Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/98fcb5-87a7-4fde-9847-4902a66b2d95/1/F35R6rzbZZ5UosEPjDFJNsvNfB0.roa
File:                     F35R6rzbZZ5UosEPjDFJNsvNfB0.roa (raw, json)
Hash identifier:          wQrNaKyX4piAvPPkvY3GbtDv1BeIb+nbtjalEAR6AE4=
Subject key identifier:   17:7E:51:EA:BC:DB:65:9E:54:A2:C1:0F:8C:31:49:36:CB:CD:7C:1D
Certificate issuer:       /CN=26ad7d3560134e0a8ae46fc5b32c5acb61dde39c
Certificate serial:       018C77420B8E5ADFC8E6D50D34CE47F73D20
Authority key identifier: 26:AD:7D:35:60:13:4E:0A:8A:E4:6F:C5:B3:2C:5A:CB:61:DD:E3:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jq19NWATTgqK5G_Fsyxay2Hd45w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/98fcb5-87a7-4fde-9847-4902a66b2d95/1/F35R6rzbZZ5UosEPjDFJNsvNfB0.roa
Signing time:             Sun 17 Dec 2023 10:11:06 +0000
ROA not before:           Sun 17 Dec 2023 10:11:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19905
IP address blocks:        91.205.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:77:42:0b:8e:5a:df:c8:e6:d5:0d:34:ce:47:f7:3d:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26ad7d3560134e0a8ae46fc5b32c5acb61dde39c
        Validity
            Not Before: Dec 17 10:11:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=177e51eabcdb659e54a2c10f8c314936cbcd7c1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b5:f8:f5:2c:b7:47:b9:1d:7b:0e:a9:9e:cb:
                    e8:01:40:fd:8f:75:40:a8:0d:22:8e:1d:09:27:d7:
                    43:1f:c5:91:5a:c5:a2:c0:32:c5:b5:73:33:fc:1a:
                    e9:13:f9:56:b7:52:20:53:0c:b5:14:f0:4d:02:00:
                    2a:dd:3d:5b:4d:70:45:98:8c:56:ce:40:14:10:a4:
                    cd:12:66:7a:81:75:a8:e7:ab:99:0b:50:c9:b0:36:
                    b8:68:e4:b1:cc:07:d6:d2:57:44:9e:14:f0:29:8b:
                    2c:50:fb:1e:e4:f5:92:05:e3:51:7f:14:c1:88:66:
                    18:e4:80:5e:8e:e8:3d:89:b4:ee:e3:2a:14:d8:24:
                    28:f4:55:51:36:6b:09:61:5f:2c:1b:64:e9:07:d4:
                    de:cc:3b:20:23:40:78:56:73:58:cd:2d:19:d4:33:
                    64:72:8a:43:5d:0e:88:35:c0:1e:cc:47:da:43:49:
                    3a:dd:22:3e:fe:ec:1d:8a:f6:10:22:db:a5:28:ce:
                    b6:13:d1:23:41:8b:86:e4:85:0f:60:38:77:2e:71:
                    6a:51:e7:5b:b9:6b:80:09:53:39:aa:13:2a:cc:e6:
                    d8:90:a2:f1:6b:94:b9:37:27:33:1e:99:08:f2:a3:
                    1b:b4:3b:01:cd:2d:4f:32:c4:0c:c2:e4:b2:c6:f0:
                    1f:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:7E:51:EA:BC:DB:65:9E:54:A2:C1:0F:8C:31:49:36:CB:CD:7C:1D
            X509v3 Authority Key Identifier:
                keyid:26:AD:7D:35:60:13:4E:0A:8A:E4:6F:C5:B3:2C:5A:CB:61:DD:E3:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jq19NWATTgqK5G_Fsyxay2Hd45w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/98fcb5-87a7-4fde-9847-4902a66b2d95/1/F35R6rzbZZ5UosEPjDFJNsvNfB0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/98fcb5-87a7-4fde-9847-4902a66b2d95/1/Jq19NWATTgqK5G_Fsyxay2Hd45w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:95:cf:31:85:11:e0:eb:9b:49:d0:69:9f:5d:65:a3:08:95:
         ff:7b:49:2a:dc:e3:b7:15:7e:6d:b2:f6:01:d1:ba:10:6f:ca:
         57:b7:dc:8d:d9:28:3b:c7:60:c6:a2:96:f1:8c:57:a8:59:a4:
         9b:35:4c:4f:5f:83:d1:fa:ff:2e:76:e0:15:06:b4:68:c4:fa:
         46:6f:b2:ee:72:db:33:a5:ac:f7:fe:70:8c:92:83:8d:3b:90:
         f9:62:86:b0:4e:47:24:a5:21:1c:e4:7b:0b:c3:6e:e2:90:c3:
         9d:16:b3:11:76:a7:ef:a0:57:0b:38:cd:a8:90:21:0b:6f:88:
         53:66:e8:68:61:60:9d:7d:0a:83:11:65:73:37:ff:9a:92:ad:
         8a:ae:a1:28:34:60:8a:1d:9e:b2:be:0c:db:1a:51:ae:7b:a8:
         86:0d:37:c1:60:64:b0:b0:f3:cb:9a:09:14:5c:1f:52:d8:d9:
         91:1b:36:ae:8c:53:24:2c:47:44:65:e4:95:04:81:18:42:8d:
         d1:38:92:80:d9:49:65:c1:3f:25:5f:a2:21:d8:5a:a2:7a:09:
         76:5e:11:14:63:91:5f:07:40:8c:34:9f:fc:59:fd:30:70:01:
         81:f1:43:da:ca:ef:03:3c:4b:83:b0:4d:86:df:79:ca:42:fb:
         ac:45:2a:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx3QguOWt/I5tUNNM5H9z0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YWQ3ZDM1NjAxMzRlMGE4YWU0NmZjNWIzMmM1YWNiNjFk
ZGUzOWMwHhcNMjMxMjE3MTAxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzdlNTFlYWJjZGI2NTllNTRhMmMxMGY4YzMxNDkzNmNiY2Q3YzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLX49Sy3R7kdew6pnsvoAUD9j3VA
qA0ijh0JJ9dDH8WRWsWiwDLFtXMz/BrpE/lWt1IgUwy1FPBNAgAq3T1bTXBFmIxW
zkAUEKTNEmZ6gXWo56uZC1DJsDa4aOSxzAfW0ldEnhTwKYssUPse5PWSBeNRfxTB
iGYY5IBejug9ibTu4yoU2CQo9FVRNmsJYV8sG2TpB9TezDsgI0B4VnNYzS0Z1DNk
copDXQ6INcAezEfaQ0k63SI+/uwdivYQItulKM62E9EjQYuG5IUPYDh3LnFqUedb
uWuACVM5qhMqzObYkKLxa5S5NyczHpkI8qMbtDsBzS1PMsQMwuSyxvAfiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBd+Ueq822WeVKLBD4wxSTbLzXwdMB8GA1UdIwQY
MBaAFCatfTVgE04KiuRvxbMsWsth3eOcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnExOU5XQVRUZ3FLNUdfRnN5eGF5MkhkNDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85OGZjYjUtODdhNy00ZmRlLTk4NDct
NDkwMmE2NmIyZDk1LzEvRjM1UjZyemJaWjVVb3NFUGpERkpOc3ZOZkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85OGZjYjUtODdhNy00ZmRlLTk4NDctNDkwMmE2NmIyZDk1
LzEvSnExOU5XQVRUZ3FLNUdfRnN5eGF5MkhkNDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW80qMA0G
CSqGSIb3DQEBCwUAA4IBAQB9lc8xhRHg65tJ0GmfXWWjCJX/e0kq3OO3FX5tsvYB
0boQb8pXt9yN2Sg7x2DGopbxjFeoWaSbNUxPX4PR+v8uduAVBrRoxPpGb7Luctsz
paz3/nCMkoONO5D5YoawTkckpSEc5HsLw27ikMOdFrMRdqfvoFcLOM2okCELb4hT
ZuhoYWCdfQqDEWVzN/+akq2KrqEoNGCKHZ6yvgzbGlGue6iGDTfBYGSwsPPLmgkU
XB9S2NmRGzaujFMkLEdEZeSVBIEYQo3ROJKA2UllwT8lX6Ih2Fqiegl2XhEUY5Ff
B0CMNJ/8Wf0wcAGB8UPayu8DPEuDsE2G33nKQvusRSrK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:31 2024 by rpki-client on console-ams.rpki-client.org