Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/0db42a-c787-4f21-b4f6-a17c50f0985d/1/1nHKNXSfGuA8aXyV9meaeov1CrE.roa
File:                     1nHKNXSfGuA8aXyV9meaeov1CrE.roa (raw, json)
Hash identifier:          /y2hC2peRd86YAME+gGZsqBg+dH6twgaj+wDZG71XxM=
Subject key identifier:   D6:71:CA:35:74:9F:1A:E0:3C:69:7C:95:F6:67:9A:7A:8B:F5:0A:B1
Certificate issuer:       /CN=b04d175653fbbde8d989d27e3827bc011e020a01
Certificate serial:       018B3E2EB741A881E2821E2BD6936730B1F8
Authority key identifier: B0:4D:17:56:53:FB:BD:E8:D9:89:D2:7E:38:27:BC:01:1E:02:0A:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sE0XVlP7vejZidJ-OCe8AR4CCgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/0db42a-c787-4f21-b4f6-a17c50f0985d/1/1nHKNXSfGuA8aXyV9meaeov1CrE.roa
Signing time:             Tue 17 Oct 2023 15:08:50 +0000
ROA not before:           Tue 17 Oct 2023 15:08:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211007
IP address blocks:        91.208.192.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:3e:2e:b7:41:a8:81:e2:82:1e:2b:d6:93:67:30:b1:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b04d175653fbbde8d989d27e3827bc011e020a01
        Validity
            Not Before: Oct 17 15:08:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d671ca35749f1ae03c697c95f6679a7a8bf50ab1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3c:6c:ca:15:af:70:56:77:dc:34:12:20:32:
                    21:f6:f5:5d:48:81:30:98:85:a6:82:d2:5d:5f:c8:
                    69:8f:51:13:47:bc:75:bf:06:37:3c:7a:58:a9:ac:
                    96:9a:24:10:76:c8:2a:fa:8c:5e:d0:88:35:48:8a:
                    eb:b2:65:f1:e7:e8:0f:f2:15:a2:d5:49:68:19:68:
                    94:21:01:6d:6a:6e:70:d0:ff:2c:dc:c0:71:b0:f2:
                    a6:7a:b1:77:1f:78:d0:4b:d0:7c:57:55:3e:2c:59:
                    9a:45:e9:c3:4e:b3:ed:ea:d5:24:ed:dd:f7:b7:38:
                    f5:5d:c3:4c:d0:ee:ce:37:cb:9d:f5:94:0a:6a:83:
                    b6:37:66:33:b6:5d:15:ca:73:26:b2:f8:3f:ae:67:
                    85:5b:74:61:08:02:7f:3e:46:1c:10:5c:1d:c0:a3:
                    2c:7d:02:44:4e:90:0a:88:b4:cf:ff:a2:cc:2d:80:
                    30:dc:71:c1:17:e4:28:8d:e1:e9:a3:cc:3a:3c:ae:
                    96:d3:19:9a:87:ff:9a:eb:4a:24:79:97:5f:ab:78:
                    52:89:ed:0a:fd:45:76:6a:78:3c:15:e0:4f:e0:35:
                    c8:c8:c4:22:6c:f8:9e:85:48:55:dc:53:bd:6e:a0:
                    1c:c5:14:e6:11:96:88:07:d0:d0:c8:41:7d:18:a5:
                    a6:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:71:CA:35:74:9F:1A:E0:3C:69:7C:95:F6:67:9A:7A:8B:F5:0A:B1
            X509v3 Authority Key Identifier:
