Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8bdb68-7016-468b-9751-0f59527f34cb/1/LM49MpZxvH4ErH58mxO4XreuOfI.roa
File:                     LM49MpZxvH4ErH58mxO4XreuOfI.roa (raw, json)
Hash identifier:          kTRNfA3IBgRHfmwB9D4owiK1j7DVlRJNC4fTcypvlDg=
Subject key identifier:   2C:CE:3D:32:96:71:BC:7E:04:AC:7E:7C:9B:13:B8:5E:B7:AE:39:F2
Certificate issuer:       /CN=36811c8affafb0ac1f5f7f6ff7b64bb70346457d
Certificate serial:       018B05CD52502D663C29C213AD74BEAC815A
Authority key identifier: 36:81:1C:8A:FF:AF:B0:AC:1F:5F:7F:6F:F7:B6:4B:B7:03:46:45:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NoEciv-vsKwfX39v97ZLtwNGRX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/8bdb68-7016-468b-9751-0f59527f34cb/1/LM49MpZxvH4ErH58mxO4XreuOfI.roa
Signing time:             Fri 06 Oct 2023 16:23:43 +0000
ROA not before:           Fri 06 Oct 2023 16:23:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205446
IP address blocks:        91.216.210.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:05:cd:52:50:2d:66:3c:29:c2:13:ad:74:be:ac:81:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36811c8affafb0ac1f5f7f6ff7b64bb70346457d
        Validity
            Not Before: Oct  6 16:23:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2cce3d329671bc7e04ac7e7c9b13b85eb7ae39f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:df:c6:ae:10:d9:e9:c7:c2:38:7b:a3:21:37:
                    0e:f9:dd:cb:cc:97:69:50:57:d4:ac:a7:fa:64:67:
                    ad:ee:88:aa:25:95:ee:ee:26:9f:c5:08:6f:af:e0:
                    e0:fe:2c:94:2e:be:3d:0c:46:c8:d9:64:4d:1b:b8:
                    d2:a6:c4:62:e2:09:7e:d1:da:94:4d:00:61:22:50:
                    cd:f7:30:8d:3b:89:6c:45:47:45:80:0e:c1:03:ca:
                    19:28:c6:19:dd:f6:9f:74:25:c1:9c:63:f7:ba:c8:
                    3c:45:9a:00:96:aa:fb:f1:96:36:20:e5:ce:a2:02:
                    3e:a1:e6:36:c1:be:1f:e5:8c:81:06:e8:58:01:f4:
                    78:e0:1c:8f:b7:e9:35:71:0b:52:e1:44:2a:e3:4d:
                    8a:c7:04:ab:9a:d6:59:c5:32:be:64:50:6c:f0:a5:
                    b2:97:f1:c4:72:70:2f:20:5d:83:77:5e:a9:fb:41:
                    b0:b7:11:6e:a2:99:2a:0d:b0:56:c8:86:ef:16:ef:
                    0d:d5:59:4a:63:12:33:47:5a:77:f0:0e:f1:46:91:
                    54:36:f2:be:23:2b:86:56:89:6e:ae:e0:e6:6d:1c:
                    43:38:32:da:de:fc:99:be:b6:1a:52:5d:09:c1:9e:
                    fd:43:68:34:63:d8:02:4e:10:94:e6:01:8e:51:c9:
                    0a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:CE:3D:32:96:71:BC:7E:04:AC:7E:7C:9B:13:B8:5E:B7:AE:39:F2
            X509v3 Authority Key Identifier:
