5:2c:fc:f1:08:f1:95:82:e2:40:3a:9e:a4:8b:f6:06:
         73:56:1a:a5:a4:a9:7e:2f:be:f4:25:4f:bf:29:f2:23:8a:18:
         cd:fc:25:44:83:47:5c:ea:59:93:c1:f2:71:20:9c:65:27:5c:
         c2:32:b4:45:7e:b2:b6:13:48:26:02:50:d4:17:15:ea:85:0e:
         5a:60:f6:92:1d:bf:2a:c0:17:a5:15:1f:3f:9a:8b:9a:d6:25:
         8d:1f:51:e4:a4:14:72:ee:c5:73:62:31:27:90:3d:91:8e:e9:
         40:3c:4c:c4:7a:b3:c8:37:dc:1e:6d:f1:f0:19:2a:18:ed:52:
         ce:9b:fd:d1:c3:98:ff:7b:4e:da:01:6d:cf:95:38:97:62:4f:
         04:65:ba:18:ea:6a:25:61:03:4b:88:14:10:0f:5f:1b:97:f2:
         17:ed:34:5b:93:45:0e:9c:99:84:ea:ad:58:df:72:77:3d:46:
         71:58:43:cc:84:c7:e8:1f:bb:21:20:ee:a8:25:78:5f:f5:3b:
         e0:bf:6b:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYthLnTym35Heq8K3r2t2q99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMxMDI0MTAxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGViZjFkMTM0OWU5NjFjOTNkOTYyZWQyNzQzNjMwNzY5MjA5MjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGSFyr01j+nSyYfrJM+o1cxioYzv
i4pxnUOcgiUQUG3NkzaKS1uRiX7bc0arrnrxajy9w1aCHBFo33t4XXPJ/r3LKGgx
8uzkuT1OjyrIoZskO4qtx29HaNn36B97nUMg4Ewy1S0q0nHX5KkcSkkX4aFeoS30
2gtksFVd1hC08So+CnE07960ZbqmXl0kmLjkg9HpbnLLmrjiAtVMO41ptDJBIPZ9
Oj3aXDPgpyPImvJceYa40sOleGg32VSszVK1osB5BVervEmArHXyGz1t6cB/9nPm
wB4l2ZiqTL8f8P2CFoAtvPLBJyDJLmFgGOtUjiw6Jncq/yHU9HQN0ijFZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCTr8dE0npYck9li7SdDYwdpIJIEMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvSk92eDBUU2VsaHlUMldMdEowTmpCMmtna2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW93oAwQB
uX6eMA0GCSqGSIb3DQEBCwUAA4IBAQBjYKbHzX4VOLMCCmVQZp3Ki9mFehyQNqrX
r2GybyVAH47W/+ffQ6YHKKHcRM0FVVp6pba66SIE2rUs/PEI8ZWC4kA6nqSL9gZz
VhqlpKl+L770JU+/KfIjihjN/CVEg0dc6lmTwfJxIJxlJ1zCMrRFfrK2E0gmAlDU
FxXqhQ5aYPaSHb8qwBelFR8/moua1iWNH1HkpBRy7sVzYjEnkD2RjulAPEzEerPI
N9webfHwGSoY7VLOm/3Rw5j/e07aAW3PlTiXYk8EZboY6molYQNLiBQQD18bl/IX
7TRbk0UOnJmE6q1Y33J3PUZxWEPMhMfoH7shIO6oJXhf9Tvgv2vU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org