Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/mSk_o6gcj6Tl4YU1wko1Vbs1KJ0.roa
File:                     mSk_o6gcj6Tl4YU1wko1Vbs1KJ0.roa (raw, json)
Hash identifier:          pSZ9wgQgjtow8q1t6yKabH2Y453pZlC+rCc5OLtyzIM=
Subject key identifier:   99:29:3F:A3:A8:1C:8F:A4:E5:E1:85:35:C2:4A:35:55:BB:35:28:9D
Certificate issuer:       /CN=de9461c211bf3551c5507c930b4204c6ec43b322
Certificate serial:       0185723A18B56E7231033052A9D6CB70141A
Authority key identifier: DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/mSk_o6gcj6Tl4YU1wko1Vbs1KJ0.roa
Signing time:             Mon 02 Jan 2023 11:24:48 +0000
ROA not before:           Mon 02 Jan 2023 11:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        91.192.106.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:3a:18:b5:6e:72:31:03:30:52:a9:d6:cb:70:14:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de9461c211bf3551c5507c930b4204c6ec43b322
        Validity
            Not Before: Jan  2 11:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99293fa3a81c8fa4e5e18535c24a3555bb35289d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:1e:c3:1f:ce:06:e1:ee:6e:3a:3a:f3:9d:94:
                    53:d9:32:0d:e5:2e:b7:c3:72:d0:b8:f4:79:47:61:
                    c7:c8:64:7b:c7:8b:86:4b:81:72:ae:d6:b5:9c:46:
                    c5:8a:d8:f5:23:2f:42:dc:67:95:3c:1a:88:26:74:
                    b4:94:7a:68:c8:c8:a7:88:1c:ed:a2:f1:e7:47:b1:
                    5f:a8:b2:13:12:ac:79:bf:11:48:7e:90:1d:22:1b:
                    e2:94:bb:b0:ab:e1:dd:72:ba:a6:db:69:8f:b1:ab:
                    04:28:45:8f:18:0f:ec:29:c6:ed:88:0a:53:5e:96:
                    bf:68:b3:60:d6:78:f2:d0:b6:b3:55:e2:00:7a:ad:
                    42:d7:6a:7a:73:a4:62:f5:32:0a:47:a3:48:67:c0:
                    c3:1e:89:44:d3:47:47:c4:1e:42:b1:9b:30:e5:cb:
                    3b:55:fe:85:e9:69:e9:26:b2:81:a6:bd:1e:25:ad:
                    57:68:3c:84:82:2e:b1:e5:76:bd:80:ff:91:44:1b:
                    0b:e2:71:34:58:7c:e4:82:03:02:05:fa:59:1a:b1:
                    62:c4:f6:b4:4a:06:08:8a:3f:5b:00:ef:66:af:aa:
                    83:62:8c:51:74:2c:a8:e8:f8:b7:fb:0f:30:8f:68:
                    97:7d:e1:c2:eb:00:b3:a8:02:2a:12:68:e1:8b:ce:
                    58:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:29:3F:A3:A8:1C:8F:A4:E5:E1:85:35:C2:4A:35:55:BB:35:28:9D
            X509v3 Authority Key Identifier:
                keyid:DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/mSk_o6gcj6Tl4YU1wko1Vbs1KJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/3pRhwhG_NVHFUHyTC0IExuxDsyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6b:5f:e8:13:c1:1d:2b:46:5e:5d:df:ad:18:39:6d:b9:54:1b:
         24:9b:7e:a5:46:4b:09:fd:5b:8b:9d:4c:c5:9d:5f:e0:28:f0:
         fb:52:28:ea:fa:ee:dc:39:4b:6f:ed:b4:fd:5e:66:30:3c:a0:
         6a:57:2a:35:ab:08:d7:9e:56:99:1f:c9:0b:ce:36:ba:2f:65:
         aa:d2:3b:c7:1f:f8:ec:56:04:1f:64:94:3b:07:9d:94:2a:d7:
         79:65:63:42:ec:bc:ef:41:ad:4f:f6:97:d0:93:83:55:3e:0e:
         53:36:52:30:a4:89:68:a5:17:3c:35:99:25:33:bd:e6:f8:be:
         87:1a:7a:17:6d:dc:4d:c8:04:f8:71:b3:19:5e:4d:31:62:89:
         66:d1:f8:c0:e0:00:f1:c4:8b:99:ed:1a:32:46:5b:0b:ae:64:
         f9:85:b5:fc:20:0e:5a:75:97:c8:02:bb:28:c1:54:8a:14:8a:
         14:6f:d6:27:13:82:08:24:de:9a:52:03:ae:21:79:12:43:b6:
         7c:dc:d7:a3:bf:9f:d8:ae:09:3f:aa:c0:4f:be:db:f4:ad:a0:
         93:20:48:02:c5:e9:a1:6b:ed:d9:2b:e8:87:eb:05:01:e2:e3:
         41:66:c6:d5:d7:76:62:1a:2b:6a:66:7b:33:d0:8b:63:f4:b6:
         72:75:31:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOhi1bnIxAzBSqdbLcBQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTQ2MWMyMTFiZjM1NTFjNTUwN2M5MzBiNDIwNGM2ZWM0
M2IzMjIwHhcNMjMwMTAyMTEyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTI5M2ZhM2E4MWM4ZmE0ZTVlMTg1MzVjMjRhMzU1NWJiMzUyODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4B7DH84G4e5uOjrznZRT2TIN5S63
w3LQuPR5R2HHyGR7x4uGS4Fyrta1nEbFitj1Iy9C3GeVPBqIJnS0lHpoyMiniBzt
ovHnR7FfqLITEqx5vxFIfpAdIhvilLuwq+Hdcrqm22mPsasEKEWPGA/sKcbtiApT
Xpa/aLNg1njy0LazVeIAeq1C12p6c6Ri9TIKR6NIZ8DDHolE00dHxB5CsZsw5cs7
Vf6F6WnpJrKBpr0eJa1XaDyEgi6x5Xa9gP+RRBsL4nE0WHzkggMCBfpZGrFixPa0
SgYIij9bAO9mr6qDYoxRdCyo6Pi3+w8wj2iXfeHC6wCzqAIqEmjhi85YwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJkpP6OoHI+k5eGFNcJKNVW7NSidMB8GA1UdIwQY
MBaAFN6UYcIRvzVRxVB8kwtCBMbsQ7MiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2Zjct
ODIwMmE0NjdkNzUzLzEvbVNrX282Z2NqNlRsNFlVMXdrbzFWYnMxS0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2ZjctODIwMmE0NjdkNzUz
LzEvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8BqMA0G
CSqGSIb3DQEBCwUAA4IBAQBrX+gTwR0rRl5d360YOW25VBskm36lRksJ/VuLnUzF
nV/gKPD7Uijq+u7cOUtv7bT9XmYwPKBqVyo1qwjXnlaZH8kLzja6L2Wq0jvHH/js
VgQfZJQ7B52UKtd5ZWNC7LzvQa1P9pfQk4NVPg5TNlIwpIlopRc8NZklM73m+L6H
GnoXbdxNyAT4cbMZXk0xYolm0fjA4ADxxIuZ7RoyRlsLrmT5hbX8IA5adZfIArso
wVSKFIoUb9YnE4IIJN6aUgOuIXkSQ7Z83Nejv5/Yrgk/qsBPvtv0raCTIEgCxemh
a+3ZK+iH6wUB4uNBZsbV13ZiGitqZnsz0Itj9LZydTFx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:37 2024 by rpki-client on console-ams.rpki-client.org