Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/hA9KuAjRg240zy3xHlI58NP3u5Q.roa
File:                     hA9KuAjRg240zy3xHlI58NP3u5Q.roa (raw, json)
Hash identifier:          lofvSSxBaa7I1i3N7jSAZymmCj817trxl+Iuf+gjifc=
Subject key identifier:   84:0F:4A:B8:08:D1:83:6E:34:CF:2D:F1:1E:52:39:F0:D3:F7:BB:94
Certificate issuer:       /CN=de9461c211bf3551c5507c930b4204c6ec43b322
Certificate serial:       0185723A1A6E20AF6323518E10E7096FC148
Authority key identifier: DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/hA9KuAjRg240zy3xHlI58NP3u5Q.roa
Signing time:             Mon 02 Jan 2023 11:24:48 +0000
ROA not before:           Mon 02 Jan 2023 11:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209242
IP address blocks:        91.192.106.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 12 Oct 2023 04:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:3a:1a:6e:20:af:63:23:51:8e:10:e7:09:6f:c1:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de9461c211bf3551c5507c930b4204c6ec43b322
        Validity
            Not Before: Jan  2 11:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=840f4ab808d1836e34cf2df11e5239f0d3f7bb94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fa:26:d0:3d:89:da:3b:2f:ab:78:aa:c3:f2:
                    d2:a2:d4:b9:90:bd:2c:f9:b1:cf:d6:bc:80:41:b5:
                    00:df:a2:a8:63:81:3b:fa:aa:fa:52:f2:39:c8:3b:
                    06:c5:88:96:41:e4:fc:82:6c:7a:c5:05:ad:33:ff:
                    80:3f:68:5d:a0:0c:36:7a:3b:fa:2a:98:39:54:17:
                    47:05:a4:f2:df:3d:84:46:04:4b:85:b2:42:d5:f6:
                    6d:62:01:ef:15:81:c6:d9:72:a0:86:71:5f:b7:85:
                    12:1e:94:a1:55:d9:bb:49:4c:80:96:8e:0b:c9:f9:
                    fc:28:ca:fc:16:e3:ec:f2:93:2c:49:23:48:22:0c:
                    c6:99:5f:50:ca:84:20:4b:b0:66:19:70:fe:6a:a2:
                    4c:6d:ca:cf:bc:e9:de:8d:eb:a3:7a:69:3a:ab:c5:
                    bb:c0:bd:e0:e5:8f:d2:ed:86:50:9c:d4:14:44:78:
                    9d:58:43:bf:e4:32:f5:c9:7a:80:f3:7f:2b:d8:e5:
                    70:07:38:18:e4:52:47:da:7d:af:1e:92:d8:a2:61:
                    8c:f5:62:65:19:e5:af:9b:fd:87:de:fb:61:bb:38:
                    1c:ff:88:38:5d:9e:9f:0b:6f:93:31:d4:d4:95:df:
                    2d:aa:89:01:62:c6:bc:b7:8a:34:a0:d4:cf:a6:38:
                    5f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:0F:4A:B8:08:D1:83:6E:34:CF:2D:F1:1E:52:39:F0:D3:F7:BB:94
            X509v3 Authority Key Identifier:
                keyid:DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/hA9KuAjRg240zy3xHlI58NP3u5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/3pRhwhG_NVHFUHyTC0IExuxDsyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:9a:bf:14:ab:04:2e:b8:d7:10:c8:7e:43:04:86:02:f4:a6:
         32:cc:7b:a3:b7:6b:e8:30:bd:d7:e9:cb:8c:40:f2:b4:c3:8b:
         28:a4:3f:bf:0d:ef:77:72:b8:eb:7a:71:bc:5f:80:50:e3:33:
         a6:f7:22:2d:a0:35:81:b9:63:56:cb:12:00:95:83:36:e3:53:
         66:e7:aa:c6:c4:00:3b:8f:02:ff:a1:ed:11:f9:99:d3:c9:95:
         4d:f5:4e:b4:82:73:d7:5c:68:53:b2:da:1f:3f:8a:0a:95:00:
         00:49:30:5f:40:78:ca:99:9b:4a:ca:49:9d:f1:f1:26:72:b2:
         3d:4c:e6:d9:a8:07:7f:e6:0c:00:17:7e:18:66:ee:5f:f0:0f:
         76:43:ee:52:1a:8e:97:3b:76:f9:30:2b:6b:0b:a4:bc:ab:84:
         10:e6:fe:a0:ee:e7:4d:21:66:8f:5c:ae:c4:52:d3:dc:de:15:
         9e:18:92:24:51:05:7c:8e:5f:9a:78:5a:fa:aa:54:74:70:ce:
         0a:2c:b5:78:64:71:22:eb:52:4b:e1:31:fd:ce:08:19:2a:9e:
         ed:8c:7d:3b:e7:a8:19:bd:f7:da:fb:29:0b:8a:0f:96:b9:3a:
         90:bd:1c:f7:82:7a:2f:42:a5:02:46:b7:4e:00:93:53:63:31:
         c2:a8:6b:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOhpuIK9jI1GOEOcJb8FIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTQ2MWMyMTFiZjM1NTFjNTUwN2M5MzBiNDIwNGM2ZWM0
M2IzMjIwHhcNMjMwMTAyMTEyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBmNGFiODA4ZDE4MzZlMzRjZjJkZjExZTUyMzlmMGQzZjdiYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufom0D2J2jsvq3iqw/LSotS5kL0s
+bHP1ryAQbUA36KoY4E7+qr6UvI5yDsGxYiWQeT8gmx6xQWtM/+AP2hdoAw2ejv6
Kpg5VBdHBaTy3z2ERgRLhbJC1fZtYgHvFYHG2XKghnFft4USHpShVdm7SUyAlo4L
yfn8KMr8FuPs8pMsSSNIIgzGmV9QyoQgS7BmGXD+aqJMbcrPvOnejeujemk6q8W7
wL3g5Y/S7YZQnNQURHidWEO/5DL1yXqA838r2OVwBzgY5FJH2n2vHpLYomGM9WJl
GeWvm/2H3vthuzgc/4g4XZ6fC2+TMdTUld8tqokBYsa8t4o0oNTPpjhf5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQPSrgI0YNuNM8t8R5SOfDT97uUMB8GA1UdIwQY
MBaAFN6UYcIRvzVRxVB8kwtCBMbsQ7MiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2Zjct
ODIwMmE0NjdkNzUzLzEvaEE5S3VBalJnMjQwenkzeEhsSTU4TlAzdTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2ZjctODIwMmE0NjdkNzUz
LzEvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8BqMA0G
CSqGSIb3DQEBCwUAA4IBAQBZmr8UqwQuuNcQyH5DBIYC9KYyzHujt2voML3X6cuM
QPK0w4sopD+/De93crjrenG8X4BQ4zOm9yItoDWBuWNWyxIAlYM241Nm56rGxAA7
jwL/oe0R+ZnTyZVN9U60gnPXXGhTstofP4oKlQAASTBfQHjKmZtKykmd8fEmcrI9
TObZqAd/5gwAF34YZu5f8A92Q+5SGo6XO3b5MCtrC6S8q4QQ5v6g7udNIWaPXK7E
UtPc3hWeGJIkUQV8jl+aeFr6qlR0cM4KLLV4ZHEi61JL4TH9zggZKp7tjH0756gZ
vffa+ykLig+WuTqQvRz3gnovQqUCRrdOAJNTYzHCqGug
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:37 2024 by rpki-client on console-ams.rpki-client.org