Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/n60QRLiNV7UbJuUw3Qm9t2P5qRA.roa
File:                     n60QRLiNV7UbJuUw3Qm9t2P5qRA.roa (raw, json)
Hash identifier:          angSbEJr+zsIKE+3xpk6VQZ3ismHO5p6ot9ZRa8jINI=
Subject key identifier:   9F:AD:10:44:B8:8D:57:B5:1B:26:E5:30:DD:09:BD:B7:63:F9:A9:10
Certificate issuer:       /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
Certificate serial:       01856CE608F381B818074682E404CA7BC99A
Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/n60QRLiNV7UbJuUw3Qm9t2P5qRA.roa
Signing time:             Sun 01 Jan 2023 10:34:53 +0000
ROA not before:           Sun 01 Jan 2023 10:34:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8283
IP address blocks:        91.208.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:08:f3:81:b8:18:07:46:82:e4:04:ca:7b:c9:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
        Validity
            Not Before: Jan  1 10:34:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9fad1044b88d57b51b26e530dd09bdb763f9a910
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ba:74:2b:0d:60:f5:9a:6f:2c:c4:34:8e:8a:
                    6e:76:e6:40:01:8f:6a:17:6b:ee:dc:21:ff:70:75:
                    af:4c:f2:df:7c:87:39:2a:90:55:c5:69:61:78:57:
                    78:37:f2:59:85:6b:88:9e:49:39:4a:91:a2:0b:a2:
                    17:74:0e:24:f6:e0:72:6d:8c:2a:f1:c5:a7:4c:94:
                    0b:fb:21:35:85:73:29:02:5b:cb:4f:13:69:b2:79:
                    f2:e6:8e:4f:62:92:3a:5b:c1:46:5b:92:96:29:da:
                    1c:bd:68:c6:af:8c:f5:69:2a:8d:94:c6:c5:fc:24:
                    55:59:a5:58:54:71:0c:6c:24:9c:01:a1:0a:4d:c8:
                    f5:77:ac:7d:f1:e7:4c:00:b6:d1:f0:26:76:31:13:
                    1e:4e:69:e7:e3:a0:ff:a8:cb:0b:b3:54:43:e0:dd:
                    48:9d:97:d0:f7:58:3e:2c:2e:9f:45:8c:50:c4:18:
                    07:e2:41:9f:ce:84:2b:09:df:42:fc:2a:ee:89:fb:
                    31:6c:7d:47:74:c4:26:7f:31:0a:07:5c:37:2d:61:
                    80:a3:d1:32:72:09:94:b6:47:cd:bb:d3:09:85:8f:
                    23:47:b5:a0:79:a4:ee:70:8d:f3:87:7e:b6:b5:c9:
                    45:cf:4e:90:d0:9d:07:1e:44:6b:66:72:ed:b2:8f:
                    97:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:AD:10:44:B8:8D:57:B5:1B:26:E5:30:DD:09:BD:B7:63:F9:A9:10
            X509v3 Authority Key Identifier:
                keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/n60QRLiNV7UbJuUw3Qm9t2P5qRA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:5f:fc:4c:b6:dd:26:8b:65:ee:33:ac:67:34:33:5a:bb:41:
         93:a2:ba:bd:d0:b4:7f:83:e4:a9:0a:ec:7a:6c:a2:a0:bd:87:
         06:d3:10:0a:ac:9a:cf:f0:d4:d3:05:91:ec:83:07:11:c7:77:
         58:7f:7e:7d:ac:55:4f:12:41:b9:a1:fd:42:cc:38:42:74:0c:
         8e:66:00:b7:ab:27:95:ad:00:1f:c0:5e:fc:ab:44:1d:b8:b6:
         06:b6:6f:39:1d:8d:2a:2a:b8:06:2e:10:27:8f:3e:ca:58:0b:
         3a:e1:ff:30:48:87:22:f5:9d:96:86:87:95:ea:a9:57:e6:71:
         9a:31:1e:a2:56:22:f6:25:8f:25:4d:60:dc:32:9a:6b:2a:57:
         90:9f:33:9c:da:a7:d6:c5:ce:55:0c:e5:37:b3:87:7f:a2:c6:
         06:ae:56:ff:9d:2a:20:d8:ab:ac:0d:90:38:39:14:e2:31:73:
         de:27:9c:dc:ee:8a:a0:6e:e3:c0:11:39:56:bf:70:87:bd:37:
         f9:eb:f4:db:ce:80:7d:36:d6:1f:bc:90:3c:9f:8c:15:b9:a8:
         c9:6c:26:84:59:0a:c4:b4:65:a5:ac:8b:06:9d:01:c1:be:64:
         51:b1:56:df:59:3f:0a:21:67:c9:f0:80:26:cd:44:1c:1f:d2:
         98:61:62:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5gjzgbgYB0aC5ATKe8maMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl
YTU3YmIwHhcNMjMwMTAxMTAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmFkMTA0NGI4OGQ1N2I1MWIyNmU1MzBkZDA5YmRiNzYzZjlhOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbp0Kw1g9ZpvLMQ0jopuduZAAY9q
F2vu3CH/cHWvTPLffIc5KpBVxWlheFd4N/JZhWuInkk5SpGiC6IXdA4k9uBybYwq
8cWnTJQL+yE1hXMpAlvLTxNpsnny5o5PYpI6W8FGW5KWKdocvWjGr4z1aSqNlMbF
/CRVWaVYVHEMbCScAaEKTcj1d6x98edMALbR8CZ2MRMeTmnn46D/qMsLs1RD4N1I
nZfQ91g+LC6fRYxQxBgH4kGfzoQrCd9C/CruifsxbH1HdMQmfzEKB1w3LWGAo9Ey
cgmUtkfNu9MJhY8jR7WgeaTucI3zh362tclFz06Q0J0HHkRrZnLtso+XiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+tEES4jVe1GyblMN0Jvbdj+akQMB8GA1UdIwQY
MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt
MzFhM2VjZjFiZGI2LzEvbjYwUVJMaU5WN1ViSnVVdzNRbTl0MlA1cVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2
LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AiMA0G
CSqGSIb3DQEBCwUAA4IBAQCIX/xMtt0mi2XuM6xnNDNau0GTorq90LR/g+SpCux6
bKKgvYcG0xAKrJrP8NTTBZHsgwcRx3dYf359rFVPEkG5of1CzDhCdAyOZgC3qyeV
rQAfwF78q0QduLYGtm85HY0qKrgGLhAnjz7KWAs64f8wSIci9Z2WhoeV6qlX5nGa
MR6iViL2JY8lTWDcMpprKleQnzOc2qfWxc5VDOU3s4d/osYGrlb/nSog2KusDZA4
ORTiMXPeJ5zc7oqgbuPAETlWv3CHvTf56/TbzoB9NtYfvJA8n4wVuajJbCaEWQrE
tGWlrIsGnQHBvmRRsVbfWT8KIWfJ8IAmzUQcH9KYYWKj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:01 2024 by rpki-client on console-ams.rpki-client.org