Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/zXbl31I3stRsW53Zq5_Al9zar30.roa
File:                     zXbl31I3stRsW53Zq5_Al9zar30.roa (raw, json)
Hash identifier:          wHUurRXw26j8rzl/+Bf0Kp97ibZM0QkW4UgM3mfQeS4=
Subject key identifier:   CD:76:E5:DF:52:37:B2:D4:6C:5B:9D:D9:AB:9F:C0:97:DC:DA:AF:7D
Certificate issuer:       /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial:       01856D4AD2F8AB754EB3920EA580E495EE67
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/zXbl31I3stRsW53Zq5_Al9zar30.roa
Signing time:             Sun 01 Jan 2023 12:24:58 +0000
ROA not before:           Sun 01 Jan 2023 12:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        91.221.116.0/23 maxlen: 24
                          91.221.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Mar 2023 19:20:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:4a:d2:f8:ab:75:4e:b3:92:0e:a5:80:e4:95:ee:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
        Validity
            Not Before: Jan  1 12:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cd76e5df5237b2d46c5b9dd9ab9fc097dcdaaf7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:dd:f5:f5:be:08:34:8d:1f:d4:28:b3:3a:ad:
                    15:d8:a4:03:6a:6f:41:d2:4d:c7:b6:3f:81:29:12:
                    e4:29:ab:d9:15:38:be:91:3f:5e:43:95:27:50:3c:
                    37:1f:fb:ca:62:af:c7:fe:d3:f9:17:d8:cc:c2:08:
                    be:90:40:c3:2c:08:7d:da:2f:ba:6d:8b:4a:e2:99:
                    6b:2d:82:71:cd:fb:af:91:00:f3:d3:4b:a4:17:3d:
                    61:51:be:2e:cf:e7:9c:6e:91:f9:3c:2c:b4:41:7a:
                    c4:79:72:90:fd:7d:d8:a4:c6:1d:ba:b6:94:bb:48:
                    bf:7c:ac:dc:ed:6f:f6:bc:76:b6:d4:09:76:12:4f:
                    8e:28:7b:1a:b0:ad:84:9f:08:22:26:a6:37:24:00:
                    4b:81:17:2a:79:2f:c6:c2:8a:86:ff:db:ce:0d:8f:
                    a1:34:e0:b2:aa:2b:86:28:85:8c:fb:e0:1c:58:2b:
                    79:68:31:d2:52:ed:d3:aa:a2:59:9d:b2:57:88:2a:
                    38:e0:fb:9f:b3:5b:56:50:45:f4:5e:cc:36:e7:53:
                    ac:8d:95:5e:3e:dc:a5:3e:32:da:c1:d7:82:14:c4:
                    e9:5f:74:45:86:39:bd:d5:2f:03:6c:48:f7:da:e7:
                    0c:0b:88:c4:d8:77:e5:78:9b:2b:0b:e1:32:67:56:
                    c2:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:76:E5:DF:52:37:B2:D4:6C:5B:9D:D9:AB:9F:C0:97:DC:DA:AF:7D
            X509v3 Authority Key Identifier:
                keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/zXbl31I3stRsW53Zq5_Al9zar30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.221.116.0/23
                  91.221.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:35:90:e3:53:42:5c:91:f9:47:b4:60:71:97:9d:f6:e5:28:
         02:bf:25:e9:17:cd:0d:30:d8:dd:ce:9e:2f:99:2d:fa:09:05:
         8e:5f:a7:49:7c:c9:6a:81:fd:e2:c7:bf:5c:03:08:51:1d:a9:
         56:2c:94:64:bc:79:5d:03:ff:ca:97:b6:70:46:87:aa:81:22:
         fc:19:2e:73:e1:13:5c:1e:df:d3:f7:85:20:f6:e5:1b:1d:33:
         4e:b0:f1:e2:1c:e5:49:8f:dc:ae:1b:0c:3c:d1:8a:1e:1e:ef:
         d8:fa:22:f7:f2:ff:47:94:d3:2d:72:6b:7b:e6:a1:41:ea:ab:
         00:ea:a8:b4:65:8c:c8:b2:ad:df:56:62:0a:ee:cc:3f:9b:40:
         2b:7f:51:8f:b8:d7:27:25:7b:af:43:f5:fe:0d:42:ce:9b:c7:
         10:bf:d4:49:5f:92:0d:4a:d8:c4:2f:f4:69:fc:51:8b:a4:5b:
         39:7c:51:f6:9f:f9:80:ea:d9:82:6b:4c:64:49:3f:e9:1e:f1:
         3c:ad:b8:2a:3d:28:78:83:c0:13:86:69:b7:df:36:20:50:6e:
         14:ae:98:2d:65:6a:6b:5e:f3:9b:0e:83:0d:b1:0f:56:b1:b1:
         07:41:30:c7:d1:33:3d:4e:30:35:60:98:5f:a6:42:6a:9c:00:
         4d:97:a5:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtStL4q3VOs5IOpYDkle5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwMTAxMTIyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDc2ZTVkZjUyMzdiMmQ0NmM1YjlkZDlhYjlmYzA5N2RjZGFhZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN319b4INI0f1CizOq0V2KQDam9B
0k3Htj+BKRLkKavZFTi+kT9eQ5UnUDw3H/vKYq/H/tP5F9jMwgi+kEDDLAh92i+6
bYtK4plrLYJxzfuvkQDz00ukFz1hUb4uz+ecbpH5PCy0QXrEeXKQ/X3YpMYduraU
u0i/fKzc7W/2vHa21Al2Ek+OKHsasK2EnwgiJqY3JABLgRcqeS/GwoqG/9vODY+h
NOCyqiuGKIWM++AcWCt5aDHSUu3TqqJZnbJXiCo44Pufs1tWUEX0Xsw251OsjZVe
PtylPjLawdeCFMTpX3RFhjm91S8DbEj32ucMC4jE2HfleJsrC+EyZ1bCNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM125d9SN7LUbFud2aufwJfc2q99MB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvelhibDMxSTNzdFJzVzUzWnE1X0FsOXphcjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW910AwQA
W93oMA0GCSqGSIb3DQEBCwUAA4IBAQBINZDjU0JckflHtGBxl5325SgCvyXpF80N
MNjdzp4vmS36CQWOX6dJfMlqgf3ix79cAwhRHalWLJRkvHldA//Kl7ZwRoeqgSL8
GS5z4RNcHt/T94Ug9uUbHTNOsPHiHOVJj9yuGww80YoeHu/Y+iL38v9HlNMtcmt7
5qFB6qsA6qi0ZYzIsq3fVmIK7sw/m0Arf1GPuNcnJXuvQ/X+DULOm8cQv9RJX5IN
StjEL/Rp/FGLpFs5fFH2n/mA6tmCa0xkST/pHvE8rbgqPSh4g8AThmm33zYgUG4U
rpgtZWprXvObDoMNsQ9WsbEHQTDH0TM9TjA1YJhfpkJqnABNl6XQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:38 2024 by rpki-client on console-ams.rpki-client.org