Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/4y8am-mTDbEEP4mGgXjId6-kSPs.roa
File:                     4y8am-mTDbEEP4mGgXjId6-kSPs.roa (raw, json)
Hash identifier:          i76Tf1P6KrnQyIs9bzgtA0BcsODM2/gEn1MJNgiIzH0=
Subject key identifier:   E3:2F:1A:9B:E9:93:0D:B1:04:3F:89:86:81:78:C8:77:AF:A4:48:FB
Certificate issuer:       /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial:       0187EEA5F18B3E548B2AC3F750FBA55904E7
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/4y8am-mTDbEEP4mGgXjId6-kSPs.roa
Signing time:             Sat 06 May 2023 01:21:05 +0000
ROA not before:           Sat 06 May 2023 01:21:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     26506
IP address blocks:        86.51.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ee:a5:f1:8b:3e:54:8b:2a:c3:f7:50:fb:a5:59:04:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
        Validity
            Not Before: May  6 01:21:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e32f1a9be9930db1043f89868178c877afa448fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:20:ab:6f:5f:4d:93:e6:83:26:80:66:16:e2:
                    1f:4f:a0:99:4e:dd:df:6c:d9:10:b7:8b:2a:dd:ad:
                    1f:03:0d:f7:55:c1:71:2b:80:24:e5:0c:28:1f:9b:
                    6a:f7:a0:31:a1:d4:ec:3e:ad:a9:38:66:dd:14:10:
                    83:09:1e:25:4c:c0:1d:13:c5:bd:eb:70:67:fe:cc:
                    55:32:45:a4:21:69:fd:bb:f3:67:ed:f6:e6:90:fc:
                    74:fa:d9:70:5c:79:0e:cb:61:d5:46:e9:12:8a:fe:
                    0e:ba:a2:39:d6:ba:12:d5:f6:31:26:fd:d0:82:45:
                    01:be:cc:6b:be:84:0f:9b:57:9a:2f:35:fe:96:34:
                    c5:28:68:6f:0c:28:20:27:09:db:f3:3d:9f:72:45:
                    a0:1f:9d:e7:f3:02:a1:64:d0:ba:5b:1f:cd:3a:c1:
                    7d:3b:52:08:8e:82:af:30:e3:d8:68:71:1d:de:fe:
                    b4:f6:2e:f7:2f:8d:f3:14:4f:42:4f:70:42:2e:b2:
                    b2:6b:99:d7:8e:d9:cc:54:9c:4a:e7:c7:b2:ca:b7:
                    90:4f:02:b6:5b:d8:4b:00:e7:02:a5:79:95:d2:35:
                    d7:2e:92:ab:b4:ab:db:41:be:00:37:dc:80:7a:21:
                    67:55:c1:eb:55:2d:da:6a:14:54:d2:14:5d:4f:db:
                    17:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:2F:1A:9B:E9:93:0D:B1:04:3F:89:86:81:78:C8:77:AF:A4:48:FB
            X509v3 Authority Key Identifier:
                keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/4y8am-mTDbEEP4mGgXjId6-kSPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.51.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:43:da:d3:e1:ac:2d:ba:21:8e:94:69:36:29:02:00:59:9d:
         b0:0d:40:82:52:84:be:69:b2:64:fa:a3:ba:83:fb:79:80:65:
         96:79:8d:24:d0:aa:19:8a:9b:f5:1b:12:86:84:67:7e:21:e9:
         1b:f7:9c:03:13:64:76:f1:74:a9:9b:85:8f:bf:05:fb:cd:d6:
         7f:f5:02:00:24:36:20:a5:17:6e:9d:9d:17:ac:8d:9b:2d:96:
         33:70:95:ab:9c:38:9d:c2:76:31:08:07:95:df:65:ef:cf:bf:
         45:0e:cd:c1:c9:c1:a0:de:08:6b:1e:a5:8b:a1:6c:78:6a:e7:
         bb:ce:d6:29:0f:97:f6:84:ef:87:b3:37:30:68:90:5e:52:26:
         fd:2e:65:26:e1:43:13:4e:67:d3:30:4c:90:93:2b:3e:93:e3:
         81:9b:52:1a:3b:ae:30:49:d0:01:30:fc:97:a1:71:fd:d2:71:
         2b:e3:54:5c:12:78:91:55:3e:31:fa:6a:a6:40:4d:3c:b0:46:
         d1:a6:80:5a:3c:06:03:c0:53:46:b4:fd:a1:0d:59:0d:ad:d4:
         38:40:43:40:4c:73:2e:e7:2d:74:56:77:96:42:0e:e3:1e:e5:
         23:c5:15:d4:20:a1:75:fa:88:06:c8:63:a5:76:1d:87:95:4f:
         e8:ac:25:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfupfGLPlSLKsP3UPulWQTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjMwNTA2MDEyMTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJmMWE5YmU5OTMwZGIxMDQzZjg5ODY4MTc4Yzg3N2FmYTQ0OGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyCrb19Nk+aDJoBmFuIfT6CZTt3f
bNkQt4sq3a0fAw33VcFxK4Ak5QwoH5tq96AxodTsPq2pOGbdFBCDCR4lTMAdE8W9
63Bn/sxVMkWkIWn9u/Nn7fbmkPx0+tlwXHkOy2HVRukSiv4OuqI51roS1fYxJv3Q
gkUBvsxrvoQPm1eaLzX+ljTFKGhvDCggJwnb8z2fckWgH53n8wKhZNC6Wx/NOsF9
O1IIjoKvMOPYaHEd3v609i73L43zFE9CT3BCLrKya5nXjtnMVJxK58eyyreQTwK2
W9hLAOcCpXmV0jXXLpKrtKvbQb4AN9yAeiFnVcHrVS3aahRU0hRdT9sXnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMvGpvpkw2xBD+JhoF4yHevpEj7MB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvNHk4YW0tbVREYkVFUDRtR2dYaklkNi1rU1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVjNbMA0G
CSqGSIb3DQEBCwUAA4IBAQAeQ9rT4awtuiGOlGk2KQIAWZ2wDUCCUoS+abJk+qO6
g/t5gGWWeY0k0KoZipv1GxKGhGd+Iekb95wDE2R28XSpm4WPvwX7zdZ/9QIAJDYg
pRdunZ0XrI2bLZYzcJWrnDidwnYxCAeV32Xvz79FDs3BycGg3ghrHqWLoWx4aue7
ztYpD5f2hO+HszcwaJBeUib9LmUm4UMTTmfTMEyQkys+k+OBm1IaO64wSdABMPyX
oXH90nEr41RcEniRVT4x+mqmQE08sEbRpoBaPAYDwFNGtP2hDVkNrdQ4QENATHMu
5y10VneWQg7jHuUjxRXUIKF1+ogGyGOldh2HlU/orCUd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:14 2024 by rpki-client on console-fra.rpki-client.org