Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67ffe9-8d98-4c6d-be2a-3f6ec249717c/1/DgAwoPHahDy0rowBfMuIAJHSzEQ.roa
File:                     DgAwoPHahDy0rowBfMuIAJHSzEQ.roa (raw, json)
Hash identifier:          CKnqAkLgSiwF5Ht+8uo7TLOwcfUMUJ7lobmp9Yi6JD0=
Subject key identifier:   0E:00:30:A0:F1:DA:84:3C:B4:AE:8C:01:7C:CB:88:00:91:D2:CC:44
Certificate issuer:       /CN=ab2e5b67f25cbd882ca4d023d21ef98d483735db
Certificate serial:       01856E02036A979973AB2492CD6D4F2432A5
Authority key identifier: AB:2E:5B:67:F2:5C:BD:88:2C:A4:D0:23:D2:1E:F9:8D:48:37:35:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy5bZ_JcvYgspNAj0h75jUg3Nds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/67ffe9-8d98-4c6d-be2a-3f6ec249717c/1/DgAwoPHahDy0rowBfMuIAJHSzEQ.roa
Signing time:             Sun 01 Jan 2023 15:45:03 +0000
ROA not before:           Sun 01 Jan 2023 15:45:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25160
IP address blocks:        91.244.236.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:02:03:6a:97:99:73:ab:24:92:cd:6d:4f:24:32:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2e5b67f25cbd882ca4d023d21ef98d483735db
        Validity
            Not Before: Jan  1 15:45:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e0030a0f1da843cb4ae8c017ccb880091d2cc44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:b5:9e:70:a1:ce:50:f9:c7:d9:ab:c2:a7:bb:
                    1d:99:da:0d:79:2a:ab:4c:0b:0b:57:06:55:5a:b4:
                    db:cb:d3:48:33:11:22:75:be:b7:17:f1:57:1d:80:
                    d7:97:4e:24:72:e1:08:e1:e1:c5:86:0a:e2:32:43:
                    18:1f:a1:0c:9e:72:54:37:11:56:cc:3d:cb:60:8e:
                    5e:31:ba:31:6e:34:22:19:27:57:c3:78:c7:4b:a6:
                    24:79:4f:75:55:ae:75:3f:68:2c:87:b5:3a:3b:7d:
                    68:5a:84:ce:a6:3b:4b:d8:5b:5f:9e:a3:da:3f:5e:
                    de:3f:df:b8:19:3e:60:79:da:c2:4e:a5:bc:1b:b2:
                    ed:08:b1:6b:f9:94:78:f9:ad:11:d4:42:57:cb:d6:
                    12:da:8b:07:cd:c5:bd:4e:ed:d5:12:f6:95:ff:58:
                    bf:70:cf:47:d9:ae:68:4a:0e:48:01:b7:5c:3c:93:
                    08:9b:a6:26:52:6b:91:41:5b:01:f9:46:6f:23:5f:
                    4f:5c:69:08:0b:69:be:27:73:27:43:34:db:51:86:
                    5d:8f:db:e1:db:10:89:91:46:c3:fc:9e:f1:a2:f6:
                    21:3c:81:92:a9:4a:b9:b7:17:a1:62:5d:b6:3c:d6:
                    53:a7:59:0d:ac:ed:a3:ff:20:d9:f3:e7:00:36:b7:
                    08:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:00:30:A0:F1:DA:84:3C:B4:AE:8C:01:7C:CB:88:00:91:D2:CC:44
            X509v3 Authority Key Identifier:
