Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/pAYiVQbbsK7_9d5R821uuzQ9qWo.roa
File:                     pAYiVQbbsK7_9d5R821uuzQ9qWo.roa (raw, json)
Hash identifier:          1v/YHg2ZysJCU0WkXV7Q5bY7KR064yoTftdptjQS8gY=
Subject key identifier:   A4:06:22:55:06:DB:B0:AE:FF:F5:DE:51:F3:6D:6E:BB:34:3D:A9:6A
Certificate issuer:       /CN=de9461c211bf3551c5507c930b4204c6ec43b322
Certificate serial:       018ACA9500945212879C89B9B38D29D5F43F
Authority key identifier: DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/pAYiVQbbsK7_9d5R821uuzQ9qWo.roa
Signing time:             Mon 25 Sep 2023 04:24:37 +0000
ROA not before:           Mon 25 Sep 2023 04:24:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     134963
IP address blocks:        91.192.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ca:95:00:94:52:12:87:9c:89:b9:b3:8d:29:d5:f4:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de9461c211bf3551c5507c930b4204c6ec43b322
        Validity
            Not Before: Sep 25 04:24:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a406225506dbb0aefff5de51f36d6ebb343da96a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:00:2f:e1:15:10:f6:43:e6:b4:31:49:a3:35:
                    c2:3d:09:71:7a:6a:7b:79:68:8b:c1:07:a7:70:5c:
                    b2:7c:22:ad:90:7f:fd:94:a9:20:4e:64:e5:58:94:
                    e3:d3:51:eb:46:47:09:e1:d6:51:25:a9:85:cb:f8:
                    7d:22:42:e0:b6:b5:77:b0:bc:c5:95:6e:0d:5d:de:
                    14:7e:14:65:a6:d2:66:df:12:51:10:92:ab:8d:0e:
                    ce:4a:66:83:f6:01:98:26:2e:67:c4:e0:4c:68:b4:
                    9e:f3:5c:d9:02:78:c4:1c:35:38:b3:a2:f5:3b:94:
                    0e:0e:c2:6f:87:a3:7e:64:3d:e4:ae:07:e7:38:33:
                    03:84:9d:f0:cf:a8:e1:48:a4:98:83:f4:24:2f:67:
                    97:41:4b:59:c2:94:96:89:98:76:e6:8c:3b:89:4a:
                    ef:47:f8:c0:c3:c5:f4:22:56:72:dd:7a:dd:54:7d:
                    09:82:92:3a:5b:18:66:b3:4a:64:3e:a8:e9:b3:b7:
                    68:22:ba:55:11:3d:fa:f1:49:a1:b4:94:bb:f4:19:
                    30:77:67:bd:b0:9b:49:dc:d3:86:ca:06:0d:75:54:
                    01:bf:88:e4:46:d5:df:e1:1f:8d:b5:9b:5b:a8:1c:
                    35:84:20:bc:03:52:8d:d2:c3:20:87:77:9b:f3:22:
                    ae:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:06:22:55:06:DB:B0:AE:FF:F5:DE:51:F3:6D:6E:BB:34:3D:A9:6A
            X509v3 Authority Key Identifier:
                keyid:DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/pAYiVQbbsK7_9d5R821uuzQ9qWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/3pRhwhG_NVHFUHyTC0IExuxDsyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:92:b3:55:c7:68:11:5b:84:4e:b1:74:23:95:c8:82:69:1e:
         6c:28:e1:bc:73:4a:ee:5e:5a:e9:c1:d1:e1:59:f7:5f:18:80:
         96:d1:a7:4d:a3:d4:b0:f7:87:df:20:76:eb:79:ff:6c:9c:8b:
         d5:db:d3:f7:93:51:b3:0d:a6:77:0e:41:6b:ff:db:fa:61:65:
         36:a3:0a:de:b2:b9:62:11:ae:0a:29:99:5f:6c:28:5c:35:e6:
         b0:f1:9c:29:d3:eb:07:10:20:e0:37:9e:2d:66:1e:2e:f3:f7:
         ea:ed:b1:a7:76:89:c5:cb:da:6a:b9:7c:ea:5d:8e:b8:11:03:
         45:df:19:11:1f:b3:b6:08:98:d0:63:30:46:cb:dd:7d:1e:3e:
         7c:07:83:5e:1e:a6:0c:17:d4:74:97:07:b7:e3:77:b8:2b:d8:
         65:99:8f:9f:11:ad:39:d8:b3:b1:08:e2:78:4e:e5:90:cc:d3:
         c5:63:6c:a8:8b:47:9d:33:4f:7d:96:48:0a:92:ab:bc:95:57:
         27:e4:d2:a4:14:1f:4d:d7:21:7a:27:8d:c6:f5:9b:40:11:91:
         f9:c4:56:2f:87:6f:6d:04:f1:ce:11:1c:d6:c5:c9:e4:58:98:
         ca:e1:51:95:5c:b6:5d:6d:37:0c:0f:ed:23:b6:4b:3f:75:88:
         a7:c6:54:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrKlQCUUhKHnIm5s40p1fQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTQ2MWMyMTFiZjM1NTFjNTUwN2M5MzBiNDIwNGM2ZWM0
M2IzMjIwHhcNMjMwOTI1MDQyNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA2MjI1NTA2ZGJiMGFlZmZmNWRlNTFmMzZkNmViYjM0M2RhOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQAv4RUQ9kPmtDFJozXCPQlxemp7
eWiLwQencFyyfCKtkH/9lKkgTmTlWJTj01HrRkcJ4dZRJamFy/h9IkLgtrV3sLzF
lW4NXd4UfhRlptJm3xJREJKrjQ7OSmaD9gGYJi5nxOBMaLSe81zZAnjEHDU4s6L1
O5QODsJvh6N+ZD3krgfnODMDhJ3wz6jhSKSYg/QkL2eXQUtZwpSWiZh25ow7iUrv
R/jAw8X0IlZy3XrdVH0JgpI6Wxhms0pkPqjps7doIrpVET368UmhtJS79Bkwd2e9
sJtJ3NOGygYNdVQBv4jkRtXf4R+NtZtbqBw1hCC8A1KN0sMgh3eb8yKuwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQGIlUG27Cu//XeUfNtbrs0PalqMB8GA1UdIwQY
MBaAFN6UYcIRvzVRxVB8kwtCBMbsQ7MiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2Zjct
ODIwMmE0NjdkNzUzLzEvcEFZaVZRYmJzSzdfOWQ1UjgyMXV1elE5cVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2ZjctODIwMmE0NjdkNzUz
LzEvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8BrMA0G
CSqGSIb3DQEBCwUAA4IBAQBOkrNVx2gRW4ROsXQjlciCaR5sKOG8c0ruXlrpwdHh
WfdfGICW0adNo9Sw94ffIHbref9snIvV29P3k1GzDaZ3DkFr/9v6YWU2owresrli
Ea4KKZlfbChcNeaw8Zwp0+sHECDgN54tZh4u8/fq7bGndonFy9pquXzqXY64EQNF
3xkRH7O2CJjQYzBGy919Hj58B4NeHqYMF9R0lwe343e4K9hlmY+fEa052LOxCOJ4
TuWQzNPFY2yoi0edM099lkgKkqu8lVcn5NKkFB9N1yF6J43G9ZtAEZH5xFYvh29t
BPHOERzWxcnkWJjK4VGVXLZdbTcMD+0jtks/dYinxlTK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:37 2024 by rpki-client on console-ams.rpki-client.org