Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/eIw5NSCIg9iR_O0xEnzwZOVAvrg.roa
File:                     eIw5NSCIg9iR_O0xEnzwZOVAvrg.roa (raw, json)
Hash identifier:          8/cqhA4AgpA9fstOGWlpNfugEF5EocSBPTYNQjznvfI=
Subject key identifier:   78:8C:39:35:20:88:83:D8:91:FC:ED:31:12:7C:F0:64:E5:40:BE:B8
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       01856C5CAE840D2C2F6E1DE9F545737B4273
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/eIw5NSCIg9iR_O0xEnzwZOVAvrg.roa
Signing time:             Sun 01 Jan 2023 08:04:51 +0000
ROA not before:           Sun 01 Jan 2023 08:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        91.237.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Jan 2023 00:44:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:5c:ae:84:0d:2c:2f:6e:1d:e9:f5:45:73:7b:42:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 08:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=788c3935208883d891fced31127cf064e540beb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:bf:ce:e2:9e:da:1e:de:8a:5f:9d:9c:3c:62:
                    9e:4b:e4:14:9f:f0:0e:69:d6:65:aa:d1:c6:ce:d5:
                    f0:01:f4:2c:dd:b5:cb:8a:35:85:00:a0:a7:4f:79:
                    51:9f:5c:74:8b:eb:e6:77:14:a7:01:30:b4:32:d7:
                    1b:01:e9:43:da:5b:6d:b3:9a:ce:e4:a4:7b:97:f6:
                    10:c6:c2:dd:6d:31:6a:77:c4:73:6c:03:c1:86:5b:
                    35:ad:33:b4:31:4b:18:09:9f:53:9d:f7:46:a4:16:
                    c9:2f:45:d6:6f:7a:0d:96:32:96:3a:f0:5f:79:79:
                    1d:8e:36:54:13:76:33:fc:b7:46:10:5c:11:f3:89:
                    f2:92:fa:c9:e7:9c:aa:29:d9:a2:97:7e:c0:18:d8:
                    e8:a7:7c:79:42:13:63:46:37:81:1f:c4:b9:31:e5:
                    2b:48:69:f5:69:eb:a3:1c:49:28:14:a1:17:34:ff:
                    f2:4a:4d:22:d1:10:77:0c:4e:08:fc:f0:7e:98:2b:
                    51:97:c7:5e:ea:f8:b1:17:35:05:e1:7d:30:2d:4a:
                    41:76:72:59:1e:17:3d:6d:1a:af:2f:49:fb:fc:b4:
                    7e:c3:6b:44:4b:ea:7f:70:e3:45:a3:e9:b3:fe:32:
                    fd:ad:fd:5c:ed:85:f5:00:4a:49:4f:f1:81:3a:39:
                    dd:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:8C:39:35:20:88:83:D8:91:FC:ED:31:12:7C:F0:64:E5:40:BE:B8
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/eIw5NSCIg9iR_O0xEnzwZOVAvrg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:5d:ff:86:e6:ea:98:0e:7a:58:20:24:f8:dd:07:92:41:e6:
         be:69:ba:c8:4d:a3:ba:d9:ea:cd:d8:bc:0d:c0:59:c3:f6:e6:
         1e:ae:bd:af:e6:fe:0b:3b:d2:72:0d:8e:07:16:1d:54:35:e4:
         1a:94:06:f9:70:09:1a:71:f6:7f:b5:2c:9f:b6:52:a2:11:84:
         0c:07:b6:2a:c5:51:03:5a:cf:a3:84:13:26:a9:a8:f3:bd:0f:
         75:b7:11:21:05:75:e6:59:30:ef:c7:e2:03:bb:8e:bf:24:18:
         e7:27:8b:82:3d:87:52:ba:df:8a:da:6d:5c:e7:09:7d:5d:8c:
         4c:9e:a5:4b:82:0a:66:d1:00:25:57:0b:2b:b8:91:b4:c5:9a:
         f6:ad:0d:9b:95:4d:62:47:55:0b:50:c5:dc:88:e8:77:47:d8:
         75:18:83:5f:10:cf:6f:ab:f7:61:50:cd:ba:3e:d7:3b:3d:53:
         d8:9f:a9:1e:8f:f2:62:6b:93:cf:39:00:4c:d2:b5:38:b4:d6:
         d6:95:22:9e:6f:1e:dc:ea:ba:f2:58:cc:f5:aa:62:1d:d2:3a:
         2f:f4:52:13:24:fd:e1:90:e4:67:84:05:52:a8:7d:43:aa:f1:
         00:10:16:bf:56:ae:cc:e0:84:55:32:41:54:f0:cc:e9:6a:26:
         4a:75:4e:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsXK6EDSwvbh3p9UVze0JzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODhjMzkzNTIwODg4M2Q4OTFmY2VkMzExMjdjZjA2NGU1NDBiZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7/O4p7aHt6KX52cPGKeS+QUn/AO
adZlqtHGztXwAfQs3bXLijWFAKCnT3lRn1x0i+vmdxSnATC0MtcbAelD2ltts5rO
5KR7l/YQxsLdbTFqd8RzbAPBhls1rTO0MUsYCZ9TnfdGpBbJL0XWb3oNljKWOvBf
eXkdjjZUE3Yz/LdGEFwR84nykvrJ55yqKdmil37AGNjop3x5QhNjRjeBH8S5MeUr
SGn1aeujHEkoFKEXNP/ySk0i0RB3DE4I/PB+mCtRl8de6vixFzUF4X0wLUpBdnJZ
Hhc9bRqvL0n7/LR+w2tES+p/cONFo+mz/jL9rf1c7YX1AEpJT/GBOjnduwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHiMOTUgiIPYkfztMRJ88GTlQL64MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvZUl3NU5TQ0lnOWlSX08weEVuendaT1ZBdnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+2vMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Xf+G5uqYDnpYICT43QeSQea+abrITaO62erN2LwN
wFnD9uYerr2v5v4LO9JyDY4HFh1UNeQalAb5cAkacfZ/tSyftlKiEYQMB7YqxVED
Ws+jhBMmqajzvQ91txEhBXXmWTDvx+IDu46/JBjnJ4uCPYdSut+K2m1c5wl9XYxM
nqVLggpm0QAlVwsruJG0xZr2rQ2blU1iR1ULUMXciOh3R9h1GINfEM9vq/dhUM26
Ptc7PVPYn6kej/Jia5PPOQBM0rU4tNbWlSKebx7c6rryWMz1qmId0jov9FITJP3h
kORnhAVSqH1DqvEAEBa/Vq7M4IRVMkFU8MzpaiZKdU4A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:37 2024 by rpki-client on console-ams.rpki-client.org