Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/tI42It_M-duDrfHhZqvRSlX1MQI.roa
File:                     tI42It_M-duDrfHhZqvRSlX1MQI.roa (raw, json)
Hash identifier:          sSaB8nz26NYHFuCKj4mPnG+qbPwIpqiPQRFBwOZFhgI=
Subject key identifier:   B4:8E:36:22:DF:CC:F9:DB:83:AD:F1:E1:66:AB:D1:4A:55:F5:31:02
Certificate issuer:       /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial:       01856B81156D53394CFB1BCD94E2628630CA
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/tI42It_M-duDrfHhZqvRSlX1MQI.roa
Signing time:             Sun 01 Jan 2023 04:04:59 +0000
ROA not before:           Sun 01 Jan 2023 04:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49729
IP address blocks:        91.228.88.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:81:15:6d:53:39:4c:fb:1b:cd:94:e2:62:86:30:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
        Validity
            Not Before: Jan  1 04:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b48e3622dfccf9db83adf1e166abd14a55f53102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:45:84:c3:74:be:c0:c8:63:df:a1:0a:99:df:
                    9a:36:a7:3d:d8:c8:6f:4a:c0:0c:5c:82:82:46:09:
                    ac:74:eb:fe:75:a8:80:48:ca:f7:1f:55:3d:39:49:
                    dc:4b:5f:71:76:75:9d:7f:bd:06:88:ef:de:c7:37:
                    23:57:17:f9:2e:50:6c:8c:7d:fb:2f:2e:f3:e2:75:
                    03:9a:29:ef:fb:69:1a:98:b5:a4:ba:9d:68:d7:bc:
                    82:59:5f:0f:d1:f6:4a:55:ea:ff:e1:f4:41:d7:c8:
                    0b:e2:07:93:54:97:b0:72:8a:39:82:2d:88:ae:ac:
                    fc:e1:e9:73:64:f9:68:e1:99:24:c3:40:eb:b4:32:
                    69:f5:54:55:ae:28:d7:01:62:19:8b:55:dc:8e:5f:
                    7b:36:a5:12:0e:89:ba:4b:4b:2f:93:f0:b2:64:b7:
                    63:a9:89:5f:8b:aa:7f:dd:11:66:6d:4a:50:6c:2c:
                    03:f5:ff:17:3f:52:49:67:b6:c8:3a:9b:c6:7a:fe:
                    2e:c0:1e:7f:d9:e0:89:21:d4:7a:a5:0f:8f:15:d6:
                    d6:3a:3a:5b:5e:8b:ea:96:49:36:91:23:fa:df:95:
                    da:15:89:9f:d7:e3:cc:84:6c:de:7b:06:57:2d:90:
                    ff:0a:d1:a1:26:d5:c9:50:da:5f:d6:37:ac:3a:05:
                    ed:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:8E:36:22:DF:CC:F9:DB:83:AD:F1:E1:66:AB:D1:4A:55:F5:31:02
            X509v3 Authority Key Identifier:
                keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/tI42It_M-duDrfHhZqvRSlX1MQI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:0b:11:f1:74:dd:bc:7e:a9:a0:71:81:0e:20:9e:5a:48:1d:
         be:51:04:c5:88:91:7f:2f:67:72:e9:9e:0e:6c:81:7e:7e:5d:
         10:73:a4:74:cf:5f:fc:2e:00:62:c3:b1:03:a4:d2:76:c8:4e:
         e2:0c:44:02:7c:80:d3:ef:82:ad:df:6e:45:0a:07:51:8b:bd:
         bf:d4:6a:80:b1:50:83:62:fc:a6:b1:d7:59:e3:3d:e4:ca:ad:
         9c:ce:cb:3e:b3:b7:40:64:60:fa:ed:90:0f:23:0b:1c:f4:80:
         fa:12:5a:de:a3:ad:1b:d6:35:9f:8e:75:9a:f5:ed:45:e9:db:
         a3:ca:eb:a0:b0:af:6e:70:ab:8d:dd:9f:fe:e9:e9:5e:ff:ee:
         0d:d2:d5:29:ba:0b:13:52:78:4d:ea:56:8c:88:37:b0:73:cb:
         8b:f5:e0:0d:16:b8:c9:8c:2a:ae:15:01:3a:46:81:36:6b:8f:
         27:37:3e:2e:4a:45:75:fb:b6:73:5e:2c:16:19:1d:d0:d0:51:
         51:a4:67:ed:0b:73:68:75:62:75:c2:00:c0:84:a2:aa:7f:35:
         39:7c:8c:85:55:1b:10:e2:4f:16:5a:f9:66:6f:47:68:30:a1:
         08:79:60:77:d9:18:12:d0:a9:9a:ea:25:15:a9:9e:3f:f4:39:
         0f:bc:46:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgRVtUzlM+xvNlOJihjDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjMwMTAxMDQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDhlMzYyMmRmY2NmOWRiODNhZGYxZTE2NmFiZDE0YTU1ZjUzMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEWEw3S+wMhj36EKmd+aNqc92Mhv
SsAMXIKCRgmsdOv+daiASMr3H1U9OUncS19xdnWdf70GiO/exzcjVxf5LlBsjH37
Ly7z4nUDminv+2kamLWkup1o17yCWV8P0fZKVer/4fRB18gL4geTVJewcoo5gi2I
rqz84elzZPlo4Zkkw0DrtDJp9VRVrijXAWIZi1Xcjl97NqUSDom6S0svk/CyZLdj
qYlfi6p/3RFmbUpQbCwD9f8XP1JJZ7bIOpvGev4uwB5/2eCJIdR6pQ+PFdbWOjpb
Xovqlkk2kSP635XaFYmf1+PMhGzeewZXLZD/CtGhJtXJUNpf1jesOgXt5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSONiLfzPnbg63x4War0UpV9TECMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvdEk0Mkl0X00tZHVEcmZIaFpxdlJTbFgxTVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+RYMA0G
CSqGSIb3DQEBCwUAA4IBAQCfCxHxdN28fqmgcYEOIJ5aSB2+UQTFiJF/L2dy6Z4O
bIF+fl0Qc6R0z1/8LgBiw7EDpNJ2yE7iDEQCfIDT74Kt325FCgdRi72/1GqAsVCD
YvymsddZ4z3kyq2czss+s7dAZGD67ZAPIwsc9ID6Elreo60b1jWfjnWa9e1F6duj
yuugsK9ucKuN3Z/+6ele/+4N0tUpugsTUnhN6laMiDewc8uL9eANFrjJjCquFQE6
RoE2a48nNz4uSkV1+7ZzXiwWGR3Q0FFRpGftC3NodWJ1wgDAhKKqfzU5fIyFVRsQ
4k8WWvlmb0doMKEIeWB32RgS0Kma6iUVqZ4/9DkPvEah
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:58 2024 by rpki-client on console-ams.rpki-client.org