Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/6bac3b-3d0a-41c8-8936-94e02c9f150c/1/TXPIOkWSpPM6f7y7pAB5QsUktU8.roa
File:                     TXPIOkWSpPM6f7y7pAB5QsUktU8.roa (raw, json)
Hash identifier:          LJZJF9mShmKuhx28WObYpVpB2yAdl3Ed6ZZcHszFgjU=
Subject key identifier:   4D:73:C8:3A:45:92:A4:F3:3A:7F:BC:BB:A4:00:79:42:C5:24:B5:4F
Certificate issuer:       /CN=0794b700705e0baa736a5dd090acd1cb912c1719
Certificate serial:       0185727A1A31BD22D518F4BAB8570CAD310F
Authority key identifier: 07:94:B7:00:70:5E:0B:AA:73:6A:5D:D0:90:AC:D1:CB:91:2C:17:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B5S3AHBeC6pzal3QkKzRy5EsFxk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/6bac3b-3d0a-41c8-8936-94e02c9f150c/1/TXPIOkWSpPM6f7y7pAB5QsUktU8.roa
Signing time:             Mon 02 Jan 2023 12:34:42 +0000
ROA not before:           Mon 02 Jan 2023 12:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198437
IP address blocks:        91.234.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:7a:1a:31:bd:22:d5:18:f4:ba:b8:57:0c:ad:31:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0794b700705e0baa736a5dd090acd1cb912c1719
        Validity
            Not Before: Jan  2 12:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4d73c83a4592a4f33a7fbcbba4007942c524b54f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ee:70:63:bd:ce:1c:d8:0f:31:18:98:36:be:
                    49:a2:98:c3:91:92:66:61:29:0e:ce:cd:36:44:6b:
                    bf:22:10:d8:91:da:03:26:07:fb:a1:5d:ca:dc:05:
                    24:27:fc:70:14:ec:2d:22:98:47:b6:d4:d1:07:b2:
                    ae:a3:be:ba:0d:8d:bb:57:20:85:b5:ec:0b:9a:5d:
                    e4:9c:9e:56:78:d5:b2:6b:24:66:e9:91:03:d8:bf:
                    ea:87:b9:82:bc:d7:fb:80:92:f6:f3:7b:ca:7a:c6:
                    0c:db:de:ae:59:1a:00:56:91:81:23:b6:6a:90:ba:
                    a6:15:69:75:c9:fe:6d:52:8d:96:4c:e2:ee:2b:f5:
                    12:ea:d1:75:7a:77:35:01:04:ab:a5:97:8f:d6:92:
                    b0:67:68:c4:72:c5:09:68:5b:67:a3:a1:bb:ec:59:
                    fd:cf:a4:1e:b6:66:74:36:f4:62:62:58:86:15:b7:
                    a3:b1:45:73:5d:ab:4a:fc:91:6a:79:39:55:8a:c1:
                    b9:b5:21:66:8d:7b:77:b3:5f:df:b8:f5:da:72:51:
                    12:9b:52:65:95:d5:ea:0e:8a:01:3a:17:a8:a9:05:
                    49:a9:9b:08:74:f0:d5:f9:5c:f2:1f:40:2c:c2:74:
                    b1:df:70:8c:32:62:0a:98:f6:cc:8a:02:ce:3d:dd:
                    6d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:73:C8:3A:45:92:A4:F3:3A:7F:BC:BB:A4:00:79:42:C5:24:B5:4F
            X509v3 Authority Key Identifier:
                keyid:07:94:B7:00:70:5E:0B:AA:73:6A:5D:D0:90:AC:D1:CB:91:2C:17:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B5S3AHBeC6pzal3QkKzRy5EsFxk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6bac3b-3d0a-41c8-8936-94e02c9f150c/1/TXPIOkWSpPM6f7y7pAB5QsUktU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6bac3b-3d0a-41c8-8936-94e02c9f150c/1/B5S3AHBeC6pzal3QkKzRy5EsFxk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.234.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:6e:bf:17:ff:f5:ed:0f:1c:d2:ff:8c:e6:71:96:12:c6:4a:
         4b:f9:1e:7e:77:2d:38:01:18:b7:b9:25:c9:f8:ff:12:e8:b4:
         8b:84:99:92:6f:62:61:0b:63:52:5b:4e:94:6d:b4:87:0f:60:
         37:4e:0b:ae:4c:88:c2:8e:8f:82:be:45:eb:ee:25:d9:c3:f2:
         6d:33:40:98:ae:48:6b:5a:ee:a7:c0:6c:9c:b8:01:df:d4:3e:
         20:75:96:20:ef:ae:e6:7d:f9:8e:2a:dd:25:2b:ae:6b:1c:d5:
         00:b8:20:c5:6d:91:45:f5:43:51:c1:f0:d7:4f:76:ca:dd:88:
         a5:8a:68:5f:e5:1f:71:02:05:6c:f8:1c:c7:30:f9:2f:86:13:
         d6:8f:1f:88:40:92:58:5d:77:34:b9:3d:8a:9e:bb:6a:20:63:
         e3:4b:1f:d3:55:81:a6:43:ed:07:3b:df:03:6c:6a:a0:68:44:
         75:af:f6:8a:a7:59:18:d3:ba:b5:55:8f:20:dd:d3:b1:20:be:
         0b:9b:7f:9d:bc:cd:b0:a1:34:0f:0b:09:35:13:e6:f5:40:ba:
         e3:64:df:d8:63:d6:47:66:d6:b2:78:93:c0:b0:a6:1e:22:60:
         91:82:8a:e7:34:bd:8f:df:3a:4f:51:bb:85:ce:3a:cc:90:1f:
         d2:c7:c3:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyehoxvSLVGPS6uFcMrTEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3OTRiNzAwNzA1ZTBiYWE3MzZhNWRkMDkwYWNkMWNiOTEy
YzE3MTkwHhcNMjMwMTAyMTIzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDczYzgzYTQ1OTJhNGYzM2E3ZmJjYmJhNDAwNzk0MmM1MjRiNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe5wY73OHNgPMRiYNr5JopjDkZJm
YSkOzs02RGu/IhDYkdoDJgf7oV3K3AUkJ/xwFOwtIphHttTRB7Kuo766DY27VyCF
tewLml3knJ5WeNWyayRm6ZED2L/qh7mCvNf7gJL283vKesYM296uWRoAVpGBI7Zq
kLqmFWl1yf5tUo2WTOLuK/US6tF1enc1AQSrpZeP1pKwZ2jEcsUJaFtno6G77Fn9
z6QetmZ0NvRiYliGFbejsUVzXatK/JFqeTlVisG5tSFmjXt3s1/fuPXaclESm1Jl
ldXqDooBOheoqQVJqZsIdPDV+VzyH0AswnSx33CMMmIKmPbMigLOPd1tMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1zyDpFkqTzOn+8u6QAeULFJLVPMB8GA1UdIwQY
MBaAFAeUtwBwXguqc2pd0JCs0cuRLBcZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjVTM0FIQmVDNnB6YWwzUWtLelJ5NUVzRnhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy82YmFjM2ItM2QwYS00MWM4LTg5MzYt
OTRlMDJjOWYxNTBjLzEvVFhQSU9rV1NwUE02Zjd5N3BBQjVRc1VrdFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy82YmFjM2ItM2QwYS00MWM4LTg5MzYtOTRlMDJjOWYxNTBj
LzEvQjVTM0FIQmVDNnB6YWwzUWtLelJ5NUVzRnhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+q8MA0G
CSqGSIb3DQEBCwUAA4IBAQCbbr8X//XtDxzS/4zmcZYSxkpL+R5+dy04ARi3uSXJ
+P8S6LSLhJmSb2JhC2NSW06UbbSHD2A3TguuTIjCjo+CvkXr7iXZw/JtM0CYrkhr
Wu6nwGycuAHf1D4gdZYg767mffmOKt0lK65rHNUAuCDFbZFF9UNRwfDXT3bK3Yil
imhf5R9xAgVs+BzHMPkvhhPWjx+IQJJYXXc0uT2KnrtqIGPjSx/TVYGmQ+0HO98D
bGqgaER1r/aKp1kY07q1VY8g3dOxIL4Lm3+dvM2woTQPCwk1E+b1QLrjZN/YY9ZH
ZtayeJPAsKYeImCRgornNL2P3zpPUbuFzjrMkB/Sx8No
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:12 2024 by rpki-client on console-ams.rpki-client.org