Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/RbXogvXpC9KrCMZCCODaWIxWbek.roa
File:                     RbXogvXpC9KrCMZCCODaWIxWbek.roa (raw, json)
Hash identifier:          OtOcCnhclOAjbTLl40CBSjNKeIR+spYBnp5bRHDZa2c=
Subject key identifier:   45:B5:E8:82:F5:E9:0B:D2:AB:08:C6:42:08:E0:DA:58:8C:56:6D:E9
Certificate issuer:       /CN=eb50d3084bf8aa9ea777d245b60d511be189eab2
Certificate serial:       01856F823FDB6CA27C9EA6EDEC09EF869704
Authority key identifier: EB:50:D3:08:4B:F8:AA:9E:A7:77:D2:45:B6:0D:51:1B:E1:89:EA:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/61DTCEv4qp6nd9JFtg1RG-GJ6rI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/RbXogvXpC9KrCMZCCODaWIxWbek.roa
Signing time:             Sun 01 Jan 2023 22:44:45 +0000
ROA not before:           Sun 01 Jan 2023 22:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49127
IP address blocks:        91.217.253.0/24 maxlen: 24
                          91.220.28.0/24 maxlen: 24
                          91.220.35.0/24 maxlen: 24
                          164.138.248.0/21 maxlen: 24
                          164.138.254.0/24 maxlen: 24
                          91.220.71.0/24 maxlen: 24
                          2a0a:7d40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:82:3f:db:6c:a2:7c:9e:a6:ed:ec:09:ef:86:97:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb50d3084bf8aa9ea777d245b60d511be189eab2
        Validity
            Not Before: Jan  1 22:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=45b5e882f5e90bd2ab08c64208e0da588c566de9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b0:19:5d:30:40:af:31:b4:85:ae:1d:d9:0b:
                    97:e9:e3:af:4c:aa:f3:31:a7:03:af:39:01:be:9a:
                    fd:23:d9:27:64:a4:3e:4f:88:b6:92:9f:0c:46:b8:
                    21:6f:a4:38:ac:06:1d:6e:f5:57:d9:fd:be:32:00:
                    9f:6c:c1:cc:11:81:f9:17:e0:ef:df:1d:6c:46:5b:
                    1a:d4:15:d8:38:22:77:e0:8b:8b:1d:9a:14:3c:cc:
                    33:3c:c7:9e:67:e7:a8:ec:a3:35:ea:e9:1a:7f:6a:
                    41:08:57:4f:03:a8:63:25:47:20:78:5c:c5:0b:5b:
                    75:c2:6f:6f:a4:6e:86:de:1b:a9:58:a9:4e:14:31:
                    d8:df:eb:63:f6:9a:f5:06:63:4e:a1:27:71:49:f4:
                    da:12:70:43:e5:78:c9:40:b3:1a:a4:95:41:97:cb:
                    bd:dd:77:2a:68:cc:e2:9e:44:b3:aa:3c:0f:d3:f1:
                    2f:57:0a:88:42:af:55:ff:c2:88:22:ec:a9:41:a6:
                    a2:66:35:69:b5:b6:07:55:2f:8e:15:2a:c6:b9:ac:
                    ce:8a:65:b2:9d:b9:ff:e7:58:ee:4b:d3:e6:c3:ab:
                    0f:e3:61:33:59:21:bb:69:10:8e:b9:05:ab:76:4e:
                    bc:ed:61:f0:76:e3:c0:3a:80:15:5c:a9:81:39:a4:
                    de:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:B5:E8:82:F5:E9:0B:D2:AB:08:C6:42:08:E0:DA:58:8C:56:6D:E9
            X509v3 Authority Key Identifier:
                keyid:EB:50:D3:08:4B:F8:AA:9E:A7:77:D2:45:B6:0D:51:1B:E1:89:EA:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61DTCEv4qp6nd9JFtg1RG-GJ6rI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/RbXogvXpC9KrCMZCCODaWIxWbek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/61DTCEv4qp6nd9JFtg1RG-GJ6rI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.253.0/24
