Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ad3797-3346-478f-9e9d-a89f959be204/1/EBhzTY0qduYoM3SplKO2oA2DEuA.roa
File:                     EBhzTY0qduYoM3SplKO2oA2DEuA.roa (raw, json)
Hash identifier:          zbiKKCDL5mHsKR7AX5Wno/udfTZjOP/KygupJgteqQI=
Subject key identifier:   10:18:73:4D:8D:2A:76:E6:28:33:74:A9:94:A3:B6:A0:0D:83:12:E0
Certificate issuer:       /CN=e6f824e4bc5cd81886ec24b5e15266e95f8ddf93
Certificate serial:       018570CBCBABC4F272DB93ED79BE619578E5
Authority key identifier: E6:F8:24:E4:BC:5C:D8:18:86:EC:24:B5:E1:52:66:E9:5F:8D:DF:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5vgk5Lxc2BiG7CS14VJm6V-N35M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ad3797-3346-478f-9e9d-a89f959be204/1/EBhzTY0qduYoM3SplKO2oA2DEuA.roa
Signing time:             Mon 02 Jan 2023 04:44:41 +0000
ROA not before:           Mon 02 Jan 2023 04:44:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197266
IP address blocks:        91.217.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:cb:cb:ab:c4:f2:72:db:93:ed:79:be:61:95:78:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6f824e4bc5cd81886ec24b5e15266e95f8ddf93
        Validity
            Not Before: Jan  2 04:44:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1018734d8d2a76e6283374a994a3b6a00d8312e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:c7:31:7f:07:f2:e0:b0:8f:79:60:29:ae:12:
                    36:5f:f3:47:61:c6:c3:f8:5e:62:b2:17:1e:0f:2d:
                    ee:76:64:32:9d:79:e1:03:21:31:a3:ae:e8:c6:38:
                    85:e9:77:f5:a7:95:de:a5:22:5f:ed:aa:50:19:3a:
                    c0:e0:73:9c:86:e9:7a:ab:26:ca:e7:47:84:6f:d6:
                    a4:7a:97:bb:b8:ac:58:65:6f:8d:a4:99:5c:81:3c:
                    7a:71:d1:93:1a:9f:e1:ae:ce:62:4b:8d:82:8a:3c:
                    d3:79:99:42:9c:71:66:f4:0d:f2:d2:13:c2:27:ce:
                    15:72:7b:e2:ab:9c:35:76:74:05:9e:39:bb:f4:b3:
                    59:c6:ed:d8:55:73:5d:cc:de:15:d9:5b:5c:6f:bf:
                    0f:27:96:6f:57:3a:44:32:b7:0c:4f:c0:6b:3f:94:
                    46:e7:db:3e:e2:96:df:8e:16:21:c0:ed:00:a0:2c:
                    60:f0:1e:9d:e2:79:85:74:12:88:45:fb:a3:52:e5:
                    e2:d2:4a:05:f6:e1:36:0c:fc:ab:e1:67:ec:72:32:
                    28:b0:58:a9:e8:85:ea:0c:39:76:86:de:79:ec:03:
                    d1:04:96:a5:6c:30:80:1f:f4:e3:fb:ca:e4:a7:dc:
                    51:0e:07:1e:06:93:b4:d5:ee:87:3f:5f:9b:f7:1e:
                    5d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:18:73:4D:8D:2A:76:E6:28:33:74:A9:94:A3:B6:A0:0D:83:12:E0
            X509v3 Authority Key Identifier:
