Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/9d6660-775a-4f3f-93c2-a5eebd28d496/1/Bzpc0Wkc1DbI_hAYBwc-oenpLzA.roa
File:                     Bzpc0Wkc1DbI_hAYBwc-oenpLzA.roa (raw, json)
Hash identifier:          9v1UINJLBWROKXJcLYpuor19aa+PXNV7heaF6Fq16SM=
Subject key identifier:   07:3A:5C:D1:69:1C:D4:36:C8:FE:10:18:07:07:3E:A1:E9:E9:2F:30
Certificate issuer:       /CN=4b5c7d9c7440e5cb4b0a6761563c0d850f08111a
Certificate serial:       01856D13E2F96F5D29C0DE5079D792B09FB8
Authority key identifier: 4B:5C:7D:9C:74:40:E5:CB:4B:0A:67:61:56:3C:0D:85:0F:08:11:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S1x9nHRA5ctLCmdhVjwNhQ8IERo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/9d6660-775a-4f3f-93c2-a5eebd28d496/1/Bzpc0Wkc1DbI_hAYBwc-oenpLzA.roa
Signing time:             Sun 01 Jan 2023 11:24:57 +0000
ROA not before:           Sun 01 Jan 2023 11:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207403
IP address blocks:        91.202.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:e2:f9:6f:5d:29:c0:de:50:79:d7:92:b0:9f:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b5c7d9c7440e5cb4b0a6761563c0d850f08111a
        Validity
            Not Before: Jan  1 11:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=073a5cd1691cd436c8fe101807073ea1e9e92f30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c6:2f:5d:26:d1:bd:c8:c7:18:97:16:e5:ba:
                    08:69:32:56:08:c4:cb:87:d0:70:7e:e8:69:fd:fd:
                    10:62:4f:77:4a:ff:a4:68:d3:d1:8b:cb:d2:0d:13:
                    eb:63:17:c2:8a:07:59:6f:01:92:f4:29:3e:7f:b8:
                    42:cd:4f:36:cf:24:b5:d0:7a:ae:28:2e:bb:88:19:
                    07:da:96:c2:34:e9:ea:a1:83:8e:d2:a8:20:46:a8:
                    37:48:ba:bd:ff:87:1e:b9:db:93:0a:37:23:5d:20:
                    b7:0b:48:94:5f:9e:fe:e1:e8:eb:19:e0:e9:c5:2b:
                    f4:fb:8d:96:56:b4:32:1f:41:9d:a7:cf:79:95:4d:
                    9d:0e:8b:e9:a8:b7:45:bd:11:65:3a:60:26:4e:f5:
                    cf:ef:8b:bd:0b:43:ab:50:d9:23:65:e1:e8:75:0f:
                    29:ac:0a:b1:48:c9:b9:3a:16:6b:3d:4e:40:1a:91:
                    f8:fd:d3:6f:42:15:56:69:95:6a:b9:09:ba:d6:4e:
                    49:77:81:c1:1f:0d:7f:9b:06:e6:3b:cb:1b:75:09:
                    f5:df:ef:4d:20:c5:2b:92:3d:c6:29:c1:83:aa:36:
                    c4:1c:2b:29:2c:f8:0f:fe:2a:10:85:de:7f:86:7c:
                    ef:9c:69:ec:70:27:86:0e:24:db:b2:82:bc:60:28:
                    95:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:3A:5C:D1:69:1C:D4:36:C8:FE:10:18:07:07:3E:A1:E9:E9:2F:30
            X509v3 Authority Key Identifier:
                keyid:4B:5C:7D:9C:74:40:E5:CB:4B:0A:67:61:56:3C:0D:85:0F:08:11:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1x9nHRA5ctLCmdhVjwNhQ8IERo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/9d6660-775a-4f3f-93c2-a5eebd28d496/1/Bzpc0Wkc1DbI_hAYBwc-oenpLzA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/9d6660-775a-4f3f-93c2-a5eebd28d496/1/S1x9nHRA5ctLCmdhVjwNhQ8IERo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:5c:72:0b:19:48:45:d1:ca:6b:04:91:1c:b9:59:ec:ca:60:
         5e:98:dc:d9:f3:5d:3f:90:2e:b4:13:e0:4a:f8:09:a7:5a:db:
         6d:0b:83:7e:09:c4:f4:4e:4d:87:68:e0:04:75:0c:8b:61:b0:
         71:55:10:9a:eb:08:df:b1:c6:76:36:74:e9:5f:02:fc:d3:7f:
         ed:0f:55:1f:bd:ea:c3:1e:4e:04:ad:fb:73:25:65:1c:f9:2b:
         75:46:fe:63:e3:3b:4c:1f:43:a4:e2:ef:48:aa:f9:90:0b:1b:
         fb:cb:7b:42:4e:43:d7:bf:0c:60:38:56:c0:a9:89:c7:b1:ea:
         26:8b:13:08:7d:27:29:db:5a:34:a2:db:af:9a:60:f2:73:15:
         f8:a4:39:e4:8c:db:7e:3c:af:2a:14:4f:6e:ca:74:73:7f:f2:
         af:f1:02:16:69:5a:d1:84:50:58:6d:14:b4:4e:67:9f:4d:ae:
         f9:f2:dc:7c:0a:29:8a:5e:f2:96:20:01:27:ca:b5:6e:99:59:
         7c:5d:a1:00:6a:1a:b4:7c:64:c4:8c:54:b7:86:8e:74:15:f4:
         6c:20:9a:9b:e0:8f:b6:f8:8d:cc:ae:04:a2:db:ee:49:21:ac:
         7a:90:51:c7:89:9e:f8:0d:00:3e:9d:0b:0c:75:b4:b9:81:44:
         cf:f3:a9:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE+L5b10pwN5QedeSsJ+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNWM3ZDljNzQ0MGU1Y2I0YjBhNjc2MTU2M2MwZDg1MGYw
ODExMWEwHhcNMjMwMTAxMTEyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzNhNWNkMTY5MWNkNDM2YzhmZTEwMTgwNzA3M2VhMWU5ZTkyZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucYvXSbRvcjHGJcW5boIaTJWCMTL
h9Bwfuhp/f0QYk93Sv+kaNPRi8vSDRPrYxfCigdZbwGS9Ck+f7hCzU82zyS10Hqu
KC67iBkH2pbCNOnqoYOO0qggRqg3SLq9/4ceuduTCjcjXSC3C0iUX57+4ejrGeDp
xSv0+42WVrQyH0Gdp895lU2dDovpqLdFvRFlOmAmTvXP74u9C0OrUNkjZeHodQ8p
rAqxSMm5OhZrPU5AGpH4/dNvQhVWaZVquQm61k5Jd4HBHw1/mwbmO8sbdQn13+9N
IMUrkj3GKcGDqjbEHCspLPgP/ioQhd5/hnzvnGnscCeGDiTbsoK8YCiV+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAc6XNFpHNQ2yP4QGAcHPqHp6S8wMB8GA1UdIwQY
MBaAFEtcfZx0QOXLSwpnYVY8DYUPCBEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzF4OW5IUkE1Y3RMQ21kaFZqd05oUThJRVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85ZDY2NjAtNzc1YS00ZjNmLTkzYzIt
YTVlZWJkMjhkNDk2LzEvQnpwYzBXa2MxRGJJX2hBWUJ3Yy1vZW5wTHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85ZDY2NjAtNzc1YS00ZjNmLTkzYzItYTVlZWJkMjhkNDk2
LzEvUzF4OW5IUkE1Y3RMQ21kaFZqd05oUThJRVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8oHMA0G
CSqGSIb3DQEBCwUAA4IBAQBmXHILGUhF0cprBJEcuVnsymBemNzZ810/kC60E+BK
+AmnWtttC4N+CcT0Tk2HaOAEdQyLYbBxVRCa6wjfscZ2NnTpXwL803/tD1UfverD
Hk4ErftzJWUc+St1Rv5j4ztMH0Ok4u9IqvmQCxv7y3tCTkPXvwxgOFbAqYnHseom
ixMIfScp21o0otuvmmDycxX4pDnkjNt+PK8qFE9uynRzf/Kv8QIWaVrRhFBYbRS0
TmefTa758tx8CimKXvKWIAEnyrVumVl8XaEAahq0fGTEjFS3ho50FfRsIJqb4I+2
+I3MrgSi2+5JIax6kFHHiZ74DQA+nQsMdbS5gUTP86n/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:26 2024 by rpki-client on console-fra.rpki-client.org