                  91.220.28.0/24
                  91.220.35.0/24
                  91.220.71.0/24
                  164.138.248.0/21
                IPv6:
                  2a0a:7d40::/32

    Signature Algorithm: sha256WithRSAEncryption
         34:b2:94:b2:d0:08:70:87:61:08:f9:1b:08:95:10:d1:ec:6c:
         7d:ce:98:a0:34:60:61:0d:6b:e0:79:70:c6:7c:6d:ee:28:d1:
         21:6e:4d:eb:ee:00:ae:cd:cc:6a:f9:5d:45:45:ee:d8:df:2a:
         1d:1b:76:73:5b:31:ae:ba:e8:8c:8b:a2:54:a7:cb:a2:82:d0:
         54:fa:fc:22:73:d2:3f:4d:48:49:39:a5:06:bf:ab:c3:bd:d7:
         1f:08:d4:c1:fc:d0:0e:46:92:48:70:7b:52:f0:a5:1a:d0:88:
         42:35:01:c4:7c:8e:dd:18:9d:4b:ec:1b:75:a9:c0:25:cd:e5:
         e1:0b:7a:ca:7e:da:6c:b3:19:26:3d:67:ee:8d:4f:17:c4:87:
         25:84:a2:eb:41:6b:cf:9f:cf:03:63:e4:ad:13:4e:7f:f6:7d:
         4a:ed:3d:b8:21:59:87:a6:8c:d0:c2:c1:89:d1:57:83:84:a1:
         ec:43:12:b9:b2:72:c8:cc:53:89:30:bc:e3:14:f0:9b:66:92:
         3b:e2:17:c3:d4:f4:d4:33:f1:df:26:bd:6d:47:5c:65:3e:7a:
         0f:44:57:b0:ea:ca:fc:37:f4:c8:5b:5e:1f:51:69:b9:7f:39:
         7b:12:00:ed:34:7a:10:a6:0b:87:43:b2:15:a1:1d:4d:bd:ba:
         c7:ee:da:0e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVvgj/bbKJ8nqbt7AnvhpcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTBkMzA4NGJmOGFhOWVhNzc3ZDI0NWI2MGQ1MTFiZTE4
OWVhYjIwHhcNMjMwMTAxMjI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWI1ZTg4MmY1ZTkwYmQyYWIwOGM2NDIwOGUwZGE1ODhjNTY2ZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7AZXTBArzG0ha4d2QuX6eOvTKrz
MacDrzkBvpr9I9knZKQ+T4i2kp8MRrghb6Q4rAYdbvVX2f2+MgCfbMHMEYH5F+Dv
3x1sRlsa1BXYOCJ34IuLHZoUPMwzPMeeZ+eo7KM16ukaf2pBCFdPA6hjJUcgeFzF
C1t1wm9vpG6G3hupWKlOFDHY3+tj9pr1BmNOoSdxSfTaEnBD5XjJQLMapJVBl8u9
3XcqaMzinkSzqjwP0/EvVwqIQq9V/8KIIuypQaaiZjVptbYHVS+OFSrGuazOimWy
nbn/51juS9Pmw6sP42EzWSG7aRCOuQWrdk687WHwduPAOoAVXKmBOaTedQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEW16IL16QvSqwjGQgjg2liMVm3pMB8GA1UdIwQY
MBaAFOtQ0whL+Kqep3fSRbYNURvhieqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFEVENFdjRxcDZuZDlKRnRnMVJHLUdKNnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xMmU3MmMtNzQ5MS00N2UyLWFjNTMt
YWMwYzYwMTAwNDc4LzEvUmJYb2d2WHBDOUtyQ01aQ0NPRGFXSXhXYmVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xMmU3MmMtNzQ5MS00N2UyLWFjNTMtYWMwYzYwMTAwNDc4
LzEvNjFEVENFdjRxcDZuZDlKRnRnMVJHLUdKNnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW9n9AwQA
W9wcAwQAW9wjAwQAW9xHAwQDpIr4MA0EAgACMAcDBQAqCn1AMA0GCSqGSIb3DQEB
CwUAA4IBAQA0spSy0Ahwh2EI+RsIlRDR7Gx9zpigNGBhDWvgeXDGfG3uKNEhbk3r
7gCuzcxq+V1FRe7Y3yodG3ZzWzGuuuiMi6JUp8uigtBU+vwic9I/TUhJOaUGv6vD
vdcfCNTB/NAORpJIcHtS8KUa0IhCNQHEfI7dGJ1L7Bt1qcAlzeXhC3rKftpssxkm
PWfujU8XxIclhKLrQWvPn88DY+StE05/9n1K7T24IVmHpozQwsGJ0VeDhKHsQxK5
snLIzFOJMLzjFPCbZpI74hfD1PTUM/HfJr1tR1xlPnoPRFew6sr8N/TIW14fUWm5
fzl7EgDtNHoQpguHQ7IVoR1NvbrH7toO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:54 2024 by rpki-client on console-ams.rpki-client.org