                keyid:E6:F8:24:E4:BC:5C:D8:18:86:EC:24:B5:E1:52:66:E9:5F:8D:DF:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vgk5Lxc2BiG7CS14VJm6V-N35M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ad3797-3346-478f-9e9d-a89f959be204/1/EBhzTY0qduYoM3SplKO2oA2DEuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ad3797-3346-478f-9e9d-a89f959be204/1/5vgk5Lxc2BiG7CS14VJm6V-N35M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:34:b9:31:47:80:5c:21:2e:a8:30:e5:65:c1:5e:ee:f0:1a:
         1b:68:be:62:20:54:72:f4:9e:94:df:65:b6:3d:af:3f:e0:24:
         14:29:92:43:ca:e8:65:5e:38:2e:ea:39:67:c3:1f:f8:11:d7:
         46:c4:63:fe:69:87:8d:5a:24:b4:32:ef:9e:c3:9f:2d:07:e7:
         c6:8f:3c:63:b2:a8:28:d5:cc:0e:77:71:9e:40:65:99:c0:15:
         1c:a3:64:7d:a0:7e:0d:15:ee:33:f9:62:f3:91:ed:fe:5f:99:
         30:5c:43:97:8e:df:0b:4f:6d:e5:a8:df:f9:b9:c8:0c:07:18:
         7d:6c:3c:11:95:bd:fa:2e:58:05:03:77:f3:52:8e:df:80:d0:
         09:04:09:68:7d:9f:fd:57:8b:36:53:dd:3a:68:02:b8:02:c0:
         dc:18:62:3c:cc:ab:71:04:14:a5:22:2e:f5:8b:71:ea:40:01:
         3d:f5:63:2c:7b:7f:78:3d:4c:d0:f4:a7:67:dd:86:1c:d8:03:
         9d:e6:7a:49:6d:38:af:08:63:bb:e7:41:bd:71:48:55:a9:a8:
         d9:40:63:8b:15:0e:23:e0:a3:d5:06:3b:fb:ac:e2:0f:04:f1:
         52:71:73:f7:19:06:a6:7b:7b:ba:8e:15:9a:ab:c5:03:fe:be:
         87:c0:cc:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy8urxPJy25Pteb5hlXjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZjgyNGU0YmM1Y2Q4MTg4NmVjMjRiNWUxNTI2NmU5NWY4
ZGRmOTMwHhcNMjMwMTAyMDQ0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDE4NzM0ZDhkMmE3NmU2MjgzMzc0YTk5NGEzYjZhMDBkODMxMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkccxfwfy4LCPeWAprhI2X/NHYcbD
+F5ishceDy3udmQynXnhAyExo67oxjiF6Xf1p5XepSJf7apQGTrA4HOchul6qybK
50eEb9akepe7uKxYZW+NpJlcgTx6cdGTGp/hrs5iS42CijzTeZlCnHFm9A3y0hPC
J84Vcnviq5w1dnQFnjm79LNZxu3YVXNdzN4V2Vtcb78PJ5ZvVzpEMrcMT8BrP5RG
59s+4pbfjhYhwO0AoCxg8B6d4nmFdBKIRfujUuXi0koF9uE2DPyr4WfscjIosFip
6IXqDDl2ht557APRBJalbDCAH/Tj+8rkp9xRDgceBpO01e6HP1+b9x5djwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBAYc02NKnbmKDN0qZSjtqANgxLgMB8GA1UdIwQY
MBaAFOb4JOS8XNgYhuwkteFSZulfjd+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZnazVMeGMyQmlHN0NTMTRWSm02Vi1OMzVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZDM3OTctMzM0Ni00NzhmLTllOWQt
YTg5Zjk1OWJlMjA0LzEvRUJoelRZMHFkdVlvTTNTcGxLTzJvQTJERXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZDM3OTctMzM0Ni00NzhmLTllOWQtYTg5Zjk1OWJlMjA0
LzEvNXZnazVMeGMyQmlHN0NTMTRWSm02Vi1OMzVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9neMA0G
CSqGSIb3DQEBCwUAA4IBAQByNLkxR4BcIS6oMOVlwV7u8BobaL5iIFRy9J6U32W2
Pa8/4CQUKZJDyuhlXjgu6jlnwx/4EddGxGP+aYeNWiS0Mu+ew58tB+fGjzxjsqgo
1cwOd3GeQGWZwBUco2R9oH4NFe4z+WLzke3+X5kwXEOXjt8LT23lqN/5ucgMBxh9
bDwRlb36LlgFA3fzUo7fgNAJBAlofZ/9V4s2U906aAK4AsDcGGI8zKtxBBSlIi71
i3HqQAE99WMse394PUzQ9Kdn3YYc2AOd5npJbTivCGO750G9cUhVqajZQGOLFQ4j
4KPVBjv7rOIPBPFScXP3GQame3u6jhWaq8UD/r6HwMxW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:19 2024 by rpki-client on console-fra.rpki-client.org