Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1-qVElX9Gy4cjRu7EyFFJMmDpJFI.roa
File:                     1-qVElX9Gy4cjRu7EyFFJMmDpJFI.roa (raw, json)
Hash identifier:          NcSPjk7qB81kEP21fvCoxDUT0oCGjbYFwSxpycZZrdw=
Subject key identifier:   FA:A5:44:95:7F:46:CB:87:23:46:EE:C4:C8:51:49:32:60:E9:24:52
Certificate issuer:       /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial:       018571552873284E74F9A52B8DB1D9661E9C
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1-qVElX9Gy4cjRu7EyFFJMmDpJFI.roa
Signing time:             Mon 02 Jan 2023 07:14:44 +0000
ROA not before:           Mon 02 Jan 2023 07:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137427
IP address blocks:        91.204.226.0/24 maxlen: 24
                          91.204.224.0/24 maxlen: 24
                          91.204.225.0/24 maxlen: 24
                          91.204.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Dec 2023 13:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:55:28:73:28:4e:74:f9:a5:2b:8d:b1:d9:66:1e:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
        Validity
            Not Before: Jan  2 07:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=faa544957f46cb872346eec4c851493260e92452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:8f:72:a0:78:0f:dc:1b:58:1a:60:c7:fd:10:
                    04:3c:05:cd:9d:cb:3c:b1:f1:44:a2:f3:6e:54:12:
                    17:0a:e9:54:da:f7:d0:94:62:b3:0e:fe:96:26:75:
                    93:78:cd:29:f7:f6:2e:62:b8:e4:4f:31:83:f6:b6:
                    79:33:8d:ae:77:ac:03:c2:ae:40:11:35:28:49:ec:
                    d5:00:8b:88:a3:9d:d1:f4:cf:f9:08:97:b5:20:3e:
                    1e:cc:a2:04:2c:89:30:f1:85:ef:e1:e2:8d:c4:16:
                    52:41:69:73:1e:b0:b6:0c:97:bb:93:33:12:3d:a8:
                    ec:49:41:52:19:7d:55:a0:89:aa:a6:00:eb:2d:58:
                    5a:0c:eb:48:d6:ef:84:90:51:be:0d:d0:86:71:4b:
                    87:7d:53:fa:19:93:ac:48:25:3f:28:95:5a:e8:b7:
                    77:80:07:47:ce:56:53:7c:bc:ee:91:4d:21:10:e1:
                    78:89:52:37:c4:97:fc:78:73:ef:9a:27:47:41:fe:
                    e8:39:28:f9:32:e7:0c:b7:5a:cf:d7:96:96:70:4b:
                    30:a1:5e:6f:03:87:b0:d8:7d:c3:77:e3:3a:56:78:
                    d7:32:77:67:70:78:6f:70:8d:91:29:08:8b:a5:ce:
                    5c:eb:e7:45:f1:1e:24:fa:4e:d9:7c:02:62:1c:0e:
                    77:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:A5:44:95:7F:46:CB:87:23:46:EE:C4:C8:51:49:32:60:E9:24:52
            X509v3 Authority Key Identifier:
                keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1-qVElX9Gy4cjRu7EyFFJMmDpJFI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:61:3d:6e:a2:b8:c9:be:82:95:8b:16:1a:ac:6e:22:ee:2a:
         5b:9f:11:d2:46:5d:53:b6:97:a4:4c:b5:58:14:47:0e:36:34:
         a3:de:4d:ce:77:ce:0d:04:5e:9d:7e:c9:da:77:d2:ee:7c:3d:
         1b:1c:db:4c:51:67:2e:42:7a:ac:be:1d:9a:dc:c0:5a:38:16:
         c9:16:69:cf:e8:a5:f6:d7:84:fc:3d:e4:a8:e4:41:d0:d8:e8:
         ba:e5:f0:38:ca:f5:4c:c5:31:4b:00:6a:c1:9f:e2:dd:90:ba:
         ab:58:86:90:21:2b:ee:9b:a6:01:28:1a:58:88:17:55:b2:30:
         8a:34:80:fe:b4:34:0e:ee:8b:b3:1e:02:28:03:23:a5:c8:ca:
         7e:f8:d7:57:04:9e:79:bb:f6:02:43:60:17:89:1b:81:09:86:
         60:c0:08:db:ab:31:58:09:d7:4a:d4:27:47:ac:cb:18:70:e3:
         cf:97:60:4e:c4:1c:90:9b:d9:cf:d7:ea:35:39:ec:79:2c:2b:
         44:4f:bf:22:1e:30:9b:8b:c1:62:e8:97:c0:ef:50:f9:94:f7:
         98:18:6a:ad:a8:62:93:46:41:7d:58:09:a0:58:58:52:21:5e:
         31:28:4f:e3:4a:eb:fc:90:b9:e8:2d:77:11:66:fc:bc:96:3d:
         f4:22:b5:26
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxVShzKE50+aUrjbHZZh6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMwMTAyMDcxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE1NDQ5NTdmNDZjYjg3MjM0NmVlYzRjODUxNDkzMjYwZTkyNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY9yoHgP3BtYGmDH/RAEPAXNncs8
sfFEovNuVBIXCulU2vfQlGKzDv6WJnWTeM0p9/YuYrjkTzGD9rZ5M42ud6wDwq5A
ETUoSezVAIuIo53R9M/5CJe1ID4ezKIELIkw8YXv4eKNxBZSQWlzHrC2DJe7kzMS
PajsSUFSGX1VoImqpgDrLVhaDOtI1u+EkFG+DdCGcUuHfVP6GZOsSCU/KJVa6Ld3
gAdHzlZTfLzukU0hEOF4iVI3xJf8eHPvmidHQf7oOSj5MucMt1rP15aWcEswoV5v
A4ew2H3Dd+M6VnjXMndncHhvcI2RKQiLpc5c6+dF8R4k+k7ZfAJiHA53oQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqlRJV/RsuHI0buxMhRSTJg6SRSMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvMS1xVkVsWDlHeTRjalJ1N0V5RkZKTW1EcEpGSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjcvMzQ4Y2U1LWNhMjAtNDg0OC04ODQ0LWFlNTAyNzM2ODFh
Ny8xL3pSQ01JbDhrZU0xQ01CZVlrTkJ5aEw0V05zMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvM4DAN
BgkqhkiG9w0BAQsFAAOCAQEAA2E9bqK4yb6ClYsWGqxuIu4qW58R0kZdU7aXpEy1
WBRHDjY0o95NznfODQRenX7J2nfS7nw9GxzbTFFnLkJ6rL4dmtzAWjgWyRZpz+il
9teE/D3kqORB0NjouuXwOMr1TMUxSwBqwZ/i3ZC6q1iGkCEr7pumASgaWIgXVbIw
ijSA/rQ0Du6Lsx4CKAMjpcjKfvjXVwSeebv2AkNgF4kbgQmGYMAI26sxWAnXStQn
R6zLGHDjz5dgTsQckJvZz9fqNTnseSwrRE+/Ih4wm4vBYuiXwO9Q+ZT3mBhqrahi
k0ZBfVgJoFhYUiFeMShP40rr/JC56C13EWb8vJY99CK1Jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org