                keyid:AB:2E:5B:67:F2:5C:BD:88:2C:A4:D0:23:D2:1E:F9:8D:48:37:35:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy5bZ_JcvYgspNAj0h75jUg3Nds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67ffe9-8d98-4c6d-be2a-3f6ec249717c/1/DgAwoPHahDy0rowBfMuIAJHSzEQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67ffe9-8d98-4c6d-be2a-3f6ec249717c/1/qy5bZ_JcvYgspNAj0h75jUg3Nds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.244.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         88:85:51:fd:58:c5:d7:79:f7:ef:fa:24:58:04:10:40:64:4a:
         92:67:35:0f:54:28:ba:ca:c7:62:7e:31:9c:a4:6b:14:1c:b4:
         24:a6:0c:45:18:dc:11:00:b0:9a:e0:7b:f8:bc:04:80:29:24:
         5c:6f:a0:fd:5e:79:73:6f:f2:62:18:58:e4:7e:c2:af:58:e8:
         8b:e7:3f:e5:fb:cb:90:06:e6:ea:af:14:5b:27:f5:53:40:fc:
         db:9a:80:44:d1:12:e6:5e:f1:58:0e:2a:9d:58:d8:41:fc:9b:
         42:4a:f4:cb:15:a6:b8:14:0e:8c:78:13:2d:3f:70:63:bf:06:
         03:0e:43:7a:07:b3:c9:c2:f4:72:d8:3a:6f:f0:91:ea:a3:d6:
         e7:75:10:5c:c1:f0:bf:0c:f1:24:10:d3:dc:ef:ab:92:e2:c6:
         00:99:ef:d2:ec:2d:2b:9f:8b:05:9b:c8:80:71:10:2a:f8:35:
         bf:66:08:3e:a9:7b:b5:f3:b1:41:a9:a0:7d:8b:83:88:28:58:
         13:00:b7:4f:cd:e4:2f:cf:e6:fa:36:3c:1a:02:cd:4b:81:f3:
         c6:f6:b0:84:9f:a9:88:bb:a0:a4:72:3d:72:b2:3f:e4:68:ea:
         e1:df:c8:c8:79:02:98:5e:b5:e0:a0:39:44:a6:61:1b:de:3e:
         2b:6c:21:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAgNql5lzqySSzW1PJDKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMmU1YjY3ZjI1Y2JkODgyY2E0ZDAyM2QyMWVmOThkNDgz
NzM1ZGIwHhcNMjMwMTAxMTU0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTAwMzBhMGYxZGE4NDNjYjRhZThjMDE3Y2NiODgwMDkxZDJjYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7WecKHOUPnH2avCp7sdmdoNeSqr
TAsLVwZVWrTby9NIMxEidb63F/FXHYDXl04kcuEI4eHFhgriMkMYH6EMnnJUNxFW
zD3LYI5eMboxbjQiGSdXw3jHS6YkeU91Va51P2gsh7U6O31oWoTOpjtL2FtfnqPa
P17eP9+4GT5gedrCTqW8G7LtCLFr+ZR4+a0R1EJXy9YS2osHzcW9Tu3VEvaV/1i/
cM9H2a5oSg5IAbdcPJMIm6YmUmuRQVsB+UZvI19PXGkIC2m+J3MnQzTbUYZdj9vh
2xCJkUbD/J7xovYhPIGSqUq5txehYl22PNZTp1kNrO2j/yDZ8+cANrcI+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4AMKDx2oQ8tK6MAXzLiACR0sxEMB8GA1UdIwQY
MBaAFKsuW2fyXL2ILKTQI9Ie+Y1INzXbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXk1YlpfSmN2WWdzcE5BajBoNzVqVWczTmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2ZmZTktOGQ5OC00YzZkLWJlMmEt
M2Y2ZWMyNDk3MTdjLzEvRGdBd29QSGFoRHkwcm93QmZNdUlBSkhTekVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC82N2ZmZTktOGQ5OC00YzZkLWJlMmEtM2Y2ZWMyNDk3MTdj
LzEvcXk1YlpfSmN2WWdzcE5BajBoNzVqVWczTmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/TsMA0G
CSqGSIb3DQEBCwUAA4IBAQCIhVH9WMXXeffv+iRYBBBAZEqSZzUPVCi6ysdifjGc
pGsUHLQkpgxFGNwRALCa4Hv4vASAKSRcb6D9Xnlzb/JiGFjkfsKvWOiL5z/l+8uQ
BubqrxRbJ/VTQPzbmoBE0RLmXvFYDiqdWNhB/JtCSvTLFaa4FA6MeBMtP3BjvwYD
DkN6B7PJwvRy2Dpv8JHqo9bndRBcwfC/DPEkENPc76uS4sYAme/S7C0rn4sFm8iA
cRAq+DW/Zgg+qXu187FBqaB9i4OIKFgTALdPzeQvz+b6NjwaAs1LgfPG9rCEn6mI
u6Ckcj1ysj/kaOrh38jIeQKYXrXgoDlEpmEb3j4rbCGW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:41 2024 by rpki-client on console-fra.rpki-client.org