Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/IxELN8jHfnY7_eiTW5UslFy_la0.roa
File:                     IxELN8jHfnY7_eiTW5UslFy_la0.roa (raw, json)
Hash identifier:          Qh86ypADCFlBbPVeQddLUBZgEuil75oDZ6j+LOdZDY4=
Subject key identifier:   23:11:0B:37:C8:C7:7E:76:3B:FD:E8:93:5B:95:2C:94:5C:BF:95:AD
Certificate issuer:       /CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Certificate serial:       01856C65B4DBDA9E682E365634C961FD8541
Authority key identifier: B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/IxELN8jHfnY7_eiTW5UslFy_la0.roa
Signing time:             Sun 01 Jan 2023 08:14:42 +0000
ROA not before:           Sun 01 Jan 2023 08:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62232
IP address blocks:        91.250.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:65:b4:db:da:9e:68:2e:36:56:34:c9:61:fd:85:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
        Validity
            Not Before: Jan  1 08:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23110b37c8c77e763bfde8935b952c945cbf95ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1d:5f:30:fd:65:c3:37:54:9f:09:48:41:92:
                    bf:fd:88:cd:39:a5:65:27:68:ee:97:8c:92:e0:49:
                    57:69:c3:ae:a9:0c:54:67:25:2b:47:18:99:f1:e5:
                    3f:0b:43:c2:32:70:34:76:ad:d3:f4:89:7c:91:d1:
                    17:ae:23:4a:0e:bd:ea:8e:0b:fb:55:31:15:58:32:
                    c8:c8:33:c5:71:9d:7c:a7:98:0a:d1:1a:6e:db:a5:
                    73:9a:1e:00:8d:a6:4d:77:10:ea:cb:27:80:55:e0:
                    b6:68:17:a3:c7:66:6d:1c:3e:fc:7f:92:80:eb:bb:
                    47:4d:40:44:3a:4e:60:95:f0:fd:47:17:d8:9f:38:
                    e7:e6:46:7f:01:88:fc:40:9b:7e:b2:4f:a2:c4:09:
                    f4:17:4a:a2:d6:47:09:cd:6b:34:e3:f9:74:85:34:
                    e6:55:3b:bc:58:be:96:58:15:0c:d5:d9:64:97:0a:
                    32:7d:47:74:8c:ff:14:fb:79:40:9d:92:f7:3c:e3:
                    cf:c7:51:24:0c:64:70:ee:93:02:87:dc:76:74:45:
                    a2:72:45:66:c2:69:26:19:a3:dc:bd:08:96:d1:a2:
                    d5:e9:49:03:e1:42:08:af:f8:99:f5:27:d7:86:98:
                    e1:80:51:42:11:b1:25:40:60:b5:ad:ed:39:d0:2c:
                    71:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:11:0B:37:C8:C7:7E:76:3B:FD:E8:93:5B:95:2C:94:5C:BF:95:AD
            X509v3 Authority Key Identifier:
                keyid:B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/IxELN8jHfnY7_eiTW5UslFy_la0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.250.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:29:7c:42:1d:85:30:79:b8:7f:b9:94:e1:ea:98:b6:44:31:
         4d:ab:f4:8f:a9:c0:36:a2:1c:3c:ac:5b:e5:9f:10:ef:13:70:
         da:dc:c5:e4:90:87:6f:64:9f:ef:67:a7:28:b9:dd:d0:1c:c2:
         ac:0b:f6:70:81:ab:93:6d:db:e9:e5:0b:be:8e:58:3c:86:20:
         67:07:9d:00:d9:13:19:31:62:d9:91:ad:c4:cc:57:27:21:22:
         fc:d6:52:f8:a9:a8:61:0c:ea:32:30:64:fe:7a:54:1a:af:e4:
         9a:9c:25:ff:39:c6:0e:00:99:4e:56:24:95:e7:b7:d6:7c:4e:
         f4:e3:2f:fa:44:9e:71:5c:da:c7:21:c3:67:ae:f2:72:fc:95:
         c3:d2:2a:fc:07:86:7e:93:9e:79:f1:2f:e7:e5:74:a6:87:2d:
         06:dc:a1:25:2b:25:fd:90:8b:b3:69:88:08:ba:74:66:82:33:
         7d:68:7c:8f:01:8a:04:50:3e:df:3e:77:83:ee:e8:c6:db:28:
         d8:33:1f:5b:8d:c8:48:ac:cc:ac:06:7e:27:0e:d0:e5:87:3c:
         dd:bc:cc:68:7e:7c:5a:8a:f6:4b:b7:af:c7:bf:7a:06:d7:98:
         a2:dd:52:e1:b9:18:ce:26:68:ba:8a:ee:a3:50:90:ba:23:45:
         41:b0:51:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZbTb2p5oLjZWNMlh/YVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwM2MzMDJjMmY1MjI3N2UzZDBhYjY4NDJmNjhhYTVmOGQw
ZDc3ODcwHhcNMjMwMTAxMDgxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzExMGIzN2M4Yzc3ZTc2M2JmZGU4OTM1Yjk1MmM5NDVjYmY5NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh1fMP1lwzdUnwlIQZK//YjNOaVl
J2jul4yS4ElXacOuqQxUZyUrRxiZ8eU/C0PCMnA0dq3T9Il8kdEXriNKDr3qjgv7
VTEVWDLIyDPFcZ18p5gK0Rpu26Vzmh4AjaZNdxDqyyeAVeC2aBejx2ZtHD78f5KA
67tHTUBEOk5glfD9RxfYnzjn5kZ/AYj8QJt+sk+ixAn0F0qi1kcJzWs04/l0hTTm
VTu8WL6WWBUM1dlklwoyfUd0jP8U+3lAnZL3POPPx1EkDGRw7pMCh9x2dEWickVm
wmkmGaPcvQiW0aLV6UkD4UIIr/iZ9SfXhpjhgFFCEbElQGC1re050CxxywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMRCzfIx352O/3ok1uVLJRcv5WtMB8GA1UdIwQY
MBaAFLA8MCwvUid+PQq2hC9oql+NDXeHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2Et
NmY3MDI0YzNhYWQ3LzEvSXhFTE44akhmblk3X2VpVFc1VXNsRnlfbGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3
LzEvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/r1MA0G
CSqGSIb3DQEBCwUAA4IBAQCMKXxCHYUwebh/uZTh6pi2RDFNq/SPqcA2ohw8rFvl
nxDvE3Da3MXkkIdvZJ/vZ6coud3QHMKsC/ZwgauTbdvp5Qu+jlg8hiBnB50A2RMZ
MWLZka3EzFcnISL81lL4qahhDOoyMGT+elQar+SanCX/OcYOAJlOViSV57fWfE70
4y/6RJ5xXNrHIcNnrvJy/JXD0ir8B4Z+k5558S/n5XSmhy0G3KElKyX9kIuzaYgI
unRmgjN9aHyPAYoEUD7fPneD7ujG2yjYMx9bjchIrMysBn4nDtDlhzzdvMxofnxa
ivZLt6/Hv3oG15ii3VLhuRjOJmi6iu6jUJC6I0VBsFEZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:41 2024 by rpki-client on console-fra.rpki-client.org