Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/XRr7MXgOSRAzu1Eki3z59vi5pao.roa
File:                     XRr7MXgOSRAzu1Eki3z59vi5pao.roa (raw, json)
Hash identifier:          /npq8WoA4meaPBl+p2UH8FlCPmpfDNLXzpcWlp83qxU=
Subject key identifier:   5D:1A:FB:31:78:0E:49:10:33:BB:51:24:8B:7C:F9:F6:F8:B9:A5:AA
Certificate issuer:       /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial:       018B137EE0A8B204BFAE9EB20335DE4D9985
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/XRr7MXgOSRAzu1Eki3z59vi5pao.roa
Signing time:             Mon 09 Oct 2023 08:12:44 +0000
ROA not before:           Mon 09 Oct 2023 08:12:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     139853
IP address blocks:        91.222.135.0/24 maxlen: 24
                          91.222.134.0/24 maxlen: 24
                          91.222.133.0/24 maxlen: 24
                          149.20.127.0/24 maxlen: 24
                          149.20.126.0/24 maxlen: 24
                          91.204.80.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Oct 2023 08:11:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:13:7e:e0:a8:b2:04:bf:ae:9e:b2:03:35:de:4d:99:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
        Validity
            Not Before: Oct  9 08:12:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d1afb31780e491033bb51248b7cf9f6f8b9a5aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:8f:e2:85:f8:cf:dc:2a:90:67:9b:c6:bc:5e:
                    99:14:ff:d3:19:e2:d4:63:4a:71:9a:c1:b3:87:a1:
                    fb:6e:7e:cc:16:1f:8a:8f:7e:ac:66:c8:21:0d:cd:
                    48:1b:d1:d8:5d:a7:79:18:74:ba:c1:88:68:ae:91:
                    87:ff:7d:07:86:4b:e6:45:b2:3e:bb:a6:a3:3c:8a:
                    a0:88:a9:12:0f:85:47:70:37:e5:97:37:e0:32:da:
                    c9:2b:06:e0:53:ad:31:8c:f1:ff:6d:87:fe:ea:90:
                    31:d6:09:b0:d7:44:11:19:af:cd:43:ea:71:c1:a8:
                    45:7f:28:66:ee:6c:3c:dd:8a:75:e2:e5:47:d7:c9:
                    d2:02:7a:3b:e7:ec:31:d6:9a:b8:94:0f:30:aa:e1:
                    e2:44:1b:65:b5:df:f6:da:57:f4:2c:6f:da:53:b8:
                    38:8a:a9:6e:9a:5f:7b:c7:ee:af:75:9a:35:0f:35:
                    51:4a:e2:05:53:8e:59:e4:10:7a:7f:2c:f5:e5:b3:
                    12:02:c8:c3:ee:45:ce:4d:97:c8:53:2d:35:80:35:
                    1f:e9:76:62:fe:2d:c3:4e:5b:9d:ba:e0:14:15:24:
                    9e:c3:7e:fe:c3:22:68:a1:66:23:56:57:2b:fb:51:
                    dd:15:17:d2:67:d9:0c:24:c7:20:01:d2:95:c2:13:
                    76:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:1A:FB:31:78:0E:49:10:33:BB:51:24:8B:7C:F9:F6:F8:B9:A5:AA
            X509v3 Authority Key Identifier:
                keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/XRr7MXgOSRAzu1Eki3z59vi5pao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.80.0/24
                  91.222.133.0-91.222.135.255
                  149.20.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:0f:6d:90:63:12:d2:8a:b9:89:41:0e:b8:7f:0c:32:c9:76:
         9a:cf:a4:fc:fe:35:be:aa:44:49:9a:cf:ff:22:64:22:8b:78:
         4e:e2:78:8e:41:a0:eb:98:0b:3e:c8:25:04:6b:dc:80:df:59:
         08:85:f7:35:d5:0a:be:6a:67:07:f6:5f:98:0e:7f:7a:e7:9c:
         8f:d5:20:74:f9:5b:2d:9b:68:25:1c:3a:23:d1:9c:4c:09:66:
         48:54:da:ce:57:3f:af:fb:5c:46:b6:92:17:9e:ee:ed:0b:26:
         1e:0b:b4:26:2b:21:0b:a0:c6:dc:93:da:29:2f:68:cc:68:31:
         3c:f4:75:82:99:42:07:65:37:d3:79:6c:41:6f:9a:63:86:88:
         38:d9:94:31:c2:6a:21:0c:5d:b3:fe:e3:27:26:8a:73:be:42:
         de:de:82:22:76:27:bb:d4:18:47:86:1f:e4:ec:50:1e:56:0f:
         98:bf:b5:9a:44:4f:88:9b:0b:df:d2:c3:0a:1f:1b:e2:47:30:
         28:8b:d0:0f:e4:c5:2b:03:cd:c8:17:cc:b6:61:0f:41:c5:ac:
         30:b9:c4:af:f3:2c:06:54:32:9b:f5:9d:cb:0e:61:0e:56:3c:
         50:fc:95:d2:49:07:3b:ba:17:0e:5f:f9:32:11:6f:93:83:76:
         49:f7:aa:62
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYsTfuCosgS/rp6yAzXeTZmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMxMDA5MDgxMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFhZmIzMTc4MGU0OTEwMzNiYjUxMjQ4YjdjZjlmNmY4YjlhNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI/ihfjP3CqQZ5vGvF6ZFP/TGeLU
Y0pxmsGzh6H7bn7MFh+Kj36sZsghDc1IG9HYXad5GHS6wYhorpGH/30HhkvmRbI+
u6ajPIqgiKkSD4VHcDfllzfgMtrJKwbgU60xjPH/bYf+6pAx1gmw10QRGa/NQ+px
wahFfyhm7mw83Yp14uVH18nSAno75+wx1pq4lA8wquHiRBtltd/22lf0LG/aU7g4
iqluml97x+6vdZo1DzVRSuIFU45Z5BB6fyz15bMSAsjD7kXOTZfIUy01gDUf6XZi
/i3DTluduuAUFSSew37+wyJooWYjVlcr+1HdFRfSZ9kMJMcgAdKVwhN2VwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF0a+zF4DkkQM7tRJIt8+fb4uaWqMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvWFJyN01YZ09TUkF6dTFFa2kzejU5dmk1cGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW8xQMAwD
BABb3oUDBANb3oADBAGVFH4wDQYJKoZIhvcNAQELBQADggEBADsPbZBjEtKKuYlB
Drh/DDLJdprPpPz+Nb6qREmaz/8iZCKLeE7ieI5BoOuYCz7IJQRr3IDfWQiF9zXV
Cr5qZwf2X5gOf3rnnI/VIHT5Wy2baCUcOiPRnEwJZkhU2s5XP6/7XEa2khee7u0L
Jh4LtCYrIQugxtyT2ikvaMxoMTz0dYKZQgdlN9N5bEFvmmOGiDjZlDHCaiEMXbP+
4ycminO+Qt7egiJ2J7vUGEeGH+TsUB5WD5i/tZpET4ibC9/SwwofG+JHMCiL0A/k
xSsDzcgXzLZhD0HFrDC5xK/zLAZUMpv1ncsOYQ5WPFD8ldJJBzu6Fw5f+TIRb5OD
dkn3qmI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org