Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/dh5NHld56aIRH2nOZRlgyMlWt4c.roa
File:                     dh5NHld56aIRH2nOZRlgyMlWt4c.roa (raw, json)
Hash identifier:          cjXndx5k/TDNHb2Ndm77kacR79ukC0vG9j/gkhWEb9k=
Subject key identifier:   76:1E:4D:1E:57:79:E9:A2:11:1F:69:CE:65:19:60:C8:C9:56:B7:87
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       018D46F1F94FDFD48B0E4966A55AD2C54B53
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/dh5NHld56aIRH2nOZRlgyMlWt4c.roa
Signing time:             Fri 26 Jan 2024 18:04:39 +0000
ROA not before:           Fri 26 Jan 2024 18:04:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3320
IP address blocks:        91.247.178.0/24 maxlen: 24
                          178.23.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 22:53:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:46:f1:f9:4f:df:d4:8b:0e:49:66:a5:5a:d2:c5:4b:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Jan 26 18:04:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=761e4d1e5779e9a2111f69ce651960c8c956b787
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5c:1e:97:9a:db:fe:c8:4d:2e:aa:e2:69:3b:
                    02:45:bc:1e:bc:fb:fd:74:2e:d5:19:e2:fb:a6:7c:
                    d4:2d:b2:dd:aa:18:d8:ee:de:de:3e:d7:0a:1a:41:
                    bf:6b:71:cb:1a:d7:30:70:23:57:8c:ac:d9:78:b2:
                    73:e2:5d:d6:34:f8:7b:ac:ab:5b:c9:db:de:39:f5:
                    cd:ca:ea:ac:89:56:a1:b3:4b:2b:e0:dd:db:b5:30:
                    20:9a:d8:0e:37:42:7a:89:e9:26:bf:c6:89:0b:a2:
                    40:09:fc:58:64:1b:c6:32:a2:6b:ed:d6:55:87:e9:
                    ca:0e:90:a0:c7:14:8a:36:ad:c0:0b:35:4e:74:47:
                    93:b7:ee:d0:a9:97:ba:13:ea:ef:2b:0c:d3:d9:ec:
                    b6:4b:04:c8:f2:d1:3a:1a:84:b0:6b:56:53:ac:31:
                    7a:b4:b2:68:95:fa:14:1c:38:35:a3:7a:2b:ae:35:
                    30:dd:50:db:36:c9:4a:5d:ce:28:d5:d4:39:3d:09:
                    71:17:95:dd:75:13:aa:bf:f2:70:bd:c9:60:4a:65:
                    38:bf:bc:5f:56:1b:5f:60:d0:b5:cd:8f:e7:4c:b9:
                    81:8d:37:78:c4:13:56:e9:8b:9d:ac:ae:39:63:30:
                    df:4c:c3:46:98:c1:5b:5c:40:84:a9:f3:cd:d9:a8:
                    56:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:1E:4D:1E:57:79:E9:A2:11:1F:69:CE:65:19:60:C8:C9:56:B7:87
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/dh5NHld56aIRH2nOZRlgyMlWt4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.247.178.0/24
                  178.23.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:07:7e:5d:f7:41:29:96:88:dd:56:4c:6d:1b:d6:74:10:50:
         e8:a1:7a:c1:36:97:63:58:b4:6d:b4:8e:3c:f1:ba:45:f5:b1:
         d9:11:24:1b:34:02:ef:aa:23:6e:98:4e:d1:e9:d2:29:fa:c1:
         8c:15:a4:06:bb:20:50:e6:68:b9:1a:eb:a9:3e:e8:2c:24:ab:
         c8:d2:59:85:ce:83:1c:9c:21:c2:5e:c2:10:8f:5d:00:25:7c:
         6f:7c:69:65:35:d4:a1:d3:3e:2c:a4:07:99:e7:a1:68:7a:99:
         1e:85:ea:c6:bf:ae:37:25:c7:e0:00:12:50:c4:a0:f1:18:97:
         c1:07:ae:09:36:b3:1b:b4:35:77:45:b2:5d:6d:04:bb:12:35:
         8a:5a:56:f8:d8:0f:6d:31:bc:37:68:92:27:de:75:0d:c6:66:
         2f:2b:df:83:94:34:7b:59:ae:fd:f5:b1:a3:cb:1b:61:e1:4a:
         bc:ec:3c:3c:29:1b:9e:90:0a:da:f2:fb:41:46:4c:a7:73:c5:
         85:06:4b:cf:a9:a0:18:74:82:82:62:07:0b:47:aa:a5:40:04:
         07:31:a7:11:ab:60:34:d6:b6:03:b5:03:bc:a3:e1:48:3d:d5:
         f2:17:d3:8a:f8:70:52:60:82:4a:7c:44:13:a6:f6:ec:44:78:
         78:0a:dc:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1G8flP39SLDklmpVrSxUtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMTI2MTgwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjFlNGQxZTU3NzllOWEyMTExZjY5Y2U2NTE5NjBjOGM5NTZiNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslwel5rb/shNLqriaTsCRbwevPv9
dC7VGeL7pnzULbLdqhjY7t7ePtcKGkG/a3HLGtcwcCNXjKzZeLJz4l3WNPh7rKtb
ydveOfXNyuqsiVahs0sr4N3btTAgmtgON0J6iekmv8aJC6JACfxYZBvGMqJr7dZV
h+nKDpCgxxSKNq3ACzVOdEeTt+7QqZe6E+rvKwzT2ey2SwTI8tE6GoSwa1ZTrDF6
tLJolfoUHDg1o3orrjUw3VDbNslKXc4o1dQ5PQlxF5XddROqv/JwvclgSmU4v7xf
VhtfYNC1zY/nTLmBjTd4xBNW6YudrK45YzDfTMNGmMFbXECEqfPN2ahWVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHYeTR5XeemiER9pzmUZYMjJVreHMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvZGg1TkhsZDU2YUlSSDJuT1pSbGd5TWxXdDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/eyAwQA
she8MA0GCSqGSIb3DQEBCwUAA4IBAQCNB35d90EplojdVkxtG9Z0EFDooXrBNpdj
WLRttI488bpF9bHZESQbNALvqiNumE7R6dIp+sGMFaQGuyBQ5mi5GuupPugsJKvI
0lmFzoMcnCHCXsIQj10AJXxvfGllNdSh0z4spAeZ56FoepkeherGv643JcfgABJQ
xKDxGJfBB64JNrMbtDV3RbJdbQS7EjWKWlb42A9tMbw3aJIn3nUNxmYvK9+DlDR7
Wa799bGjyxth4Uq87Dw8KRuekAra8vtBRkync8WFBkvPqaAYdIKCYgcLR6qlQAQH
MacRq2A01rYDtQO8o+FIPdXyF9OK+HBSYIJKfEQTpvbsRHh4Ctxv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:01 2024 by rpki-client on console-fra.rpki-client.org