Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/NEwUMleGsuc-scmh19A2qiZn8nI.roa
File:                     NEwUMleGsuc-scmh19A2qiZn8nI.roa (raw, json)
Hash identifier:          xqj2TIfIGNqAyHZJ80DPBVGMoiZgKvgiTbnMZQZLPX8=
Subject key identifier:   34:4C:14:32:57:86:B2:E7:3E:B1:C9:A1:D7:D0:36:AA:26:67:F2:72
Certificate issuer:       /CN=ba838f1ca8bdcd81c04b6b678e79be614e51b111
Certificate serial:       01856B6E964B4AC5C0CF2BB07307722D97C3
Authority key identifier: BA:83:8F:1C:A8:BD:CD:81:C0:4B:6B:67:8E:79:BE:61:4E:51:B1:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/NEwUMleGsuc-scmh19A2qiZn8nI.roa
Signing time:             Sun 01 Jan 2023 03:44:47 +0000
ROA not before:           Sun 01 Jan 2023 03:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3303
IP address blocks:        91.230.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:6e:96:4b:4a:c5:c0:cf:2b:b0:73:07:72:2d:97:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba838f1ca8bdcd81c04b6b678e79be614e51b111
        Validity
            Not Before: Jan  1 03:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=344c14325786b2e73eb1c9a1d7d036aa2667f272
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:68:8b:51:23:22:d6:e6:a6:70:bd:e3:a9:7e:
                    d8:0e:ba:15:ca:f0:6e:c6:89:e4:26:0b:0c:64:24:
                    fa:91:ed:1b:82:53:a8:7a:cd:15:0b:64:0c:ed:80:
                    9b:b1:7b:45:c8:86:97:9d:31:5a:b3:fe:83:02:a7:
                    de:5a:31:8f:e0:a0:f7:70:a9:3b:0a:97:3d:56:a1:
                    08:d3:da:ec:93:42:ad:7d:b3:41:8e:52:02:c9:72:
                    cf:b2:71:62:2d:f0:f4:85:fa:1a:90:c1:90:96:41:
                    ec:f9:45:25:06:89:8d:75:42:21:8f:20:1c:6e:46:
                    7e:6b:d4:cd:c4:0a:44:97:74:27:62:e2:1c:bf:ca:
                    d0:3b:49:54:53:6e:4b:d0:d8:e4:22:97:75:c6:03:
                    56:df:2f:38:bc:d7:25:67:93:44:7c:9f:d0:08:dd:
                    b4:ae:dd:99:a7:a3:65:7e:7f:8c:ad:06:71:30:18:
                    2f:12:17:98:fa:25:a2:09:12:cf:0f:38:f9:3d:95:
                    a2:47:86:50:33:79:45:0a:f1:3d:d6:11:98:7b:df:
                    2a:94:fd:bf:6d:41:53:89:a3:62:f5:2d:e9:e2:6f:
                    bd:3d:b8:10:d7:ef:4d:28:56:55:d7:1c:cd:73:b9:
                    e1:80:e9:95:17:ca:a4:6a:ba:c8:ac:07:b3:11:63:
                    5c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:4C:14:32:57:86:B2:E7:3E:B1:C9:A1:D7:D0:36:AA:26:67:F2:72
            X509v3 Authority Key Identifier:
                keyid:BA:83:8F:1C:A8:BD:CD:81:C0:4B:6B:67:8E:79:BE:61:4E:51:B1:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/NEwUMleGsuc-scmh19A2qiZn8nI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/uoOPHKi9zYHAS2tnjnm-YU5RsRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.230.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:81:77:73:cc:77:14:4f:4f:e9:76:c7:79:89:94:e5:af:e1:
         79:77:ce:bb:be:2b:f3:85:71:bc:fb:75:17:89:3e:a8:9f:7e:
         5f:73:c7:69:11:ee:9a:e4:e5:4c:39:ee:68:8e:c6:f7:5d:c8:
         c1:0d:4d:fc:e4:2b:48:ca:ab:52:6c:a7:40:00:92:66:db:6a:
         0c:c8:2d:1b:66:e0:f9:49:1c:ed:19:61:8c:96:54:46:bf:f3:
         3b:eb:f0:fe:a0:52:b5:c3:c4:f3:a0:0a:05:62:c1:cf:85:13:
         84:93:96:88:58:5f:83:46:35:f4:18:42:18:d6:c0:75:d7:7f:
         93:08:1b:c1:0a:1b:f6:ef:f7:f8:15:df:3a:b9:4c:18:a4:f8:
         b9:19:e2:b6:ad:6e:25:93:ea:49:9c:0e:f4:0a:35:c8:59:c4:
         47:20:c2:10:69:32:7c:95:10:72:99:a3:76:53:d4:8f:eb:c0:
         c9:05:8f:47:4b:7f:3b:ec:5b:16:1a:d8:a7:c0:2e:ea:9d:ea:
         7b:e9:3e:f9:b9:68:6f:50:02:22:e6:31:8c:c4:d2:98:f2:91:
         6d:c1:3a:ca:d1:14:c2:70:e0:7e:d6:df:17:23:41:26:70:99:
         98:0f:cf:87:bd:31:a7:67:4f:02:c8:88:74:67:a9:ac:34:6c:
         92:db:7a:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrbpZLSsXAzyuwcwdyLZfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhODM4ZjFjYThiZGNkODFjMDRiNmI2NzhlNzliZTYxNGU1
MWIxMTEwHhcNMjMwMTAxMDM0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDRjMTQzMjU3ODZiMmU3M2ViMWM5YTFkN2QwMzZhYTI2NjdmMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGiLUSMi1uamcL3jqX7YDroVyvBu
xonkJgsMZCT6ke0bglOoes0VC2QM7YCbsXtFyIaXnTFas/6DAqfeWjGP4KD3cKk7
Cpc9VqEI09rsk0KtfbNBjlICyXLPsnFiLfD0hfoakMGQlkHs+UUlBomNdUIhjyAc
bkZ+a9TNxApEl3QnYuIcv8rQO0lUU25L0NjkIpd1xgNW3y84vNclZ5NEfJ/QCN20
rt2Zp6Nlfn+MrQZxMBgvEheY+iWiCRLPDzj5PZWiR4ZQM3lFCvE91hGYe98qlP2/
bUFTiaNi9S3p4m+9PbgQ1+9NKFZV1xzNc7nhgOmVF8qkarrIrAezEWNcMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRMFDJXhrLnPrHJodfQNqomZ/JyMB8GA1UdIwQY
MBaAFLqDjxyovc2BwEtrZ455vmFOUbERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW9PUEhLaTl6WUhBUzJ0bmpubS1ZVTVSc1JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kYjRlODgtZTU4ZC00MzQ1LTgwYzct
MDkzZWI5YTlhYThiLzEvTkV3VU1sZUdzdWMtc2NtaDE5QTJxaVpuOG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kYjRlODgtZTU4ZC00MzQ1LTgwYzctMDkzZWI5YTlhYThi
LzEvdW9PUEhLaTl6WUhBUzJ0bmpubS1ZVTVSc1JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+b5MA0G
CSqGSIb3DQEBCwUAA4IBAQBBgXdzzHcUT0/pdsd5iZTlr+F5d867vivzhXG8+3UX
iT6on35fc8dpEe6a5OVMOe5ojsb3XcjBDU385CtIyqtSbKdAAJJm22oMyC0bZuD5
SRztGWGMllRGv/M76/D+oFK1w8TzoAoFYsHPhROEk5aIWF+DRjX0GEIY1sB113+T
CBvBChv27/f4Fd86uUwYpPi5GeK2rW4lk+pJnA70CjXIWcRHIMIQaTJ8lRBymaN2
U9SP68DJBY9HS3877FsWGtinwC7qnep76T75uWhvUAIi5jGMxNKY8pFtwTrK0RTC
cOB+1t8XI0EmcJmYD8+HvTGnZ08CyIh0Z6msNGyS23oq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:42 2024 by rpki-client on console-fra.rpki-client.org