Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/k2r7hThpEZZRgVg7SKjTkhcZd-M.roa
File:                     k2r7hThpEZZRgVg7SKjTkhcZd-M.roa (raw, json)
Hash identifier:          6Yg3M8dvpvU6HwVWeJOtgYohDjEhaXp2EBn+pV8MNMU=
Subject key identifier:   93:6A:FB:85:38:69:11:96:51:81:58:3B:48:A8:D3:92:17:19:77:E3
Certificate issuer:       /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial:       0189976C0BC93332250E8A5B8D34F5AD1429
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/k2r7hThpEZZRgVg7SKjTkhcZd-M.roa
Signing time:             Thu 27 Jul 2023 12:56:27 +0000
ROA not before:           Thu 27 Jul 2023 12:56:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        91.200.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:97:6c:0b:c9:33:32:25:0e:8a:5b:8d:34:f5:ad:14:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
        Validity
            Not Before: Jul 27 12:56:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=936afb85386911965181583b48a8d392171977e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c6:cf:c3:31:a7:ff:0c:12:10:57:09:4b:31:
                    a4:71:47:a4:f3:08:b0:a9:49:ff:d3:2f:80:a7:a5:
                    26:3d:83:c4:9e:de:82:2c:1a:e4:95:60:03:70:68:
                    20:eb:36:1f:09:6b:24:e0:d9:2b:23:ca:69:68:89:
                    68:5b:fc:ca:99:d4:99:f0:82:77:7e:b2:c8:11:de:
                    93:8a:d1:bf:dc:54:23:bc:78:d5:96:a5:17:8d:22:
                    2b:11:c7:a7:b6:8d:ef:6a:6a:0d:f7:ea:6c:9d:70:
                    10:7b:9d:3e:ae:ac:16:1f:95:90:1c:1a:a5:d9:68:
                    5a:75:42:a5:2b:15:c0:81:05:c7:17:41:8c:9d:33:
                    00:e8:42:69:6a:1e:4f:6c:b5:e4:be:be:2c:01:b6:
                    50:91:d8:30:89:1f:81:0a:40:27:c4:29:b1:c6:d5:
                    9d:87:66:0c:9e:41:52:fa:38:e9:85:51:5f:1a:fe:
                    65:97:ac:d4:64:9a:ce:ad:be:4d:97:86:98:74:d2:
                    cd:b8:96:26:82:1d:2f:98:a7:32:a3:1e:8d:99:7e:
                    51:3a:dc:e0:97:da:b3:1a:d7:38:42:c9:d3:60:f1:
                    5e:f2:98:44:1d:69:75:0d:1a:43:a8:02:4f:0f:6b:
                    0c:b8:0e:a1:39:b7:e7:24:03:98:77:61:b3:b0:1e:
                    44:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:6A:FB:85:38:69:11:96:51:81:58:3B:48:A8:D3:92:17:19:77:E3
            X509v3 Authority Key Identifier:
                keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/k2r7hThpEZZRgVg7SKjTkhcZd-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.200.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:7f:6f:6f:62:93:28:e2:66:eb:3d:ea:c1:93:59:b3:1d:8e:
         4f:1e:e2:d2:93:da:3c:0a:7e:c4:90:16:da:db:b5:e8:e0:f0:
         1e:d4:60:88:37:89:53:a3:1a:a7:9c:be:ed:dd:16:cc:fa:df:
         48:5d:86:2e:98:89:1a:2e:59:b0:3b:d2:b8:cd:f5:cd:02:b7:
         6f:2b:3a:2d:c4:e0:d1:c2:89:14:40:9b:89:df:9c:a0:ff:03:
         8b:a3:2f:39:9c:53:d4:cf:b3:6c:0f:ee:db:8c:4e:af:85:ba:
         fa:dd:e2:f6:b1:06:5d:af:73:72:54:04:60:9b:7a:b4:91:32:
         ff:ab:62:0c:8f:a3:e0:ee:3c:50:ef:29:31:c9:c0:c3:36:07:
         eb:6a:82:57:a6:79:52:44:07:1c:b2:25:a2:84:d0:17:2e:02:
         f9:be:0d:43:aa:d2:bd:c2:38:a2:b1:45:f6:dc:75:b2:a7:b5:
         64:53:2d:6e:84:e2:f4:17:8e:03:c3:05:94:0a:2c:5b:2a:c9:
         f3:c5:9b:e0:c6:dd:bf:8e:d8:25:1e:dd:8a:4e:bd:2b:e7:80:
         ed:64:9c:be:8c:11:f3:8c:ba:3a:72:3b:4a:c8:1c:4b:78:40:
         df:60:5e:ed:dc:da:84:67:91:5c:e6:de:62:21:31:b3:61:de:
         b4:b7:75:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmXbAvJMzIlDopbjTT1rRQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzI3MTI1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzZhZmI4NTM4NjkxMTk2NTE4MTU4M2I0OGE4ZDM5MjE3MTk3N2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cbPwzGn/wwSEFcJSzGkcUek8wiw
qUn/0y+Ap6UmPYPEnt6CLBrklWADcGgg6zYfCWsk4NkrI8ppaIloW/zKmdSZ8IJ3
frLIEd6TitG/3FQjvHjVlqUXjSIrEcento3vamoN9+psnXAQe50+rqwWH5WQHBql
2WhadUKlKxXAgQXHF0GMnTMA6EJpah5PbLXkvr4sAbZQkdgwiR+BCkAnxCmxxtWd
h2YMnkFS+jjphVFfGv5ll6zUZJrOrb5Nl4aYdNLNuJYmgh0vmKcyox6NmX5ROtzg
l9qzGtc4QsnTYPFe8phEHWl1DRpDqAJPD2sMuA6hObfnJAOYd2GzsB5EIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNq+4U4aRGWUYFYO0io05IXGXfjMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvazJyN2hUaHBFWlpSZ1ZnN1NLalRraGNaZC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jfMA0G
CSqGSIb3DQEBCwUAA4IBAQAnf29vYpMo4mbrPerBk1mzHY5PHuLSk9o8Cn7EkBba
27Xo4PAe1GCIN4lToxqnnL7t3RbM+t9IXYYumIkaLlmwO9K4zfXNArdvKzotxODR
wokUQJuJ35yg/wOLoy85nFPUz7NsD+7bjE6vhbr63eL2sQZdr3NyVARgm3q0kTL/
q2IMj6Pg7jxQ7ykxycDDNgfraoJXpnlSRAccsiWihNAXLgL5vg1DqtK9wjiisUX2
3HWyp7VkUy1uhOL0F44DwwWUCixbKsnzxZvgxt2/jtglHt2KTr0r54DtZJy+jBHz
jLo6cjtKyBxLeEDfYF7t3NqEZ5Fc5t5iITGzYd60t3UO
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:29 2024 by rpki-client on console-ams.rpki-client.org