                keyid:36:81:1C:8A:FF:AF:B0:AC:1F:5F:7F:6F:F7:B6:4B:B7:03:46:45:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NoEciv-vsKwfX39v97ZLtwNGRX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8bdb68-7016-468b-9751-0f59527f34cb/1/LM49MpZxvH4ErH58mxO4XreuOfI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8bdb68-7016-468b-9751-0f59527f34cb/1/NoEciv-vsKwfX39v97ZLtwNGRX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:0c:5d:49:b4:14:4e:2a:cb:e0:90:65:de:78:56:cf:61:e0:
         58:97:41:8c:9b:70:8e:9b:d9:bd:d3:89:41:f2:cc:c7:af:30:
         b8:e2:f0:6e:97:70:7d:50:64:83:d6:be:b9:d6:22:21:c1:dd:
         35:48:c9:61:3e:0c:b9:ba:02:71:42:1c:1a:8c:5b:e7:59:de:
         c5:57:e6:f4:32:bb:3a:07:5f:76:21:90:b3:87:05:1a:28:b1:
         2b:2c:a3:fc:e4:a9:d6:ad:0c:f7:c4:70:73:12:2c:8a:a9:05:
         ea:8c:9d:40:7d:bd:12:66:b2:49:0b:68:02:b1:cb:72:c2:c8:
         f7:d8:2b:00:10:bc:d1:43:e4:d2:e5:66:4b:4c:6b:21:63:ad:
         53:d7:01:c3:f4:1a:05:33:57:44:2b:e9:da:a1:c4:75:85:e6:
         3b:48:73:69:b6:41:74:1f:c3:9e:f5:5c:a1:f6:9c:04:b8:fe:
         ec:74:7a:39:00:bd:df:e7:26:5f:53:1b:e8:e8:32:1a:eb:3d:
         37:24:c1:e6:72:96:09:84:7c:52:3e:c3:8a:43:6f:11:4b:d6:
         0d:74:d9:fc:60:da:3b:37:bf:bf:d1:ea:8a:d1:a8:a0:60:df:
         75:6c:5d:63:4f:bc:ba:f4:d4:5e:1a:9e:74:af:3a:c8:0c:58:
         ef:3d:e7:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsFzVJQLWY8KcITrXS+rIFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ODExYzhhZmZhZmIwYWMxZjVmN2Y2ZmY3YjY0YmI3MDM0
NjQ1N2QwHhcNMjMxMDA2MTYyMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2NlM2QzMjk2NzFiYzdlMDRhYzdlN2M5YjEzYjg1ZWI3YWUzOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd/GrhDZ6cfCOHujITcO+d3LzJdp
UFfUrKf6ZGet7oiqJZXu7iafxQhvr+Dg/iyULr49DEbI2WRNG7jSpsRi4gl+0dqU
TQBhIlDN9zCNO4lsRUdFgA7BA8oZKMYZ3fafdCXBnGP3usg8RZoAlqr78ZY2IOXO
ogI+oeY2wb4f5YyBBuhYAfR44ByPt+k1cQtS4UQq402KxwSrmtZZxTK+ZFBs8KWy
l/HEcnAvIF2Dd16p+0GwtxFuopkqDbBWyIbvFu8N1VlKYxIzR1p38A7xRpFUNvK+
IyuGVoluruDmbRxDODLa3vyZvrYaUl0JwZ79Q2g0Y9gCThCU5gGOUckKGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCzOPTKWcbx+BKx+fJsTuF63rjnyMB8GA1UdIwQY
MBaAFDaBHIr/r7CsH19/b/e2S7cDRkV9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm9FY2l2LXZzS3dmWDM5djk3Wkx0d05HUlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84YmRiNjgtNzAxNi00NjhiLTk3NTEt
MGY1OTUyN2YzNGNiLzEvTE00OU1wWnh2SDRFckg1OG14TzRYcmV1T2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84YmRiNjgtNzAxNi00NjhiLTk3NTEtMGY1OTUyN2YzNGNi
LzEvTm9FY2l2LXZzS3dmWDM5djk3Wkx0d05HUlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9jSMA0G
CSqGSIb3DQEBCwUAA4IBAQCFDF1JtBROKsvgkGXeeFbPYeBYl0GMm3COm9m904lB
8szHrzC44vBul3B9UGSD1r651iIhwd01SMlhPgy5ugJxQhwajFvnWd7FV+b0Mrs6
B192IZCzhwUaKLErLKP85KnWrQz3xHBzEiyKqQXqjJ1Afb0SZrJJC2gCsctywsj3
2CsAELzRQ+TS5WZLTGshY61T1wHD9BoFM1dEK+naocR1heY7SHNptkF0H8Oe9Vyh
9pwEuP7sdHo5AL3f5yZfUxvo6DIa6z03JMHmcpYJhHxSPsOKQ28RS9YNdNn8YNo7
N7+/0eqK0aigYN91bF1jT7y69NReGp50rzrIDFjvPedR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:24 2024 by rpki-client on console-fra.rpki-client.org