Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/7nVruglko4vm2kKQqIt423y3IWU.roa
File:                     7nVruglko4vm2kKQqIt423y3IWU.roa (raw, json)
Hash identifier:          4euExBi6xGbV3Ud2aBCwLwrJg2UsOGv3TR+JbC4goHw=
Subject key identifier:   EE:75:6B:BA:09:64:A3:8B:E6:DA:42:90:A8:8B:78:DB:7C:B7:21:65
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       01856C53D3AA8151076C0656DCBE031FA05E
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/7nVruglko4vm2kKQqIt423y3IWU.roa
Signing time:             Sun 01 Jan 2023 07:55:10 +0000
ROA not before:           Sun 01 Jan 2023 07:55:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44486
IP address blocks:        91.217.162.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:d3:aa:81:51:07:6c:06:56:dc:be:03:1f:a0:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Jan  1 07:55:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee756bba0964a38be6da4290a88b78db7cb72165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:43:7b:85:93:9e:91:48:a9:79:d9:d5:14:55:
                    ed:ca:0d:c2:f6:34:23:67:5d:9a:1b:f9:45:0e:df:
                    4c:4f:5a:89:1a:25:77:cb:2f:3d:1d:12:3e:23:2b:
                    5f:f0:f3:00:68:06:f6:4c:66:e3:b8:43:d9:18:93:
                    ff:34:9e:fb:4b:da:2c:ca:f0:d5:8f:ae:01:73:d6:
                    b3:a1:42:9f:82:57:6c:d9:e1:f1:bc:e1:69:ab:36:
                    75:22:3d:20:d9:a4:69:38:ac:4b:19:0c:b3:d5:f2:
                    b3:40:e7:7a:73:33:42:42:1e:6f:46:be:f7:b5:1f:
                    e5:c0:94:a0:df:a7:16:11:a7:e0:ec:15:3c:b2:8c:
                    4b:a8:fc:40:9d:45:56:a5:05:14:25:b7:81:49:c0:
                    84:5b:f4:d7:cf:84:33:cd:1a:0d:e9:b7:18:63:c6:
                    28:0c:dc:77:75:a5:17:c1:f5:41:22:01:67:39:f2:
                    2a:5d:49:bf:dd:20:25:df:f9:9b:c9:68:83:cf:e0:
                    0f:d7:9c:76:2c:a3:22:71:6c:6f:94:db:74:98:19:
                    af:89:9a:45:8c:d8:0d:13:9c:b4:e3:80:72:71:c3:
                    6d:2d:36:11:ec:5e:fe:f3:88:e7:4a:44:1c:09:aa:
                    d8:10:d4:de:b5:70:75:5d:aa:71:96:0c:6c:c4:72:
                    eb:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:75:6B:BA:09:64:A3:8B:E6:DA:42:90:A8:8B:78:DB:7C:B7:21:65
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/7nVruglko4vm2kKQqIt423y3IWU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:89:c3:cf:b4:e2:a3:8a:04:ec:e1:5e:ab:81:e9:6e:c8:c9:
         11:90:17:2f:5c:4e:9f:c2:50:65:4c:fd:9c:f7:c0:23:c7:c5:
         d4:1c:57:b7:e7:c6:44:8f:91:87:dd:cb:0a:cd:92:d0:f0:0d:
         9a:71:b7:57:19:66:64:dc:a7:9b:c5:1d:d0:da:e4:7b:78:66:
         e4:64:16:92:61:78:7a:b5:3e:23:44:d7:19:dc:75:71:e2:2d:
         a8:83:6d:4f:17:33:20:8d:3c:c7:ed:28:04:ba:de:30:15:36:
         4d:1d:1f:ac:89:13:ae:4f:96:f5:c9:78:76:98:01:ae:5a:9a:
         9f:d8:83:5c:81:10:1e:1a:97:a5:68:41:2d:6b:5c:67:be:71:
         38:c7:43:34:ba:4a:89:de:04:71:30:44:db:7c:53:a0:65:77:
         c1:31:7f:64:c6:12:01:4e:b4:08:27:42:3a:da:75:49:9b:1f:
         b4:db:da:52:62:b1:0a:69:6f:7d:f9:2d:c5:c5:6e:64:27:60:
         fd:59:47:c6:cb:63:d0:1a:9b:bd:81:40:a5:8c:b1:47:c9:a5:
         33:05:26:85:00:aa:63:a5:00:ed:10:79:85:b0:7c:30:4d:7b:
         1f:96:e9:b9:ba:d9:b0:f9:d0:09:45:92:0c:1a:9e:d7:24:1d:
         4d:7e:c8:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU9OqgVEHbAZW3L4DH6BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMTAxMDc1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTc1NmJiYTA5NjRhMzhiZTZkYTQyOTBhODhiNzhkYjdjYjcyMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEN7hZOekUipednVFFXtyg3C9jQj
Z12aG/lFDt9MT1qJGiV3yy89HRI+Iytf8PMAaAb2TGbjuEPZGJP/NJ77S9osyvDV
j64Bc9azoUKfglds2eHxvOFpqzZ1Ij0g2aRpOKxLGQyz1fKzQOd6czNCQh5vRr73
tR/lwJSg36cWEafg7BU8soxLqPxAnUVWpQUUJbeBScCEW/TXz4QzzRoN6bcYY8Yo
DNx3daUXwfVBIgFnOfIqXUm/3SAl3/mbyWiDz+AP15x2LKMicWxvlNt0mBmviZpF
jNgNE5y044ByccNtLTYR7F7+84jnSkQcCarYENTetXB1XapxlgxsxHLr2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO51a7oJZKOL5tpCkKiLeNt8tyFlMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvN25WcnVnbGtvNHZtMmtLUXFJdDQyM3kzSVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9miMA0G
CSqGSIb3DQEBCwUAA4IBAQChicPPtOKjigTs4V6rgeluyMkRkBcvXE6fwlBlTP2c
98Ajx8XUHFe358ZEj5GH3csKzZLQ8A2acbdXGWZk3KebxR3Q2uR7eGbkZBaSYXh6
tT4jRNcZ3HVx4i2og21PFzMgjTzH7SgEut4wFTZNHR+siROuT5b1yXh2mAGuWpqf
2INcgRAeGpelaEEta1xnvnE4x0M0ukqJ3gRxMETbfFOgZXfBMX9kxhIBTrQIJ0I6
2nVJmx+029pSYrEKaW99+S3FxW5kJ2D9WUfGy2PQGpu9gUCljLFHyaUzBSaFAKpj
pQDtEHmFsHwwTXsflum5utmw+dAJRZIMGp7XJB1Nfsgr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:11 2024 by rpki-client on console-ams.rpki-client.org