Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/B0vLNuFP2d1lMbr72kywRg5ZWMQ.roa
File:                     B0vLNuFP2d1lMbr72kywRg5ZWMQ.roa (raw, json)
Hash identifier:          ScQYDB55ybdIrCW94uvkVQu3Ac0cZFvPFWRg/zO2mPs=
Subject key identifier:   07:4B:CB:36:E1:4F:D9:DD:65:31:BA:FB:DA:4C:B0:46:0E:59:58:C4
Certificate issuer:       /CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
Certificate serial:       01856CCAC091BA7F4D9D4A12DF39D285D349
Authority key identifier: B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/B0vLNuFP2d1lMbr72kywRg5ZWMQ.roa
Signing time:             Sun 01 Jan 2023 10:05:04 +0000
ROA not before:           Sun 01 Jan 2023 10:05:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43349
IP address blocks:        91.215.201.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ca:c0:91:ba:7f:4d:9d:4a:12:df:39:d2:85:d3:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
        Validity
            Not Before: Jan  1 10:05:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=074bcb36e14fd9dd6531bafbda4cb0460e5958c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:aa:a0:e2:67:d6:e7:bd:53:e7:19:f7:b4:ff:
                    e5:20:95:37:f5:62:bd:05:e0:14:c8:70:34:e9:5d:
                    20:ae:4d:bf:c9:d9:9d:db:1e:d0:70:57:d1:88:2a:
                    f5:18:ce:84:18:40:74:b4:74:62:aa:22:51:49:1e:
                    ba:aa:d3:91:4e:a6:7b:e5:f0:d9:04:e1:4c:2c:0c:
                    f6:ed:9e:cb:de:f1:53:8f:9f:3f:a6:7e:73:70:73:
                    af:c9:c4:12:83:73:7e:34:fd:5b:62:ed:b4:aa:a1:
                    3b:38:e2:10:4a:0d:f1:6d:38:13:b6:a3:19:5d:6a:
                    61:58:a7:29:92:37:17:f2:3d:e4:38:07:97:ea:bc:
                    ae:ac:1c:7c:18:fc:10:df:93:f9:66:97:f4:06:c4:
                    6f:3a:bd:d4:37:6a:7e:99:54:37:71:fe:69:3a:32:
                    10:6b:cc:d7:66:e3:e3:66:0b:b5:28:3a:74:85:18:
                    d7:4a:b2:a7:b2:50:20:59:6c:02:b7:a5:8a:f2:fc:
                    5e:d7:d9:96:44:1e:cf:09:6e:bb:d7:6c:51:a7:33:
                    83:1e:00:cd:93:38:99:94:0f:8f:96:81:25:a6:94:
                    02:79:8b:e5:1c:37:b6:32:df:0c:3d:ac:aa:66:1d:
                    59:93:6b:28:40:fd:d7:35:b4:8a:5f:84:3c:db:aa:
                    99:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:4B:CB:36:E1:4F:D9:DD:65:31:BA:FB:DA:4C:B0:46:0E:59:58:C4
            X509v3 Authority Key Identifier:
                keyid:B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/B0vLNuFP2d1lMbr72kywRg5ZWMQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/uO0-vNIVX5oXihA62rSP2osidaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.215.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:6b:b0:b6:02:cf:73:dd:a8:c6:c2:9c:d7:42:be:08:6d:77:
         ae:2d:db:e5:69:c8:e9:48:d6:cf:2e:51:43:e2:64:70:1c:8b:
         d1:66:79:4a:9f:af:97:a2:ec:63:22:6e:a5:f4:79:6d:f9:77:
         ec:31:2c:29:08:da:ef:f4:58:60:d5:96:44:37:9f:d8:d2:02:
         41:38:69:e9:9f:56:38:d0:fa:21:f9:8e:27:7e:d8:36:ff:a8:
         24:ce:aa:a6:3c:46:31:f3:db:84:63:e5:10:1a:cc:5d:f2:77:
         c0:e4:38:cf:39:0d:a7:19:1d:de:76:86:a3:4c:d7:30:28:de:
         be:64:a3:20:5b:c9:53:e2:3e:a3:37:7f:3a:ec:3f:2f:d0:f0:
         53:05:e6:cc:aa:01:bc:02:93:92:a0:b7:78:bc:5a:15:79:ef:
         17:3b:20:1a:11:08:7f:a2:dd:ff:2c:07:9f:1f:ac:7c:25:b2:
         80:8b:20:0c:6c:16:a9:ab:5b:c7:46:c3:0d:72:df:54:1f:0d:
         06:d9:98:18:49:43:09:4d:d2:28:85:1d:e4:c2:0c:c9:78:99:
         c3:a6:a6:6f:c2:a6:53:43:09:0e:1f:56:f2:a6:41:2b:f4:86:
         6d:99:b4:6b:6e:a3:54:4b:a1:4c:d8:85:da:11:10:73:ba:65:
         0d:f2:52:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsysCRun9NnUoS3znShdNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZWQzZWJjZDIxNTVmOWExNzhhMTAzYWRhYjQ4ZmRhOGIy
Mjc1YTUwHhcNMjMwMTAxMTAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzRiY2IzNmUxNGZkOWRkNjUzMWJhZmJkYTRjYjA0NjBlNTk1OGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaqg4mfW571T5xn3tP/lIJU39WK9
BeAUyHA06V0grk2/ydmd2x7QcFfRiCr1GM6EGEB0tHRiqiJRSR66qtORTqZ75fDZ
BOFMLAz27Z7L3vFTj58/pn5zcHOvycQSg3N+NP1bYu20qqE7OOIQSg3xbTgTtqMZ
XWphWKcpkjcX8j3kOAeX6ryurBx8GPwQ35P5Zpf0BsRvOr3UN2p+mVQ3cf5pOjIQ
a8zXZuPjZgu1KDp0hRjXSrKnslAgWWwCt6WK8vxe19mWRB7PCW6712xRpzODHgDN
kziZlA+PloElppQCeYvlHDe2Mt8MPayqZh1Zk2soQP3XNbSKX4Q826qZWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdLyzbhT9ndZTG6+9pMsEYOWVjEMB8GA1UdIwQY
MBaAFLjtPrzSFV+aF4oQOtq0j9qLInWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMt
ZGVhMTJkZDhjN2Y0LzEvQjB2TE51RlAyZDFsTWJyNzJreXdSZzVaV01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMtZGVhMTJkZDhjN2Y0
LzEvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9fJMA0G
CSqGSIb3DQEBCwUAA4IBAQCVa7C2As9z3ajGwpzXQr4IbXeuLdvlacjpSNbPLlFD
4mRwHIvRZnlKn6+XouxjIm6l9Hlt+XfsMSwpCNrv9Fhg1ZZEN5/Y0gJBOGnpn1Y4
0Poh+Y4nftg2/6gkzqqmPEYx89uEY+UQGsxd8nfA5DjPOQ2nGR3edoajTNcwKN6+
ZKMgW8lT4j6jN3867D8v0PBTBebMqgG8ApOSoLd4vFoVee8XOyAaEQh/ot3/LAef
H6x8JbKAiyAMbBapq1vHRsMNct9UHw0G2ZgYSUMJTdIohR3kwgzJeJnDpqZvwqZT
QwkOH1bypkEr9IZtmbRrbqNUS6FM2IXaERBzumUN8lK1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org