Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ows5j2e-kNXPO6LLRm0lGkTIX30.roa
File:                     ows5j2e-kNXPO6LLRm0lGkTIX30.roa (raw, json)
Hash identifier:          b/LSZF4NiZJfJprgD/jPk2uOZh+EtAIWrN1cvO1KDf0=
Subject key identifier:   A3:0B:39:8F:67:BE:90:D5:CF:3B:A2:CB:46:6D:25:1A:44:C8:5F:7D
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       018BC2DA2323DDB35313053ED52E0502EC9A
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ows5j2e-kNXPO6LLRm0lGkTIX30.roa
Signing time:             Sun 12 Nov 2023 09:25:57 +0000
ROA not before:           Sun 12 Nov 2023 09:25:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        91.228.14.0/23 maxlen: 24
                          91.228.12.0/24 maxlen: 24
                          94.154.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 18 Nov 2023 09:38:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:c2:da:23:23:dd:b3:53:13:05:3e:d5:2e:05:02:ec:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Nov 12 09:25:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a30b398f67be90d5cf3ba2cb466d251a44c85f7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ab:40:7f:bb:5b:ec:50:07:ba:5d:e2:1f:3f:
                    a1:41:4d:47:2f:f7:51:ac:73:54:6a:2e:dc:f2:53:
                    b6:79:6c:90:77:d4:59:7b:c2:dd:e6:b7:49:30:61:
                    f2:3f:ca:a1:9d:8d:77:7f:e4:8a:42:7e:4f:ee:c0:
                    62:8a:01:54:3b:f5:72:98:aa:b2:94:b1:59:d0:af:
                    d0:a1:42:69:2c:e6:1f:8e:c3:27:9d:1d:9d:a5:c0:
                    1a:14:c4:d8:56:12:cf:f6:e2:38:cf:e2:9b:78:30:
                    dc:df:8a:16:55:10:80:ad:b5:3b:64:57:0e:31:9c:
                    10:8c:40:bd:b3:46:93:51:bf:6a:c4:64:2a:68:bc:
                    6c:5a:02:21:44:8f:aa:62:8a:f3:a3:92:d5:17:59:
                    55:b9:60:dc:7f:fe:53:8b:d8:c7:e7:e0:86:cb:f1:
                    d4:0c:ef:58:40:72:49:8d:ef:aa:03:c3:ac:91:0e:
                    cd:f4:ff:a0:ba:70:e2:0c:73:49:2c:af:b6:fe:13:
                    9a:1f:e9:33:85:c4:b2:a2:23:b1:1a:81:19:bf:56:
                    3e:1e:52:c1:51:98:63:ce:d9:51:50:8d:95:c3:19:
                    d8:fc:e3:1e:9a:36:ab:b6:64:7e:ab:bc:3d:70:94:
                    70:34:ea:04:39:60:ea:34:cd:56:87:3b:f3:f1:28:
                    0f:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:0B:39:8F:67:BE:90:D5:CF:3B:A2:CB:46:6D:25:1A:44:C8:5F:7D
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ows5j2e-kNXPO6LLRm0lGkTIX30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.12.0/24
                  91.228.14.0/23
                  94.154.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:b2:75:db:1c:26:3c:2d:fb:13:b2:9e:d9:51:fa:8b:d8:57:
         42:c9:f7:c1:97:88:66:2e:ea:01:d0:da:cd:3a:9f:61:f5:5c:
         5f:9d:17:80:23:8f:fc:f9:3e:18:c5:7a:64:60:15:b0:49:f3:
         df:f6:3e:cf:30:62:1f:31:57:cf:50:5e:a0:08:17:f7:14:bc:
         22:62:36:5e:58:8b:aa:44:5b:68:d4:8f:ac:a3:83:69:55:e7:
         a1:9d:bd:55:38:cd:d6:eb:0b:f6:1b:b8:5d:55:57:74:e8:92:
         fa:69:7f:12:e2:28:fa:81:ae:26:05:fd:1c:b1:11:46:f7:ed:
         8f:7d:b1:4b:d7:01:ed:5d:17:ed:0b:0a:60:24:68:cb:bd:87:
         67:23:0f:bb:ff:4c:a4:70:8e:75:29:54:c7:d4:8f:15:b8:93:
         4e:cc:08:0d:23:ab:1e:d6:ef:28:c2:cb:6c:d2:0b:a5:89:f4:
         63:40:56:c5:0b:86:1a:03:1a:40:67:fe:36:d2:c1:aa:fc:18:
         91:0e:e4:18:dc:01:e0:64:6f:0b:6b:60:12:d8:0b:49:7d:dc:
         f4:90:25:8b:30:03:08:7a:6d:a3:a1:de:5e:34:6e:2b:e4:c6:
         06:6f:06:ea:fb:5e:80:f1:73:6b:c5:65:3b:b4:a4:ea:bd:0b:
         0e:24:18:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvC2iMj3bNTEwU+1S4FAuyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMTEyMDkyNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBiMzk4ZjY3YmU5MGQ1Y2YzYmEyY2I0NjZkMjUxYTQ0Yzg1ZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKtAf7tb7FAHul3iHz+hQU1HL/dR
rHNUai7c8lO2eWyQd9RZe8Ld5rdJMGHyP8qhnY13f+SKQn5P7sBiigFUO/VymKqy
lLFZ0K/QoUJpLOYfjsMnnR2dpcAaFMTYVhLP9uI4z+KbeDDc34oWVRCArbU7ZFcO
MZwQjEC9s0aTUb9qxGQqaLxsWgIhRI+qYorzo5LVF1lVuWDcf/5Ti9jH5+CGy/HU
DO9YQHJJje+qA8OskQ7N9P+gunDiDHNJLK+2/hOaH+kzhcSyoiOxGoEZv1Y+HlLB
UZhjztlRUI2VwxnY/OMemjartmR+q7w9cJRwNOoEOWDqNM1Whzvz8SgPjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKMLOY9nvpDVzzuiy0ZtJRpEyF99MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvb3dzNWoyZS1rTlhQTzZMTFJtMGxHa1RJWDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QMAwQB
W+QOAwQAXpohMA0GCSqGSIb3DQEBCwUAA4IBAQA8snXbHCY8LfsTsp7ZUfqL2FdC
yffBl4hmLuoB0NrNOp9h9VxfnReAI4/8+T4YxXpkYBWwSfPf9j7PMGIfMVfPUF6g
CBf3FLwiYjZeWIuqRFto1I+so4NpVeehnb1VOM3W6wv2G7hdVVd06JL6aX8S4ij6
ga4mBf0csRFG9+2PfbFL1wHtXRftCwpgJGjLvYdnIw+7/0ykcI51KVTH1I8VuJNO
zAgNI6se1u8owsts0gulifRjQFbFC4YaAxpAZ/420sGq/BiRDuQY3AHgZG8La2AS
2AtJfdz0kCWLMAMIem2jod5eNG4r5MYGbwbq+16A8XNrxWU7tKTqvQsOJBhB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:26 2024 by rpki-client on console-ams.rpki-client.org