Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/060969-5caf-418f-8c25-acb2723a5076/1/9dY8r2-HJWSdrFwkoMwNvGfycrk.roa
File:                     9dY8r2-HJWSdrFwkoMwNvGfycrk.roa (raw, json)
Hash identifier:          6Nkj6Q37hgaCMNH+LBKWCzSlJYF5MINExcGo4ahFZbU=
Subject key identifier:   F5:D6:3C:AF:6F:87:25:64:9D:AC:5C:24:A0:CC:0D:BC:67:F2:72:B9
Certificate issuer:       /CN=c69668f347c55add77ac517e9331dde7fc3556a6
Certificate serial:       01856E942CBD054021761916998AEA5EF610
Authority key identifier: C6:96:68:F3:47:C5:5A:DD:77:AC:51:7E:93:31:DD:E7:FC:35:56:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xpZo80fFWt13rFF-kzHd5_w1VqY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/060969-5caf-418f-8c25-acb2723a5076/1/9dY8r2-HJWSdrFwkoMwNvGfycrk.roa
Signing time:             Sun 01 Jan 2023 18:24:42 +0000
ROA not before:           Sun 01 Jan 2023 18:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197253
IP address blocks:        91.224.68.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sun 15 Oct 2023 14:43:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:94:2c:bd:05:40:21:76:19:16:99:8a:ea:5e:f6:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c69668f347c55add77ac517e9331dde7fc3556a6
        Validity
            Not Before: Jan  1 18:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5d63caf6f8725649dac5c24a0cc0dbc67f272b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:be:5f:4a:d8:03:9d:32:a3:78:d4:d1:23:58:
                    22:7b:8f:eb:2e:a7:40:e1:21:35:4f:6c:29:51:d8:
                    31:9c:76:ef:25:c8:f4:68:f5:84:1c:d1:7e:7b:05:
                    e8:ad:8f:d6:ad:b0:c3:93:55:09:f2:d0:96:61:08:
                    d6:d2:bc:29:0b:33:48:c4:41:12:1a:73:11:c0:6a:
                    2e:b7:15:10:15:da:8a:e4:24:f0:a6:6f:ee:fb:88:
                    d8:ad:39:23:11:d2:36:b3:ed:08:eb:d3:1c:78:ab:
                    ed:49:c3:5f:3b:7d:db:87:04:4b:51:ad:2e:10:bb:
                    66:2f:89:c6:86:94:0d:6a:db:3b:2a:37:e5:69:f2:
                    a6:4d:0e:81:16:0c:3b:3d:d4:be:cb:70:f6:2d:89:
                    26:a2:33:80:42:ec:18:3a:10:ba:18:80:a7:84:50:
                    3d:88:bf:ae:55:75:32:12:a0:9f:76:a6:51:68:71:
                    48:3e:16:a8:a1:7f:17:32:d4:dd:e2:ee:8b:d5:df:
                    9e:6d:22:11:3c:48:5d:ba:d0:0a:c8:21:fa:5e:14:
                    e6:7a:2f:2c:76:4c:9e:12:4c:f8:7d:3c:85:34:ef:
                    64:12:cb:95:09:9d:fa:aa:9a:83:db:70:11:48:b0:
                    57:a6:3a:76:d0:1d:8a:79:3f:d9:c5:f4:3f:90:dd:
                    69:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:D6:3C:AF:6F:87:25:64:9D:AC:5C:24:A0:CC:0D:BC:67:F2:72:B9
            X509v3 Authority Key Identifier:
