Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a5056f-6948-4130-9077-5f3d06f6a5d2/1/f8SN2_MqPUDvbU9FTnG3ymS4qWk.roa
File:                     f8SN2_MqPUDvbU9FTnG3ymS4qWk.roa (raw, json)
Hash identifier:          dixOgS5Jv4GHMQr63oNHP9nKNb3okG0H9LxxrpVyxj4=
Subject key identifier:   7F:C4:8D:DB:F3:2A:3D:40:EF:6D:4F:45:4E:71:B7:CA:64:B8:A9:69
Certificate issuer:       /CN=4c4be43394a7c2bf1e8fdfbb1d506fa37ac73231
Certificate serial:       01878F2809F0C01C381F4A655D13187208F1
Authority key identifier: 4C:4B:E4:33:94:A7:C2:BF:1E:8F:DF:BB:1D:50:6F:A3:7A:C7:32:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TEvkM5Snwr8ej9-7HVBvo3rHMjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a5056f-6948-4130-9077-5f3d06f6a5d2/1/f8SN2_MqPUDvbU9FTnG3ymS4qWk.roa
Signing time:             Mon 17 Apr 2023 12:19:38 +0000
ROA not before:           Mon 17 Apr 2023 12:19:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199860
IP address blocks:        91.132.230.0/23 maxlen: 23
                          91.132.228.0/23 maxlen: 23
                          91.132.228.0/22 maxlen: 22
                          91.226.104.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:34:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8f:28:09:f0:c0:1c:38:1f:4a:65:5d:13:18:72:08:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c4be43394a7c2bf1e8fdfbb1d506fa37ac73231
        Validity
            Not Before: Apr 17 12:19:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7fc48ddbf32a3d40ef6d4f454e71b7ca64b8a969
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:0e:2c:b6:9d:5b:3e:2f:aa:26:ce:18:53:7b:
                    3b:c7:a1:f1:1e:46:e4:4e:c6:ac:f1:a6:c2:71:ab:
                    f6:8b:57:70:b2:2b:4b:24:fb:8a:b2:1a:d7:41:63:
                    27:93:1d:ec:e7:e2:52:8b:3b:33:0c:38:cf:66:af:
                    03:27:c7:06:4e:2a:28:0c:26:f3:e1:88:e6:f7:5c:
                    0f:39:fb:0e:ee:b5:e9:eb:96:ca:23:70:9c:76:31:
                    6d:98:29:f9:bb:45:03:09:2e:18:e6:7a:51:52:26:
                    bb:67:d0:da:aa:da:61:30:db:0c:a6:9b:2a:80:13:
                    b5:63:34:a7:3f:9f:15:23:90:48:f6:f3:25:b0:2a:
                    aa:5f:3b:bd:22:4d:2e:e5:52:ed:02:36:60:d1:ad:
                    d4:bc:ff:66:12:25:38:58:10:a8:e3:15:38:4a:f4:
                    0e:e9:8a:9f:bc:47:a1:8a:a3:0c:d7:f7:25:31:18:
                    e3:0d:2f:cb:09:33:aa:e0:56:83:62:03:29:11:2a:
                    ca:1e:88:18:aa:db:bb:9f:fc:dd:d4:80:82:f8:17:
                    d0:86:10:e3:d5:df:6f:f0:08:fa:5c:f8:c3:c1:ca:
                    74:46:7a:19:05:91:41:3a:c9:e1:cf:ee:16:95:1f:
                    74:89:4f:e4:75:e3:e7:c3:7a:0a:2f:5f:82:10:ae:
                    61:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:C4:8D:DB:F3:2A:3D:40:EF:6D:4F:45:4E:71:B7:CA:64:B8:A9:69
            X509v3 Authority Key Identifier:
                keyid:4C:4B:E4:33:94:A7:C2:BF:1E:8F:DF:BB:1D:50:6F:A3:7A:C7:32:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TEvkM5Snwr8ej9-7HVBvo3rHMjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a5056f-6948-4130-9077-5f3d06f6a5d2/1/f8SN2_MqPUDvbU9FTnG3ymS4qWk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a5056f-6948-4130-9077-5f3d06f6a5d2/1/TEvkM5Snwr8ej9-7HVBvo3rHMjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.228.0/22
                  91.226.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         e7:e5:17:15:3e:eb:52:62:40:e5:7e:1b:75:54:f9:04:fc:4a:
         94:3e:f4:3d:7f:62:2f:c0:ef:0c:85:0c:38:58:db:6e:a5:65:
         a6:38:73:25:50:27:2e:8a:80:24:5c:a4:72:41:23:f9:48:b9:
         65:89:db:aa:f4:d6:9d:ab:c0:98:1b:5d:77:22:2b:9f:6d:5e:
         27:1c:c8:bf:a9:d5:af:e3:49:c9:e8:03:9a:24:6d:14:a0:36:
         29:72:97:1c:24:38:cb:96:d5:eb:bf:22:9c:c8:49:59:a1:1d:
         15:8c:c1:fe:4a:06:40:4b:0d:4c:21:ca:eb:dc:49:33:56:52:
         8a:53:e9:8e:3b:71:ac:ab:e4:5d:d6:32:cc:90:91:15:15:1e:
         1d:27:58:b1:04:02:1d:73:f9:3b:f0:ee:3e:2b:25:e9:b5:b3:
         31:57:16:b4:65:a1:21:64:e3:c3:ff:24:50:21:fd:ac:87:26:
         2a:c0:4a:c7:38:6c:44:8c:f7:fc:55:73:0a:5c:ec:1d:87:a8:
         e9:e2:cb:fb:91:20:63:0d:f1:eb:3b:b6:27:47:81:93:28:c2:
         51:8b:8d:07:8d:c7:ed:8c:54:76:d8:d6:ed:0a:85:19:6f:b7:
         ae:ee:61:bc:1a:54:88:47:b5:ca:55:21:5f:32:8a:b1:f9:01:
         52:27:75:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYePKAnwwBw4H0plXRMYcgjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNGJlNDMzOTRhN2MyYmYxZThmZGZiYjFkNTA2ZmEzN2Fj
NzMyMzEwHhcNMjMwNDE3MTIxOTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmM0OGRkYmYzMmEzZDQwZWY2ZDRmNDU0ZTcxYjdjYTY0YjhhOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ4stp1bPi+qJs4YU3s7x6HxHkbk
Tsas8abCcav2i1dwsitLJPuKshrXQWMnkx3s5+JSizszDDjPZq8DJ8cGTiooDCbz
4Yjm91wPOfsO7rXp65bKI3CcdjFtmCn5u0UDCS4Y5npRUia7Z9DaqtphMNsMppsq
gBO1YzSnP58VI5BI9vMlsCqqXzu9Ik0u5VLtAjZg0a3UvP9mEiU4WBCo4xU4SvQO
6YqfvEehiqMM1/clMRjjDS/LCTOq4FaDYgMpESrKHogYqtu7n/zd1ICC+BfQhhDj
1d9v8Aj6XPjDwcp0RnoZBZFBOsnhz+4WlR90iU/kdePnw3oKL1+CEK5htwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH/EjdvzKj1A721PRU5xt8pkuKlpMB8GA1UdIwQY
MBaAFExL5DOUp8K/Ho/fux1Qb6N6xzIxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEV2a001U253cjhlajktN0hWQnZvM3JITWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hNTA1NmYtNjk0OC00MTMwLTkwNzct
NWYzZDA2ZjZhNWQyLzEvZjhTTjJfTXFQVUR2YlU5RlRuRzN5bVM0cVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hNTA1NmYtNjk0OC00MTMwLTkwNzctNWYzZDA2ZjZhNWQy
LzEvVEV2a001U253cjhlajktN0hWQnZvM3JITWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW4TkAwQC
W+JoMA0GCSqGSIb3DQEBCwUAA4IBAQDn5RcVPutSYkDlfht1VPkE/EqUPvQ9f2Iv
wO8MhQw4WNtupWWmOHMlUCcuioAkXKRyQSP5SLlliduq9Nadq8CYG113IiufbV4n
HMi/qdWv40nJ6AOaJG0UoDYpcpccJDjLltXrvyKcyElZoR0VjMH+SgZASw1MIcrr
3EkzVlKKU+mOO3Gsq+Rd1jLMkJEVFR4dJ1ixBAIdc/k78O4+KyXptbMxVxa0ZaEh
ZOPD/yRQIf2shyYqwErHOGxEjPf8VXMKXOwdh6jp4sv7kSBjDfHrO7YnR4GTKMJR
i40HjcftjFR22NbtCoUZb7eu7mG8GlSIR7XKVSFfMoqx+QFSJ3Wn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:15 2024 by rpki-client on console-ams.rpki-client.org