Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a5056f-6948-4130-9077-5f3d06f6a5d2/1/OV_kPrJLkdqAfyoKhi-CxSKz5ZY.roa
File:                     OV_kPrJLkdqAfyoKhi-CxSKz5ZY.roa (raw, json)
Hash identifier:          4WRYMAV+ILvYerNtcYPwQ0BcusKlyNjJQqvre9hxoDY=
Subject key identifier:   39:5F:E4:3E:B2:4B:91:DA:80:7F:2A:0A:86:2F:82:C5:22:B3:E5:96
Certificate issuer:       /CN=4c4be43394a7c2bf1e8fdfbb1d506fa37ac73231
Certificate serial:       01856F1DAD99DCA9E26DB9F885586DD601A3
Authority key identifier: 4C:4B:E4:33:94:A7:C2:BF:1E:8F:DF:BB:1D:50:6F:A3:7A:C7:32:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TEvkM5Snwr8ej9-7HVBvo3rHMjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a5056f-6948-4130-9077-5f3d06f6a5d2/1/OV_kPrJLkdqAfyoKhi-CxSKz5ZY.roa
Signing time:             Sun 01 Jan 2023 20:54:54 +0000
ROA not before:           Sun 01 Jan 2023 20:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199860
IP address blocks:        91.132.230.0/23 maxlen: 23
                          91.132.228.0/23 maxlen: 23
                          91.132.228.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 17 Apr 2023 12:19:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:ad:99:dc:a9:e2:6d:b9:f8:85:58:6d:d6:01:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c4be43394a7c2bf1e8fdfbb1d506fa37ac73231
        Validity
            Not Before: Jan  1 20:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=395fe43eb24b91da807f2a0a862f82c522b3e596
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ed:75:81:36:0c:e0:e5:40:dd:b9:e7:2a:94:
                    80:51:0e:32:83:5f:20:e3:80:ac:51:34:0d:ad:5b:
                    5f:0f:c6:13:b9:0c:dc:3d:b1:84:e5:6f:5f:a7:26:
                    39:69:d3:a0:9b:90:d3:dc:84:6c:ed:d8:a6:c0:5a:
                    5f:82:5b:ae:45:b0:77:4e:cf:f8:d8:3a:2c:a8:e4:
                    8b:9d:c4:f4:3b:9e:c9:d4:73:86:84:84:3d:7c:16:
                    40:e7:78:71:7a:92:0a:77:f4:2d:17:11:9b:7a:50:
                    37:e4:4e:5b:c6:dc:c3:cd:a0:6d:69:80:15:b2:64:
                    d3:f8:6f:ad:0f:19:80:2b:3b:02:b2:36:13:d7:f8:
                    db:60:21:eb:da:29:51:e4:81:a0:cf:08:40:92:bf:
                    0a:2d:00:3d:5e:fb:75:57:f7:4e:52:91:c6:79:c6:
                    63:4d:92:96:99:55:70:25:ac:ee:a4:00:d7:39:10:
                    f6:00:52:2c:96:da:ac:83:30:27:5a:fb:5f:fe:20:
                    75:b3:bd:e0:c6:43:d3:33:3c:d0:6e:35:88:70:00:
                    cd:21:4d:ec:4f:ac:2f:26:27:0f:3d:a4:f4:bc:22:
                    0b:e4:5a:fc:e8:ac:7e:67:ee:9f:8b:1f:55:19:e7:
                    e6:f7:2a:4c:ea:83:0b:31:e1:dd:67:01:78:ff:50:
                    be:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:5F:E4:3E:B2:4B:91:DA:80:7F:2A:0A:86:2F:82:C5:22:B3:E5:96
            X509v3 Authority Key Identifier:
                keyid:4C:4B:E4:33:94:A7:C2:BF:1E:8F:DF:BB:1D:50:6F:A3:7A:C7:32:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TEvkM5Snwr8ej9-7HVBvo3rHMjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a5056f-6948-4130-9077-5f3d06f6a5d2/1/OV_kPrJLkdqAfyoKhi-CxSKz5ZY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a5056f-6948-4130-9077-5f3d06f6a5d2/1/TEvkM5Snwr8ej9-7HVBvo3rHMjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:d1:fd:4a:85:87:dc:a1:50:cc:a8:2d:18:4b:8d:ee:86:8e:
         f4:12:e0:bc:a5:82:06:c7:c9:2f:68:f5:94:47:b1:d8:96:35:
         0f:67:98:14:02:3b:40:c7:bf:df:1d:97:f3:d3:9e:8d:fc:6a:
         14:82:06:58:91:01:d6:85:8c:4d:53:82:d8:a0:c0:f3:df:cc:
         8c:4d:7d:ac:00:7b:f9:35:df:8b:1c:ae:2b:ba:60:b8:46:0f:
         12:4a:f4:ea:ca:80:7a:37:f5:d5:38:59:e3:9b:8b:a9:41:f0:
         5c:8e:fa:6b:df:86:f8:eb:b7:82:95:ad:36:e8:93:62:0e:e2:
         b7:ea:eb:c9:69:91:22:31:9a:bd:0f:6e:e0:9f:8d:07:ae:1c:
         29:e9:87:24:3c:de:68:2e:e2:1c:93:20:d7:0a:3d:79:0f:19:
         9f:91:29:ab:27:ce:1f:cb:44:f2:d3:fe:76:96:bf:74:95:b4:
         15:8e:b3:70:8f:d5:d5:d3:13:37:67:4a:30:25:c8:46:1b:fe:
         0a:57:ac:92:9b:34:66:41:e1:2e:4a:d5:f0:d9:16:44:11:a7:
         d4:c1:5c:f0:9d:71:28:8b:8e:65:ab:85:0b:1c:ce:70:56:ce:
         88:a7:b4:3c:49:50:8d:88:f2:36:55:a4:67:9b:ef:6f:da:a4:
         ac:31:ca:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHa2Z3Knibbn4hVht1gGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNGJlNDMzOTRhN2MyYmYxZThmZGZiYjFkNTA2ZmEzN2Fj
NzMyMzEwHhcNMjMwMTAxMjA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTVmZTQzZWIyNGI5MWRhODA3ZjJhMGE4NjJmODJjNTIyYjNlNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe11gTYM4OVA3bnnKpSAUQ4yg18g
44CsUTQNrVtfD8YTuQzcPbGE5W9fpyY5adOgm5DT3IRs7dimwFpfgluuRbB3Ts/4
2DosqOSLncT0O57J1HOGhIQ9fBZA53hxepIKd/QtFxGbelA35E5bxtzDzaBtaYAV
smTT+G+tDxmAKzsCsjYT1/jbYCHr2ilR5IGgzwhAkr8KLQA9Xvt1V/dOUpHGecZj
TZKWmVVwJazupADXORD2AFIsltqsgzAnWvtf/iB1s73gxkPTMzzQbjWIcADNIU3s
T6wvJicPPaT0vCIL5Fr86Kx+Z+6fix9VGefm9ypM6oMLMeHdZwF4/1C+eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlf5D6yS5HagH8qCoYvgsUis+WWMB8GA1UdIwQY
MBaAFExL5DOUp8K/Ho/fux1Qb6N6xzIxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEV2a001U253cjhlajktN0hWQnZvM3JITWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hNTA1NmYtNjk0OC00MTMwLTkwNzct
NWYzZDA2ZjZhNWQyLzEvT1Zfa1BySkxrZHFBZnlvS2hpLUN4U0t6NVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hNTA1NmYtNjk0OC00MTMwLTkwNzctNWYzZDA2ZjZhNWQy
LzEvVEV2a001U253cjhlajktN0hWQnZvM3JITWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4TkMA0G
CSqGSIb3DQEBCwUAA4IBAQAe0f1KhYfcoVDMqC0YS43uho70EuC8pYIGx8kvaPWU
R7HYljUPZ5gUAjtAx7/fHZfz056N/GoUggZYkQHWhYxNU4LYoMDz38yMTX2sAHv5
Nd+LHK4rumC4Rg8SSvTqyoB6N/XVOFnjm4upQfBcjvpr34b467eCla026JNiDuK3
6uvJaZEiMZq9D27gn40Hrhwp6YckPN5oLuIckyDXCj15DxmfkSmrJ84fy0Ty0/52
lr90lbQVjrNwj9XV0xM3Z0owJchGG/4KV6ySmzRmQeEuStXw2RZEEafUwVzwnXEo
i45lq4ULHM5wVs6Ip7Q8SVCNiPI2VaRnm+9v2qSsMcpH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org