Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/WY8ubGZZ3dljb7NdFtV6SUetsIg.roa
File:                     WY8ubGZZ3dljb7NdFtV6SUetsIg.roa (raw, json)
Hash identifier:          JVXN2YoZl9zT85cqkWjc/B/4KDiQevhopvTX6Ued4B8=
Subject key identifier:   59:8F:2E:6C:66:59:DD:D9:63:6F:B3:5D:16:D5:7A:49:47:AD:B0:88
Certificate issuer:       /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial:       01856F021FCD043F619FF4E61F70892F9269
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/WY8ubGZZ3dljb7NdFtV6SUetsIg.roa
Signing time:             Sun 01 Jan 2023 20:24:48 +0000
ROA not before:           Sun 01 Jan 2023 20:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211975
IP address blocks:        91.199.32.0/24 maxlen: 24
                          91.199.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 May 2023 08:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:1f:cd:04:3f:61:9f:f4:e6:1f:70:89:2f:92:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
        Validity
            Not Before: Jan  1 20:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=598f2e6c6659ddd9636fb35d16d57a4947adb088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:02:95:e9:70:31:6b:cc:94:ca:d5:fb:bc:a2:
                    86:74:5a:72:e1:f9:1d:e8:25:ab:c8:1b:18:80:1f:
                    d3:6b:09:62:60:dd:70:7b:1d:34:23:16:d1:e5:bd:
                    0f:6b:01:0d:a3:14:55:ee:a4:50:e8:e6:01:fb:cd:
                    4c:fd:62:20:72:b0:1e:86:cb:c2:54:3a:da:db:80:
                    58:75:e0:43:fc:8a:94:59:41:33:2a:76:a8:20:f7:
                    7a:ca:f1:b4:3b:f8:99:d5:ae:e7:f9:bb:1d:16:82:
                    d6:1a:4f:d6:0d:1e:9d:b4:cb:d8:38:29:85:e4:5d:
                    d2:a0:70:4a:a4:16:77:0e:b2:de:ce:b4:c8:e4:84:
                    c5:60:5a:fb:5a:7a:8a:42:a9:75:8e:03:c9:e2:9b:
                    a0:d3:07:7a:59:f5:9f:be:ab:c6:81:ac:aa:1f:49:
                    ca:14:ea:91:96:9c:4e:c4:9c:28:3c:89:d7:5a:8d:
                    6e:31:4c:47:37:7d:d1:69:69:b8:02:bb:9f:1f:a7:
                    86:1d:78:a6:79:f7:59:cd:95:3a:a9:95:30:72:43:
                    58:d2:1c:82:2e:c2:01:b9:13:46:73:55:03:02:88:
                    67:22:af:40:bf:44:3a:c3:e5:a0:ed:25:b0:05:e5:
                    06:66:44:e5:e9:e9:e5:a7:01:70:b7:a0:4a:7b:b6:
                    a2:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:8F:2E:6C:66:59:DD:D9:63:6F:B3:5D:16:D5:7A:49:47:AD:B0:88
            X509v3 Authority Key Identifier:
                keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/WY8ubGZZ3dljb7NdFtV6SUetsIg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.32.0/24
                  91.199.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:a2:7d:87:b6:f5:24:98:03:e2:1c:9a:09:9f:c3:b8:e3:bc:
         58:aa:03:f5:15:dd:e5:11:f4:71:2c:23:9a:70:8f:17:d9:64:
         46:52:52:de:d4:95:6c:a9:fe:37:8b:38:98:3f:0a:b7:7d:40:
         3d:4e:07:a9:b6:35:2b:b4:29:34:48:11:74:33:03:e3:07:98:
         65:fa:fa:91:20:fa:42:92:49:a7:25:96:a8:1b:4e:73:95:49:
         ab:43:39:8a:4d:00:fd:d3:3f:7a:e0:f0:1f:cb:33:28:7f:56:
         ee:17:44:3b:c5:ac:a6:b4:de:9d:44:83:c1:20:c4:5a:01:6f:
         aa:5d:4c:2e:73:1d:f8:03:52:64:01:f7:14:11:3e:c5:2f:e8:
         ff:87:e6:48:82:b5:f8:f2:29:90:84:45:36:9b:c1:4c:e5:b5:
         9f:b1:b5:a4:3c:c1:76:42:0b:7a:cf:36:49:a8:9a:56:16:3e:
         10:3d:d0:b9:7c:ec:b6:1f:f6:8a:3e:bd:36:c1:33:46:7e:bd:
         8f:1f:04:8c:25:87:af:6f:a3:3c:35:99:07:91:82:7f:a8:b0:
         75:52:5d:7f:a2:3d:c5:72:1c:d7:45:9d:ba:d2:42:62:69:b6:
         2b:f7:d4:36:29:8d:40:42:7c:32:82:3a:b5:b3:16:bd:b4:53:
         8b:3b:0c:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvAh/NBD9hn/TmH3CJL5JpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjMwMTAxMjAyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OThmMmU2YzY2NTlkZGQ5NjM2ZmIzNWQxNmQ1N2E0OTQ3YWRiMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywKV6XAxa8yUytX7vKKGdFpy4fkd
6CWryBsYgB/TawliYN1wex00IxbR5b0PawENoxRV7qRQ6OYB+81M/WIgcrAehsvC
VDra24BYdeBD/IqUWUEzKnaoIPd6yvG0O/iZ1a7n+bsdFoLWGk/WDR6dtMvYOCmF
5F3SoHBKpBZ3DrLezrTI5ITFYFr7WnqKQql1jgPJ4pug0wd6WfWfvqvGgayqH0nK
FOqRlpxOxJwoPInXWo1uMUxHN33RaWm4ArufH6eGHXimefdZzZU6qZUwckNY0hyC
LsIBuRNGc1UDAohnIq9Av0Q6w+Wg7SWwBeUGZkTl6enlpwFwt6BKe7aizQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFmPLmxmWd3ZY2+zXRbVeklHrbCIMB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvV1k4dWJHWlozZGxqYjdOZEZ0VjZTVWV0c0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8cgAwQA
W8cqMA0GCSqGSIb3DQEBCwUAA4IBAQAoon2HtvUkmAPiHJoJn8O447xYqgP1Fd3l
EfRxLCOacI8X2WRGUlLe1JVsqf43iziYPwq3fUA9TgeptjUrtCk0SBF0MwPjB5hl
+vqRIPpCkkmnJZaoG05zlUmrQzmKTQD90z964PAfyzMof1buF0Q7xaymtN6dRIPB
IMRaAW+qXUwucx34A1JkAfcUET7FL+j/h+ZIgrX48imQhEU2m8FM5bWfsbWkPMF2
Qgt6zzZJqJpWFj4QPdC5fOy2H/aKPr02wTNGfr2PHwSMJYevb6M8NZkHkYJ/qLB1
Ul1/oj3FchzXRZ260kJiabYr99Q2KY1AQnwygjq1sxa9tFOLOwzl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:19 2024 by rpki-client on console-ams.rpki-client.org