                keyid:C6:96:68:F3:47:C5:5A:DD:77:AC:51:7E:93:31:DD:E7:FC:35:56:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xpZo80fFWt13rFF-kzHd5_w1VqY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/060969-5caf-418f-8c25-acb2723a5076/1/9dY8r2-HJWSdrFwkoMwNvGfycrk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/060969-5caf-418f-8c25-acb2723a5076/1/xpZo80fFWt13rFF-kzHd5_w1VqY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.224.68.0/23

    Signature Algorithm: sha256WithRSAEncryption
         81:0c:40:f0:d9:16:96:bc:7f:86:18:ce:fa:58:3a:eb:c4:3c:
         62:b9:27:5e:b0:47:33:f4:02:de:14:bf:f0:23:87:e9:4d:3c:
         f2:2a:5c:42:f0:a8:ee:12:8d:3a:0c:13:ea:cc:f9:65:d9:0b:
         d6:9a:aa:5e:61:02:fb:41:08:bb:ff:f4:0b:12:06:ac:49:04:
         40:0a:18:85:03:a7:a8:02:e7:4b:b6:75:ad:0b:e0:ea:d1:6a:
         f1:26:90:f0:5e:e2:22:68:07:6d:3f:d9:e0:71:94:e8:cd:6c:
         ec:99:30:82:9b:10:d3:6a:fe:b7:b4:7a:bd:7c:73:2d:55:f1:
         8d:09:ad:0f:25:98:e1:74:19:05:4d:aa:41:e9:78:62:dc:5a:
         50:91:4d:62:21:2b:2d:b3:c3:00:b4:67:79:92:3d:89:90:a3:
         44:80:27:81:2a:f0:3e:d3:0a:a6:e4:3e:5d:b1:6e:97:91:ce:
         53:d1:b0:1a:65:15:58:0c:99:ae:e2:7e:00:13:a3:03:31:86:
         44:d9:e1:ac:16:08:28:5c:16:e1:10:3e:00:a2:ab:00:0d:e4:
         7c:86:23:f4:7b:9d:88:d3:d7:ec:af:5b:68:8b:b1:a7:ca:fa:
         9a:5e:eb:c0:64:4b:86:76:f3:f4:90:a3:1d:d2:25:d2:8e:14:
         92:45:cf:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVulCy9BUAhdhkWmYrqXvYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OTY2OGYzNDdjNTVhZGQ3N2FjNTE3ZTkzMzFkZGU3ZmMz
NTU2YTYwHhcNMjMwMTAxMTgyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQ2M2NhZjZmODcyNTY0OWRhYzVjMjRhMGNjMGRiYzY3ZjI3MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL5fStgDnTKjeNTRI1gie4/rLqdA
4SE1T2wpUdgxnHbvJcj0aPWEHNF+ewXorY/WrbDDk1UJ8tCWYQjW0rwpCzNIxEES
GnMRwGoutxUQFdqK5CTwpm/u+4jYrTkjEdI2s+0I69MceKvtScNfO33bhwRLUa0u
ELtmL4nGhpQNats7KjflafKmTQ6BFgw7PdS+y3D2LYkmojOAQuwYOhC6GICnhFA9
iL+uVXUyEqCfdqZRaHFIPhaooX8XMtTd4u6L1d+ebSIRPEhdutAKyCH6XhTmei8s
dkyeEkz4fTyFNO9kEsuVCZ36qpqD23ARSLBXpjp20B2KeT/ZxfQ/kN1pMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXWPK9vhyVknaxcJKDMDbxn8nK5MB8GA1UdIwQY
MBaAFMaWaPNHxVrdd6xRfpMx3ef8NVamMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHBabzgwZkZXdDEzckZGLWt6SGQ1X3cxVnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNjA5NjktNWNhZi00MThmLThjMjUt
YWNiMjcyM2E1MDc2LzEvOWRZOHIyLUhKV1NkckZ3a29Nd052R2Z5Y3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNjA5NjktNWNhZi00MThmLThjMjUtYWNiMjcyM2E1MDc2
LzEveHBabzgwZkZXdDEzckZGLWt6SGQ1X3cxVnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+BEMA0G
CSqGSIb3DQEBCwUAA4IBAQCBDEDw2RaWvH+GGM76WDrrxDxiuSdesEcz9ALeFL/w
I4fpTTzyKlxC8KjuEo06DBPqzPll2QvWmqpeYQL7QQi7//QLEgasSQRAChiFA6eo
AudLtnWtC+Dq0WrxJpDwXuIiaAdtP9ngcZTozWzsmTCCmxDTav63tHq9fHMtVfGN
Ca0PJZjhdBkFTapB6Xhi3FpQkU1iISsts8MAtGd5kj2JkKNEgCeBKvA+0wqm5D5d
sW6Xkc5T0bAaZRVYDJmu4n4AE6MDMYZE2eGsFggoXBbhED4AoqsADeR8hiP0e52I
09fsr1toi7GnyvqaXuvAZEuGdvP0kKMd0iXSjhSSRc+B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:22 2024 by rpki-client on console-fra.rpki-client.org