Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/F4fniiTpOlPTdJuyP54JouxE9UM.roa
File:                     F4fniiTpOlPTdJuyP54JouxE9UM.roa (raw, json)
Hash identifier:          a8UVDxe1fhEbiHn5nioUHMaq4sgAlwVGO2DPXWASaG4=
Subject key identifier:   17:87:E7:8A:24:E9:3A:53:D3:74:9B:B2:3F:9E:09:A2:EC:44:F5:43
Certificate issuer:       /CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Certificate serial:       018CA8662FDF3189B15F155C792055C1437C
Authority key identifier: 92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/F4fniiTpOlPTdJuyP54JouxE9UM.roa
Signing time:             Tue 26 Dec 2023 23:11:58 +0000
ROA not before:           Tue 26 Dec 2023 23:11:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211671
IP address blocks:        91.220.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:a8:66:2f:df:31:89:b1:5f:15:5c:79:20:55:c1:43:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
        Validity
            Not Before: Dec 26 23:11:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1787e78a24e93a53d3749bb23f9e09a2ec44f543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e8:cb:0c:5f:8f:42:c2:e7:47:5d:e4:6a:73:
                    73:c2:15:2e:4f:7b:89:ee:bc:cb:70:db:88:b6:3d:
                    40:ce:51:d0:05:91:62:86:a9:6d:40:88:32:9f:a3:
                    a4:5d:32:f3:b9:bd:b4:be:10:91:04:85:60:3d:8a:
                    74:50:1d:e2:b2:a0:d3:d2:ec:23:df:30:e8:29:f6:
                    8d:72:27:a8:23:34:c6:d5:78:d2:fe:84:89:02:c7:
                    78:39:bd:93:75:ee:b6:5c:3d:b5:7d:37:72:8f:72:
                    40:63:d2:8c:49:c6:cf:8d:79:9c:71:89:ad:7c:f7:
                    b3:37:7a:99:95:53:7f:6b:51:3e:c5:da:87:30:08:
                    67:c2:72:50:a1:65:1e:26:d2:aa:0d:11:08:5e:56:
                    50:47:e1:f6:ae:e6:b5:47:ba:cf:1e:54:e0:9a:ab:
                    4b:ce:d6:72:81:dc:f4:64:b8:72:fe:bc:1a:e3:22:
                    c3:5c:3d:70:e3:6f:59:16:5c:15:2a:43:af:cb:2e:
                    91:3e:f8:eb:fd:c2:aa:5b:db:2d:6c:e3:1c:3e:e1:
                    43:7a:c0:70:47:36:14:83:2d:17:34:7c:5c:4d:2f:
                    56:3f:4f:b7:8a:1c:13:cb:2f:90:de:6a:39:2c:0e:
                    aa:8f:8b:93:dd:74:9c:ae:91:0f:a6:0c:e1:9e:28:
                    51:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:87:E7:8A:24:E9:3A:53:D3:74:9B:B2:3F:9E:09:A2:EC:44:F5:43
            X509v3 Authority Key Identifier:
                keyid:92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/F4fniiTpOlPTdJuyP54JouxE9UM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:ee:15:11:99:3a:5a:3c:3c:24:33:c2:40:18:60:2e:20:c5:
         d2:7b:88:7c:0f:83:be:32:0d:dc:1d:1f:a9:0e:26:08:a0:0f:
         36:34:f2:97:44:9a:5f:f6:2d:6e:72:dd:64:cb:67:4e:59:a2:
         7f:58:c0:07:af:d3:e4:48:49:52:0b:8b:8e:8f:ef:3d:64:cf:
         fc:72:1f:ab:f3:ce:37:2e:e1:59:6d:b5:64:b8:5b:95:1b:28:
         ff:d2:38:18:88:64:db:5b:f2:e7:05:bd:d1:73:d4:27:ad:c3:
         08:af:6f:83:bb:3a:23:19:ec:33:e1:ea:ac:be:fa:eb:76:64:
         ae:a9:f6:7d:3c:93:ca:f2:b7:67:fc:b0:fe:db:ba:b1:5a:3a:
         3e:8f:6f:61:7a:10:45:74:4f:c4:ca:ac:41:3f:02:00:ee:45:
         dd:5e:b1:a2:39:8d:6a:aa:49:7b:b6:1d:98:90:c1:98:0d:0c:
         35:b3:76:f2:bf:0d:cd:1e:5d:55:fc:62:68:d4:36:f4:3d:16:
         58:de:07:25:16:f4:57:31:a3:f0:d2:bb:06:df:e2:7b:a0:f8:
         8e:35:c2:c1:16:b6:71:d5:35:25:d4:fb:a8:be:23:e4:71:4d:
         9f:4f:7e:8e:97:78:bf:79:c2:49:98:d9:39:42:af:13:4d:6d:
         38:48:88:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyoZi/fMYmxXxVceSBVwUN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZmI4ZmExMGRmZjM0NzNlNjUzZGJmNjFjOWE4NjQzMjE4
MGE1YzcwHhcNMjMxMjI2MjMxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzg3ZTc4YTI0ZTkzYTUzZDM3NDliYjIzZjllMDlhMmVjNDRmNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqujLDF+PQsLnR13kanNzwhUuT3uJ
7rzLcNuItj1AzlHQBZFihqltQIgyn6OkXTLzub20vhCRBIVgPYp0UB3isqDT0uwj
3zDoKfaNcieoIzTG1XjS/oSJAsd4Ob2Tde62XD21fTdyj3JAY9KMScbPjXmccYmt
fPezN3qZlVN/a1E+xdqHMAhnwnJQoWUeJtKqDREIXlZQR+H2rua1R7rPHlTgmqtL
ztZygdz0ZLhy/rwa4yLDXD1w429ZFlwVKkOvyy6RPvjr/cKqW9stbOMcPuFDesBw
RzYUgy0XNHxcTS9WP0+3ihwTyy+Q3mo5LA6qj4uT3XScrpEPpgzhnihRPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBeH54ok6TpT03Sbsj+eCaLsRPVDMB8GA1UdIwQY
MBaAFJL7j6EN/zRz5lPb9hyahkMhgKXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDct
MjkzZjYxMjJhMTlkLzEvRjRmbmlpVHBPbFBUZEp1eVA1NEpvdXhFOVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDctMjkzZjYxMjJhMTlk
LzEva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wKMA0G
CSqGSIb3DQEBCwUAA4IBAQAI7hURmTpaPDwkM8JAGGAuIMXSe4h8D4O+Mg3cHR+p
DiYIoA82NPKXRJpf9i1uct1ky2dOWaJ/WMAHr9PkSElSC4uOj+89ZM/8ch+r8843
LuFZbbVkuFuVGyj/0jgYiGTbW/LnBb3Rc9QnrcMIr2+DuzojGewz4eqsvvrrdmSu
qfZ9PJPK8rdn/LD+27qxWjo+j29hehBFdE/EyqxBPwIA7kXdXrGiOY1qqkl7th2Y
kMGYDQw1s3byvw3NHl1V/GJo1Db0PRZY3gclFvRXMaPw0rsG3+J7oPiONcLBFrZx
1TUl1PuoviPkcU2fT36Ol3i/ecJJmNk5Qq8TTW04SIgw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:14 2024 by rpki-client on console-fra.rpki-client.org