Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/n1b-q9W8wABmRXJI_tgsOnqHmlY.roa
File:                     n1b-q9W8wABmRXJI_tgsOnqHmlY.roa (raw, json)
Hash identifier:          9/w8wl0ScLYDggdvOur5v4NLiYRp/D+Bvu8lMrOzeg0=
Subject key identifier:   9F:56:FE:AB:D5:BC:C0:00:66:45:72:48:FE:D8:2C:3A:7A:87:9A:56
Certificate issuer:       /CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
Certificate serial:       01856DA655C0DFD2DEB3F8BAC9D55771FAA1
Authority key identifier: 26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/n1b-q9W8wABmRXJI_tgsOnqHmlY.roa
Signing time:             Sun 01 Jan 2023 14:04:55 +0000
ROA not before:           Sun 01 Jan 2023 14:04:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41893
IP address blocks:        91.143.240.0/24 maxlen: 24
                          91.143.243.0/24 maxlen: 24
                          91.143.242.0/24 maxlen: 24
                          91.143.241.0/24 maxlen: 24
                          91.143.245.0/24 maxlen: 24
                          91.143.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:55:c0:df:d2:de:b3:f8:ba:c9:d5:57:71:fa:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
        Validity
            Not Before: Jan  1 14:04:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f56feabd5bcc00066457248fed82c3a7a879a56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:cc:56:f2:d2:52:1d:6c:b4:35:f1:66:77:58:
                    5c:e8:53:0f:b9:13:2c:07:0e:f2:91:55:aa:ec:9a:
                    29:6f:e7:1d:cb:b1:5c:6c:0f:84:e2:79:e4:2e:6d:
                    b9:14:62:d7:74:c9:7f:cb:67:7b:f8:b3:39:8e:f3:
                    23:3d:05:2f:73:0c:ce:71:7b:26:54:56:87:bd:f3:
                    fb:f7:c0:6c:be:8a:64:49:27:fa:48:94:e9:58:2d:
                    3c:63:a9:db:dd:48:20:06:ae:93:72:7a:f8:60:3f:
                    38:93:f5:66:0a:3f:97:5d:a9:48:c4:b0:4c:95:aa:
                    79:13:d1:52:6b:1a:ca:ff:58:56:ff:b3:46:9c:01:
                    1d:ee:1f:b0:d4:4e:1b:4d:b8:32:41:82:69:fc:ca:
                    9f:99:41:36:b5:e1:4b:64:87:ef:ff:d2:7d:49:5d:
                    48:71:27:9f:d1:52:07:9c:ac:b0:57:9f:04:f8:8a:
                    a6:11:3d:59:b2:c3:89:e6:22:78:6b:28:55:8b:7a:
                    3a:8f:4f:26:7d:b3:0d:6e:82:6f:73:22:1c:21:0b:
                    ae:7a:8e:ce:2b:cc:55:31:18:60:19:19:e6:44:e6:
                    bd:19:73:f3:af:a3:ae:1f:89:15:d8:40:52:d3:a7:
                    f9:53:f8:50:a1:55:94:4a:b7:83:b3:c4:4d:a1:48:
                    e9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:56:FE:AB:D5:BC:C0:00:66:45:72:48:FE:D8:2C:3A:7A:87:9A:56
            X509v3 Authority Key Identifier:
                keyid:26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/n1b-q9W8wABmRXJI_tgsOnqHmlY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.143.240.0-91.143.245.255

    Signature Algorithm: sha256WithRSAEncryption
         37:03:15:8b:8f:86:fa:92:fe:e8:ed:60:e7:1b:3d:41:e2:ee:
         60:d8:e4:fa:1a:73:f3:91:e5:dc:53:bc:50:e4:8e:12:bd:6a:
         b5:c4:ad:3a:fa:d4:57:fa:b8:73:c3:33:77:39:ab:7b:d5:e7:
         d7:0c:e5:bd:2b:cb:01:49:90:2d:b9:58:08:68:78:c7:83:5a:
         e2:4d:bb:da:98:e7:9b:48:63:c4:d0:8d:01:1f:48:61:41:d2:
         dd:5b:7c:c0:86:10:fd:2a:40:82:b4:a8:0c:fd:47:15:f7:03:
         bd:a1:e1:a9:03:b1:19:7a:42:d4:10:34:85:f3:0e:6c:0a:33:
         da:bf:76:ac:09:12:15:78:b2:0b:98:37:18:69:34:ac:89:b1:
         98:3a:5e:82:0a:94:45:57:54:78:80:a2:6e:24:6a:9b:68:ff:
         29:ff:7d:57:51:03:0a:1b:96:20:c8:a9:6b:2a:6e:b7:40:d3:
         71:5a:75:0e:bc:88:45:70:7b:29:c1:02:ff:63:c0:dd:ab:58:
         54:df:cf:44:f2:cf:96:cb:bd:de:61:45:cf:e5:df:0a:11:1d:
         ef:90:b8:c0:80:18:18:2b:5a:ee:04:59:9a:1e:5e:37:bf:15:
         eb:10:79:0e:b3:9b:35:a8:b5:c7:19:39:b3:31:c3:4a:45:58:
         bd:c3:2b:63
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtplXA39Les/i6ydVXcfqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2N2NmMWYzNGUyZjAxMGI5MDJkYzE0MjQ1NWI2YmI3MzI2
Y2YwOGQwHhcNMjMwMTAxMTQwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU2ZmVhYmQ1YmNjMDAwNjY0NTcyNDhmZWQ4MmMzYTdhODc5YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsxW8tJSHWy0NfFmd1hc6FMPuRMs
Bw7ykVWq7Jopb+cdy7FcbA+E4nnkLm25FGLXdMl/y2d7+LM5jvMjPQUvcwzOcXsm
VFaHvfP798BsvopkSSf6SJTpWC08Y6nb3UggBq6Tcnr4YD84k/VmCj+XXalIxLBM
lap5E9FSaxrK/1hW/7NGnAEd7h+w1E4bTbgyQYJp/MqfmUE2teFLZIfv/9J9SV1I
cSef0VIHnKywV58E+IqmET1ZssOJ5iJ4ayhVi3o6j08mfbMNboJvcyIcIQuueo7O
K8xVMRhgGRnmROa9GXPzr6OuH4kV2EBS06f5U/hQoVWUSreDs8RNoUjpRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ9W/qvVvMAAZkVySP7YLDp6h5pWMB8GA1UdIwQY
MBaAFCZ88fNOLwELkC3BQkVba7cybPCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgt
MDExYjQ1MWI0NWI0LzEvbjFiLXE5Vzh3QUJtUlhKSV90Z3NPbnFIbWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgtMDExYjQ1MWI0NWI0
LzEvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARbj/AD
BAFbj/QwDQYJKoZIhvcNAQELBQADggEBADcDFYuPhvqS/ujtYOcbPUHi7mDY5Poa
c/OR5dxTvFDkjhK9arXErTr61Ff6uHPDM3c5q3vV59cM5b0rywFJkC25WAhoeMeD
WuJNu9qY55tIY8TQjQEfSGFB0t1bfMCGEP0qQIK0qAz9RxX3A72h4akDsRl6QtQQ
NIXzDmwKM9q/dqwJEhV4sguYNxhpNKyJsZg6XoIKlEVXVHiAom4kapto/yn/fVdR
AwobliDIqWsqbrdA03FadQ68iEVweynBAv9jwN2rWFTfz0Tyz5bLvd5hRc/l3woR
He+QuMCAGBgrWu4EWZoeXje/FesQeQ6zmzWotccZObMxw0pFWL3DK2M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:50 2024 by rpki-client on console-fra.rpki-client.org