Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/X0F8Qzi2JGicVlDmTFp4JzRTko8.roa
File:                     X0F8Qzi2JGicVlDmTFp4JzRTko8.roa (raw, json)
Hash identifier:          pcKv4TjKGvpPoLKXFvJFvUo9cKfCSVd63TpZBrQ266Y=
Subject key identifier:   5F:41:7C:43:38:B6:24:68:9C:56:50:E6:4C:5A:78:27:34:53:92:8F
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       018572CC9465B82C366F93AE7CC487C2B134
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/X0F8Qzi2JGicVlDmTFp4JzRTko8.roa
Signing time:             Mon 02 Jan 2023 14:04:47 +0000
ROA not before:           Mon 02 Jan 2023 14:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        193.28.159.0/24 maxlen: 24
                          91.223.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:94:65:b8:2c:36:6f:93:ae:7c:c4:87:c2:b1:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jan  2 14:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f417c4338b624689c5650e64c5a78273453928f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:d3:09:e8:3c:0a:05:01:be:e8:ad:df:84:53:
                    06:16:f3:c4:4c:68:d0:c3:09:5f:67:bb:1a:82:47:
                    46:ff:04:19:98:19:e9:50:e3:89:e4:1c:d1:9b:bf:
                    2f:e9:73:65:70:ec:c4:4f:3d:01:d2:ad:38:b1:8f:
                    48:c3:0c:48:5c:41:68:14:dd:5e:26:b5:5d:4a:76:
                    37:61:4c:29:19:e4:71:26:db:e2:be:fa:02:df:7d:
                    d3:16:01:38:f1:c8:84:d8:bc:a2:fc:2d:48:c2:5b:
                    e8:72:c5:01:ac:f4:01:e0:c3:48:00:f5:41:94:9f:
                    20:70:95:94:0f:c4:34:d3:2c:f6:3f:5e:52:8e:1f:
                    9d:89:d4:a8:19:0b:ac:44:ab:fb:93:24:ae:38:7e:
                    4d:76:36:4a:43:2d:05:74:3e:f8:68:1a:35:31:e6:
                    b6:1d:7b:45:c7:b7:90:04:4b:42:77:ce:6d:1e:15:
                    f2:41:4a:af:48:66:0c:18:ae:51:e7:7e:5d:fc:7c:
                    e5:16:9e:11:67:6c:ca:c7:aa:6f:ad:05:85:8b:74:
                    3f:1a:3b:b4:27:25:4d:12:f4:c3:63:02:1a:32:2e:
                    82:11:ad:f1:47:e6:63:be:f7:8d:94:fc:f5:6a:21:
                    74:df:d4:3e:11:ee:b3:09:31:34:59:0e:57:f5:c0:
                    31:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:41:7C:43:38:B6:24:68:9C:56:50:E6:4C:5A:78:27:34:53:92:8F
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/X0F8Qzi2JGicVlDmTFp4JzRTko8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.161.0/24
                  193.28.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:42:27:50:9c:ee:30:a8:9f:59:41:28:b0:6a:29:55:5f:0a:
         6c:7f:99:9d:ac:cd:1e:be:a1:6d:83:c4:8e:d2:82:d2:ab:85:
         87:41:3f:94:ca:1a:3b:a1:b2:dd:62:fc:52:ee:c9:b8:14:b5:
         e4:76:55:80:a2:40:52:3d:fb:ae:6c:5c:92:f0:1a:89:2f:62:
         7e:cf:12:b1:25:ce:99:88:f8:4e:57:ca:47:0a:ec:55:fd:43:
         59:ea:19:4d:39:73:ac:52:58:33:f7:e6:fa:aa:94:cd:40:8b:
         0e:e8:04:23:ae:6f:48:e3:9c:d4:00:9d:6a:74:58:2c:18:df:
         70:5d:5b:16:fa:83:98:91:11:26:d0:b5:76:ac:94:46:04:48:
         61:76:8b:49:4e:bb:cb:51:50:88:e6:ee:87:c8:12:c2:9d:5e:
         2b:44:ba:7b:79:21:2f:c8:62:86:c9:df:15:b1:24:43:57:52:
         e9:87:6b:96:0a:cf:e8:57:5f:e7:65:96:4a:c1:9d:4e:b3:b0:
         47:c4:4b:6e:94:53:48:6e:d0:e1:94:13:5c:88:46:9b:19:b5:
         27:c5:3a:c7:cc:c1:05:de:1e:30:10:9e:b2:45:e1:43:6a:43:
         c6:1a:14:75:89:74:35:d5:00:67:ac:1d:6e:70:27:92:3c:e3:
         24:89:19:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzJRluCw2b5OufMSHwrE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjMwMTAyMTQwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQxN2M0MzM4YjYyNDY4OWM1NjUwZTY0YzVhNzgyNzM0NTM5MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNMJ6DwKBQG+6K3fhFMGFvPETGjQ
wwlfZ7sagkdG/wQZmBnpUOOJ5BzRm78v6XNlcOzETz0B0q04sY9IwwxIXEFoFN1e
JrVdSnY3YUwpGeRxJtvivvoC333TFgE48ciE2Lyi/C1IwlvocsUBrPQB4MNIAPVB
lJ8gcJWUD8Q00yz2P15Sjh+didSoGQusRKv7kySuOH5NdjZKQy0FdD74aBo1Mea2
HXtFx7eQBEtCd85tHhXyQUqvSGYMGK5R535d/HzlFp4RZ2zKx6pvrQWFi3Q/Gju0
JyVNEvTDYwIaMi6CEa3xR+ZjvveNlPz1aiF039Q+Ee6zCTE0WQ5X9cAx7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF9BfEM4tiRonFZQ5kxaeCc0U5KPMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvWDBGOFF6aTJKR2ljVmxEbVRGcDRKelJUa284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9+hAwQA
wRyfMA0GCSqGSIb3DQEBCwUAA4IBAQBbQidQnO4wqJ9ZQSiwailVXwpsf5mdrM0e
vqFtg8SO0oLSq4WHQT+Uyho7obLdYvxS7sm4FLXkdlWAokBSPfuubFyS8BqJL2J+
zxKxJc6ZiPhOV8pHCuxV/UNZ6hlNOXOsUlgz9+b6qpTNQIsO6AQjrm9I45zUAJ1q
dFgsGN9wXVsW+oOYkREm0LV2rJRGBEhhdotJTrvLUVCI5u6HyBLCnV4rRLp7eSEv
yGKGyd8VsSRDV1Lph2uWCs/oV1/nZZZKwZ1Os7BHxEtulFNIbtDhlBNciEabGbUn
xTrHzMEF3h4wEJ6yReFDakPGGhR1iXQ11QBnrB1ucCeSPOMkiRnd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org