Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/JcnIob5AwOYiEVaP9-itK3hnjy8.roa
File:                     JcnIob5AwOYiEVaP9-itK3hnjy8.roa (raw, json)
Hash identifier:          6hnD0ZdyanqNrozgijg7xPHTp3l2fLe8ftSyE+G+evc=
Subject key identifier:   25:C9:C8:A1:BE:40:C0:E6:22:11:56:8F:F7:E8:AD:2B:78:67:8F:2F
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       018AF4EB3C6D48C2EB80EA333DEEFC0AF673
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/JcnIob5AwOYiEVaP9-itK3hnjy8.roa
Signing time:             Tue 03 Oct 2023 09:42:51 +0000
ROA not before:           Tue 03 Oct 2023 09:42:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47757
IP address blocks:        91.228.12.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Oct 2023 12:21:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f4:eb:3c:6d:48:c2:eb:80:ea:33:3d:ee:fc:0a:f6:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Oct  3 09:42:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25c9c8a1be40c0e62211568ff7e8ad2b78678f2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b2:12:5d:a9:3c:10:a7:70:2e:36:b8:d3:fc:
                    1c:5b:55:2d:f2:f3:93:53:95:7b:fb:5c:98:4f:da:
                    81:50:37:21:4e:40:87:95:7a:db:d3:04:34:d0:6a:
                    e8:2d:48:76:ea:54:e1:8a:85:bc:df:d6:22:d9:90:
                    4b:ed:84:fd:60:66:c4:c9:30:1e:c3:80:25:3b:5c:
                    ed:c1:82:85:6e:bd:95:98:72:9e:a1:d9:24:d2:29:
                    3b:ba:da:33:fd:c1:2e:f0:77:dd:b1:86:45:29:c3:
                    6d:2f:2f:92:90:7a:8f:c8:aa:e6:0e:8d:90:22:97:
                    71:82:64:01:ad:ae:a4:3c:bc:dc:29:fe:32:2e:6b:
                    0c:bb:8f:02:81:8b:93:1c:9a:93:24:e3:bb:2c:57:
                    d7:f0:b5:aa:69:2f:63:c9:20:01:45:f1:d6:54:ab:
                    fc:6b:cd:61:d4:61:d5:9d:cc:e7:49:fe:ae:7f:a7:
                    71:f4:b5:08:a6:b0:52:10:ef:3f:36:1f:de:f7:a0:
                    21:47:ff:9e:68:de:40:08:27:eb:4a:8f:7e:4b:05:
                    3b:7c:5d:b5:b2:c3:b7:8d:2d:f3:0d:b8:e6:60:31:
                    fa:10:d4:67:fc:06:52:7e:ae:39:4b:75:08:a1:70:
                    d8:fe:a5:aa:03:01:25:52:90:66:3c:c2:07:11:8d:
                    c3:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C9:C8:A1:BE:40:C0:E6:22:11:56:8F:F7:E8:AD:2B:78:67:8F:2F
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/JcnIob5AwOYiEVaP9-itK3hnjy8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:ad:0f:61:53:e0:4c:e1:b2:8b:fd:d8:13:a9:ee:e4:75:4c:
         01:40:67:d3:0a:19:42:e9:2d:c3:ae:e8:56:c4:c0:c2:c4:66:
         61:95:b9:de:01:db:69:7e:e6:fd:39:2f:8f:dc:1f:9e:d1:59:
         20:80:7e:18:df:f9:43:43:63:c7:67:19:db:87:b3:a7:01:41:
         c7:09:2b:7f:57:66:bb:f7:a1:33:f7:51:07:af:03:95:52:a9:
         e8:7a:c4:9a:04:93:9f:fb:7f:7f:9c:c7:4b:9e:de:96:ae:1b:
         b9:36:61:42:d5:25:4e:46:85:dd:33:75:84:0f:88:43:05:8c:
         60:e2:3b:b0:24:43:74:cb:8b:ec:67:1b:12:11:92:3f:10:4e:
         40:17:49:d0:76:bc:1a:f3:39:52:30:0d:a0:f3:62:1a:9e:fe:
         ca:03:4c:15:8e:11:02:ea:aa:f8:0d:8c:9f:61:fb:b2:e6:66:
         6f:8b:f1:4c:08:02:95:94:e6:c2:f7:ab:13:14:58:25:f2:11:
         8f:55:80:fb:17:cf:a6:ac:5c:00:36:5b:3e:d0:b8:1e:78:56:
         8d:58:ad:07:a9:2f:5c:b1:d3:fe:b4:eb:8d:ea:ca:fd:f6:97:
         6a:99:71:56:2a:d7:95:9a:71:48:2f:ed:75:d0:f0:af:a5:20:
         fd:e6:6c:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr06zxtSMLrgOozPe78CvZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMDAzMDk0MjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM5YzhhMWJlNDBjMGU2MjIxMTU2OGZmN2U4YWQyYjc4Njc4ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorISXak8EKdwLja40/wcW1Ut8vOT
U5V7+1yYT9qBUDchTkCHlXrb0wQ00GroLUh26lThioW839Yi2ZBL7YT9YGbEyTAe
w4AlO1ztwYKFbr2VmHKeodkk0ik7utoz/cEu8HfdsYZFKcNtLy+SkHqPyKrmDo2Q
IpdxgmQBra6kPLzcKf4yLmsMu48CgYuTHJqTJOO7LFfX8LWqaS9jySABRfHWVKv8
a81h1GHVncznSf6uf6dx9LUIprBSEO8/Nh/e96AhR/+eaN5ACCfrSo9+SwU7fF21
ssO3jS3zDbjmYDH6ENRn/AZSfq45S3UIoXDY/qWqAwElUpBmPMIHEY3D0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXJyKG+QMDmIhFWj/forSt4Z48vMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvSmNuSW9iNUF3T1lpRVZhUDktaXRLM2huank4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+QMMA0G
CSqGSIb3DQEBCwUAA4IBAQAArQ9hU+BM4bKL/dgTqe7kdUwBQGfTChlC6S3DruhW
xMDCxGZhlbneAdtpfub9OS+P3B+e0VkggH4Y3/lDQ2PHZxnbh7OnAUHHCSt/V2a7
96Ez91EHrwOVUqnoesSaBJOf+39/nMdLnt6Wrhu5NmFC1SVORoXdM3WED4hDBYxg
4juwJEN0y4vsZxsSEZI/EE5AF0nQdrwa8zlSMA2g82Ianv7KA0wVjhEC6qr4DYyf
Yfuy5mZvi/FMCAKVlObC96sTFFgl8hGPVYD7F8+mrFwANls+0LgeeFaNWK0HqS9c
sdP+tOuN6sr99pdqmXFWKteVmnFIL+110PCvpSD95myF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:26 2024 by rpki-client on console-ams.rpki-client.org