Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ylXrE3YK2H7gLV0IMU3J0mRZkMI.roa
File:                     ylXrE3YK2H7gLV0IMU3J0mRZkMI.roa (raw, json)
Hash identifier:          kNnnLimquodv1WR/hv3nJ+9fwA+No5ADB8ebhIEOwnA=
Subject key identifier:   CA:55:EB:13:76:0A:D8:7E:E0:2D:5D:08:31:4D:C9:D2:64:59:90:C2
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018736C41BB2F7C568F74F749DA60449BEEF
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ylXrE3YK2H7gLV0IMU3J0mRZkMI.roa
Signing time:             Fri 31 Mar 2023 08:23:54 +0000
ROA not before:           Fri 31 Mar 2023 08:23:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.47.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 08:33:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:36:c4:1b:b2:f7:c5:68:f7:4f:74:9d:a6:04:49:be:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Mar 31 08:23:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ca55eb13760ad87ee02d5d08314dc9d2645990c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:36:c6:de:56:ab:b6:01:0d:36:a5:cd:b1:92:
                    8d:26:7c:6e:32:7e:25:9e:13:ac:e3:49:fd:ed:16:
                    49:d2:b0:18:65:57:00:e5:85:cf:c8:e0:0c:80:4e:
                    a4:64:1b:eb:9e:da:d8:f1:de:78:24:0d:6c:9e:47:
                    e1:b1:a1:f5:51:5e:f3:c8:4a:72:0b:d2:78:06:f5:
                    dd:e8:10:58:c1:b7:62:2e:5a:29:d1:dd:09:53:08:
                    7e:e5:31:47:c4:61:a0:b8:bc:13:98:a3:ab:ad:2d:
                    51:fb:fd:66:8a:a9:be:a3:35:27:5a:7d:22:9b:4d:
                    88:98:d6:c8:8e:6a:87:06:60:1f:d3:60:7c:89:b0:
                    bc:ad:f9:dc:c0:9d:d8:81:7a:3d:14:fd:a0:92:60:
                    58:29:ac:d6:4c:63:37:87:f9:b8:bc:97:55:eb:65:
                    b5:b6:4f:4f:2b:a3:c5:d7:35:7c:7f:56:3e:0d:be:
                    d3:a8:47:0b:f5:14:4f:88:4a:7f:52:c7:fd:82:1b:
                    bd:7b:52:a6:60:d1:f2:7f:ce:fe:4d:f3:f8:cd:23:
                    c4:bc:1f:45:d2:7a:a3:50:2f:fc:32:17:fb:41:8b:
                    db:28:b8:e2:38:4f:6d:de:07:07:f0:73:4a:8f:ce:
                    e5:32:f8:a2:f6:e9:05:89:f7:36:29:bc:ce:74:de:
                    48:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:55:EB:13:76:0A:D8:7E:E0:2D:5D:08:31:4D:C9:D2:64:59:90:C2
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ylXrE3YK2H7gLV0IMU3J0mRZkMI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.47.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:28:33:85:93:1e:6d:02:54:f2:ba:fa:18:98:a2:6b:cb:d1:
         bf:72:2e:d0:71:47:9e:87:d4:fd:8d:da:9e:5d:4d:27:74:22:
         68:47:eb:bc:02:24:06:f6:f8:bd:fd:d7:c4:6e:8a:05:ed:8d:
         69:1e:64:dd:eb:40:12:dc:9e:e4:d2:ca:98:cc:c1:88:f9:ce:
         53:bb:63:6d:59:9f:c1:da:6f:19:5e:37:8e:e8:0e:3d:c3:d4:
         fc:66:25:3e:88:63:e1:c8:51:a5:ca:75:2e:4f:04:d2:64:b7:
         42:09:17:cf:bb:08:1d:b6:42:a3:15:e5:18:7f:2e:5f:00:8b:
         fe:c0:6c:20:13:0b:23:71:bf:a4:a6:05:4f:36:81:5f:c1:23:
         2e:6e:87:9d:41:0d:09:57:06:98:49:09:c8:92:a4:92:c8:25:
         30:3c:18:52:08:bf:cc:a8:27:8e:8d:c1:30:0a:ed:21:69:45:
         16:05:1b:a5:09:8a:d9:f7:24:f2:21:dc:0c:cd:79:da:53:6a:
         bf:86:d7:fa:ee:1a:4c:f6:85:51:8e:4d:d7:c0:a4:c0:5c:0c:
         27:e9:32:ad:78:ff:66:88:bd:a6:7e:8f:53:74:5b:c2:90:a5:
         ee:5b:3d:8e:69:09:b9:ad:5e:2a:ed:f8:be:19:52:d4:d2:16:
         fe:f4:d2:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc2xBuy98Vo9090naYESb7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMzMxMDgyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTU1ZWIxMzc2MGFkODdlZTAyZDVkMDgzMTRkYzlkMjY0NTk5MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjbG3lartgENNqXNsZKNJnxuMn4l
nhOs40n97RZJ0rAYZVcA5YXPyOAMgE6kZBvrntrY8d54JA1snkfhsaH1UV7zyEpy
C9J4BvXd6BBYwbdiLlop0d0JUwh+5TFHxGGguLwTmKOrrS1R+/1miqm+ozUnWn0i
m02ImNbIjmqHBmAf02B8ibC8rfncwJ3YgXo9FP2gkmBYKazWTGM3h/m4vJdV62W1
tk9PK6PF1zV8f1Y+Db7TqEcL9RRPiEp/Usf9ghu9e1KmYNHyf87+TfP4zSPEvB9F
0nqjUC/8Mhf7QYvbKLjiOE9t3gcH8HNKj87lMvii9ukFifc2KbzOdN5IdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpV6xN2Cth+4C1dCDFNydJkWZDCMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEveWxYckUzWUsySDdnTFYwSU1VM0owbVJaa01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuS9bMA0G
CSqGSIb3DQEBCwUAA4IBAQCWKDOFkx5tAlTyuvoYmKJry9G/ci7QcUeeh9T9jdqe
XU0ndCJoR+u8AiQG9vi9/dfEbooF7Y1pHmTd60AS3J7k0sqYzMGI+c5Tu2NtWZ/B
2m8ZXjeO6A49w9T8ZiU+iGPhyFGlynUuTwTSZLdCCRfPuwgdtkKjFeUYfy5fAIv+
wGwgEwsjcb+kpgVPNoFfwSMuboedQQ0JVwaYSQnIkqSSyCUwPBhSCL/MqCeOjcEw
Cu0haUUWBRulCYrZ9yTyIdwMzXnaU2q/htf67hpM9oVRjk3XwKTAXAwn6TKteP9m
iL2mfo9TdFvCkKXuWz2OaQm5rV4q7fi+GVLU0hb+9NKI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org