                keyid:B0:4D:17:56:53:FB:BD:E8:D9:89:D2:7E:38:27:BC:01:1E:02:0A:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sE0XVlP7vejZidJ-OCe8AR4CCgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/0db42a-c787-4f21-b4f6-a17c50f0985d/1/1nHKNXSfGuA8aXyV9meaeov1CrE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/0db42a-c787-4f21-b4f6-a17c50f0985d/1/sE0XVlP7vejZidJ-OCe8AR4CCgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:6a:e7:ef:8f:c6:15:6e:c5:8c:84:67:4c:20:3e:36:3a:de:
         71:94:ad:3d:41:87:f0:3a:3c:65:4e:10:6f:f5:b7:0a:ff:49:
         27:c0:7f:3e:d5:b3:ef:27:de:ba:79:cc:89:4d:1a:d4:50:22:
         ab:d2:51:6b:79:3f:ea:2b:ff:0d:72:a9:1e:10:48:8e:89:f7:
         57:26:ba:76:00:2e:68:5f:1f:be:f2:6f:d8:9d:9e:b2:04:90:
         cc:61:79:51:96:9c:25:2e:00:13:7e:a0:0e:00:55:21:c9:8b:
         cb:63:f4:e0:2f:24:05:fe:c4:53:8c:5b:f8:ff:1c:03:49:14:
         d3:4e:1e:7c:79:5d:7a:26:68:fc:49:87:fe:7a:6d:60:43:e3:
         7b:6e:75:3e:01:ca:33:d8:24:c7:c0:b1:29:55:49:58:c2:b7:
         f0:d7:bc:61:43:75:39:bf:34:f6:4b:3e:47:d5:f1:b5:1f:bb:
         e6:5e:3c:89:f4:29:ed:f9:bb:65:40:b6:24:80:a9:45:e8:b9:
         1c:ff:7b:9b:5c:51:e6:d4:a1:2e:c6:99:3d:6a:e0:7a:1c:27:
         60:22:c7:51:24:01:2b:86:5a:db:2e:e0:e2:4f:a0:14:d2:8d:
         56:d6:40:dc:67:c0:45:1a:36:39:f7:93:a2:cb:6c:db:17:b6:
         a7:aa:5b:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs+LrdBqIHigh4r1pNnMLH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNGQxNzU2NTNmYmJkZThkOTg5ZDI3ZTM4MjdiYzAxMWUw
MjBhMDEwHhcNMjMxMDE3MTUwODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjcxY2EzNTc0OWYxYWUwM2M2OTdjOTVmNjY3OWE3YThiZjUwYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzxsyhWvcFZ33DQSIDIh9vVdSIEw
mIWmgtJdX8hpj1ETR7x1vwY3PHpYqayWmiQQdsgq+oxe0Ig1SIrrsmXx5+gP8hWi
1UloGWiUIQFtam5w0P8s3MBxsPKmerF3H3jQS9B8V1U+LFmaRenDTrPt6tUk7d33
tzj1XcNM0O7ON8ud9ZQKaoO2N2Yztl0VynMmsvg/rmeFW3RhCAJ/PkYcEFwdwKMs
fQJETpAKiLTP/6LMLYAw3HHBF+QojeHpo8w6PK6W0xmah/+a60okeZdfq3hSie0K
/UV2ang8FeBP4DXIyMQibPiehUhV3FO9bqAcxRTmEZaIB9DQyEF9GKWmeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZxyjV0nxrgPGl8lfZnmnqL9QqxMB8GA1UdIwQY
MBaAFLBNF1ZT+73o2YnSfjgnvAEeAgoBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0UwWFZsUDd2ZWpaaWRKLU9DZThBUjRDQ2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wZGI0MmEtYzc4Ny00ZjIxLWI0ZjYt
YTE3YzUwZjA5ODVkLzEvMW5IS05YU2ZHdUE4YVh5VjltZWFlb3YxQ3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wZGI0MmEtYzc4Ny00ZjIxLWI0ZjYtYTE3YzUwZjA5ODVk
LzEvc0UwWFZsUDd2ZWpaaWRKLU9DZThBUjRDQ2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DAMA0G
CSqGSIb3DQEBCwUAA4IBAQAHaufvj8YVbsWMhGdMID42Ot5xlK09QYfwOjxlThBv
9bcK/0knwH8+1bPvJ966ecyJTRrUUCKr0lFreT/qK/8NcqkeEEiOifdXJrp2AC5o
Xx++8m/YnZ6yBJDMYXlRlpwlLgATfqAOAFUhyYvLY/TgLyQF/sRTjFv4/xwDSRTT
Th58eV16Jmj8SYf+em1gQ+N7bnU+Acoz2CTHwLEpVUlYwrfw17xhQ3U5vzT2Sz5H
1fG1H7vmXjyJ9Cnt+btlQLYkgKlF6Lkc/3ubXFHm1KEuxpk9auB6HCdgIsdRJAEr
hlrbLuDiT6AU0o1W1kDcZ8BFGjY595Oiy2zbF7anqlvq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:06 2024 by rpki-client on console-ams.rpki-client.org