Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/Iu439pFG1FC8VRiLi4xQU3HnEQM.roa
File:                     Iu439pFG1FC8VRiLi4xQU3HnEQM.roa (raw, json)
Hash identifier:          8yvJPPejahUxIUhNLF7u0AqKg/zu4HQtkzgQG38tUqY=
Subject key identifier:   22:EE:37:F6:91:46:D4:50:BC:55:18:8B:8B:8C:50:53:71:E7:11:03
Certificate issuer:       /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial:       01896FF445273A24D3F439A4482D5689159A
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/Iu439pFG1FC8VRiLi4xQU3HnEQM.roa
Signing time:             Wed 19 Jul 2023 21:00:26 +0000
ROA not before:           Wed 19 Jul 2023 21:00:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.199.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 31 Jul 2023 11:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6f:f4:45:27:3a:24:d3:f4:39:a4:48:2d:56:89:15:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
        Validity
            Not Before: Jul 19 21:00:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22ee37f69146d450bc55188b8b8c505371e71103
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:13:70:2d:6d:6f:5d:5e:db:48:5c:32:f8:70:
                    af:7f:12:a9:0e:0c:86:72:8a:04:64:7d:ec:62:5f:
                    ce:7f:13:bc:bc:e1:ae:9b:f4:d1:2c:75:0c:35:7b:
                    55:9a:51:70:07:7e:20:48:13:9b:33:da:b1:7d:c3:
                    9b:3d:ec:15:b0:6b:11:dc:f3:fc:ae:4a:41:d7:39:
                    ae:af:a1:12:d6:fb:10:5e:a4:62:e3:d4:97:7f:5d:
                    6a:a8:29:67:03:3f:6e:b7:d2:fb:b8:8c:cd:03:37:
                    7d:11:f9:92:3f:f1:a6:82:7f:6a:31:dd:90:c2:cd:
                    3d:fa:39:b9:fe:e9:0d:73:15:66:9f:b2:18:4f:1a:
                    e9:7f:ff:81:ad:7a:c6:30:9f:f3:6b:bb:35:39:ca:
                    d9:c3:f4:3a:45:3f:b1:30:63:1b:75:88:9c:3b:6d:
                    e0:ce:bc:18:10:06:16:4d:03:1f:58:7b:09:0c:b6:
                    37:e1:ed:35:67:84:0a:bc:38:e0:13:e6:66:6a:d8:
                    1b:4b:41:80:5d:51:5d:82:ef:43:0e:0c:40:a1:79:
                    f2:b2:ba:6d:a9:ae:4f:cc:53:fc:81:8b:8d:40:21:
                    2a:3d:9f:41:2f:65:16:d6:bb:ca:3e:4c:b7:f5:7f:
                    30:d6:08:09:b2:9f:05:8a:69:9c:3f:a1:12:1d:dd:
                    61:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:EE:37:F6:91:46:D4:50:BC:55:18:8B:8B:8C:50:53:71:E7:11:03
            X509v3 Authority Key Identifier:
                keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/Iu439pFG1FC8VRiLi4xQU3HnEQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:19:1a:5f:75:ee:24:22:03:c1:d1:8d:0b:c8:5e:f9:15:21:
         bf:9a:10:83:a6:ba:bc:6a:51:17:2d:45:27:4d:9b:87:a1:15:
         4f:e2:fa:32:c8:82:2c:bc:a6:74:3f:43:28:88:f6:f4:ea:96:
         46:e6:33:a8:30:30:d7:63:8a:20:a8:b8:94:1c:b1:2b:fd:68:
         ec:d5:f9:b1:b3:86:1c:3f:21:31:b1:6e:f9:fc:f0:98:20:1b:
         43:19:fc:37:95:b7:99:82:93:16:34:25:e6:81:52:5c:f1:14:
         4c:41:72:7d:b1:6c:87:9d:c4:3e:fc:84:2f:cd:aa:c2:67:86:
         82:07:1d:3c:31:32:09:84:fb:af:04:62:61:53:91:4d:c4:25:
         9e:33:67:68:69:b9:92:94:1b:9a:04:2c:e7:81:ac:15:38:00:
         b3:5d:5a:6b:ef:80:73:b4:cd:a6:db:99:72:fb:c5:57:04:4d:
         34:69:38:ce:99:30:0f:59:a7:b0:1a:03:fa:9a:e1:98:b7:01:
         01:71:23:59:69:e3:03:fd:ea:70:cc:54:4c:a0:03:48:f0:d7:
         a1:32:c6:3f:da:26:89:0f:3e:b9:55:ba:88:8d:0b:15:c9:52:
         22:8a:fa:12:ba:e8:5f:4e:da:a8:53:e6:62:a3:69:7d:5b:ac:
         b5:44:2e:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlv9EUnOiTT9DmkSC1WiRWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjMwNzE5MjEwMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmVlMzdmNjkxNDZkNDUwYmM1NTE4OGI4YjhjNTA1MzcxZTcxMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxNwLW1vXV7bSFwy+HCvfxKpDgyG
cooEZH3sYl/OfxO8vOGum/TRLHUMNXtVmlFwB34gSBObM9qxfcObPewVsGsR3PP8
rkpB1zmur6ES1vsQXqRi49SXf11qqClnAz9ut9L7uIzNAzd9EfmSP/Gmgn9qMd2Q
ws09+jm5/ukNcxVmn7IYTxrpf/+BrXrGMJ/za7s1OcrZw/Q6RT+xMGMbdYicO23g
zrwYEAYWTQMfWHsJDLY34e01Z4QKvDjgE+ZmatgbS0GAXVFdgu9DDgxAoXnysrpt
qa5PzFP8gYuNQCEqPZ9BL2UW1rvKPky39X8w1ggJsp8FimmcP6ESHd1hfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLuN/aRRtRQvFUYi4uMUFNx5xEDMB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvSXU0MzlwRkcxRkM4VlJpTGk0eFFVM0huRVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8cvMA0G
CSqGSIb3DQEBCwUAA4IBAQC2GRpfde4kIgPB0Y0LyF75FSG/mhCDprq8alEXLUUn
TZuHoRVP4voyyIIsvKZ0P0MoiPb06pZG5jOoMDDXY4ogqLiUHLEr/Wjs1fmxs4Yc
PyExsW75/PCYIBtDGfw3lbeZgpMWNCXmgVJc8RRMQXJ9sWyHncQ+/IQvzarCZ4aC
Bx08MTIJhPuvBGJhU5FNxCWeM2doabmSlBuaBCzngawVOACzXVpr74BztM2m25ly
+8VXBE00aTjOmTAPWaewGgP6muGYtwEBcSNZaeMD/epwzFRMoANI8NehMsY/2iaJ
Dz65VbqIjQsVyVIiivoSuuhfTtqoU+Zio2l9W6y1RC7d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:19 2024 by rpki-client on console-ams.rpki-client.org