Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/d8c6f2-4191-46e6-8db6-b6ea82f19220/1/go4PX-_8ZBbBDaoOGLaMMW47JjM.roa
File:                     go4PX-_8ZBbBDaoOGLaMMW47JjM.roa (raw, json)
Hash identifier:          OIFtYItt96Lwsag6pVbxDVvuDQKgoR/WB/B5GVF+pa4=
Subject key identifier:   82:8E:0F:5F:EF:FC:64:16:C1:0D:AA:0E:18:B6:8C:31:6E:3B:26:33
Certificate issuer:       /CN=2919461844549824500b7cd1c451d824ba6e5677
Certificate serial:       01856DDD39A463D5A89227BDACA8B7227B26
Authority key identifier: 29:19:46:18:44:54:98:24:50:0B:7C:D1:C4:51:D8:24:BA:6E:56:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KRlGGERUmCRQC3zRxFHYJLpuVnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/d8c6f2-4191-46e6-8db6-b6ea82f19220/1/go4PX-_8ZBbBDaoOGLaMMW47JjM.roa
Signing time:             Sun 01 Jan 2023 15:04:52 +0000
ROA not before:           Sun 01 Jan 2023 15:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6876
IP address blocks:        91.194.78.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:dd:39:a4:63:d5:a8:92:27:bd:ac:a8:b7:22:7b:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2919461844549824500b7cd1c451d824ba6e5677
        Validity
            Not Before: Jan  1 15:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=828e0f5feffc6416c10daa0e18b68c316e3b2633
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:29:87:d5:32:c6:32:93:ff:c1:a6:53:f0:06:
                    5b:9d:fd:06:62:57:b0:81:09:cf:30:a0:9b:75:15:
                    e1:62:a9:fd:30:1f:bd:8a:f1:3f:d9:7b:ca:de:d4:
                    01:2e:4e:97:71:d9:e7:53:26:d1:18:c1:e6:40:39:
                    79:4e:dd:b2:9a:c5:c0:60:7d:bb:04:81:d1:10:28:
                    2b:1d:a8:51:c8:11:7b:12:dc:98:f3:99:d1:fa:8d:
                    c0:8a:dc:30:a3:ff:73:77:6e:4c:69:87:5d:ae:19:
                    70:c3:a1:6a:64:f2:cc:c4:c3:d0:72:df:63:e5:33:
                    f6:ad:d5:4e:b3:4f:9c:41:12:b0:a8:ab:97:06:03:
                    38:e5:1a:39:52:9d:77:ec:99:21:d8:bb:19:6b:ca:
                    9f:c1:e6:c9:c9:44:94:f7:a0:9a:c6:7b:94:27:6b:
                    83:23:45:82:28:36:22:8d:37:02:c0:b9:73:8e:e6:
                    ae:98:b2:de:c4:43:97:9e:8b:29:69:88:fb:45:56:
                    d9:7c:45:b6:40:b1:65:f6:8f:5f:9a:9d:39:8a:30:
                    33:44:e6:a3:37:f7:6f:86:d4:d4:38:95:a9:a9:c0:
                    14:31:be:1d:3a:5d:96:cd:10:b7:1f:b0:7c:45:5d:
                    36:0f:25:a8:6b:99:64:6d:07:56:a9:54:37:f3:d6:
                    71:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:8E:0F:5F:EF:FC:64:16:C1:0D:AA:0E:18:B6:8C:31:6E:3B:26:33
            X509v3 Authority Key Identifier:
                keyid:29:19:46:18:44:54:98:24:50:0B:7C:D1:C4:51:D8:24:BA:6E:56:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRlGGERUmCRQC3zRxFHYJLpuVnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/d8c6f2-4191-46e6-8db6-b6ea82f19220/1/go4PX-_8ZBbBDaoOGLaMMW47JjM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/d8c6f2-4191-46e6-8db6-b6ea82f19220/1/KRlGGERUmCRQC3zRxFHYJLpuVnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.194.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:59:ea:62:c1:b1:b7:8d:ce:9d:f5:47:d8:8d:12:78:b8:53:
         72:47:a0:e1:96:04:f9:5e:e3:06:15:07:be:93:4c:ba:cb:29:
         1a:b8:94:b7:7c:89:94:9e:d5:b8:4b:4c:39:97:2d:3c:b2:a3:
         c4:c3:70:cd:ed:e4:56:d3:8f:c5:01:69:94:68:72:f5:68:0d:
         6b:e8:e0:2b:6f:b7:4d:b2:69:d6:64:0b:20:fd:a4:7b:a5:a0:
         2d:99:dc:84:1d:6e:b8:e5:79:d5:9c:b4:ba:0e:76:0c:8c:27:
         d2:1d:72:f5:4f:f3:d2:cb:e3:dc:22:4e:68:39:c9:21:53:56:
         25:bc:f7:58:6e:b5:db:13:d6:a8:fc:75:74:8d:33:bb:04:84:
         63:52:a0:03:3b:ab:b8:17:7d:90:9c:db:45:4f:04:15:8e:db:
         1a:5c:f8:4c:28:a0:fa:dd:f1:01:a4:08:42:7d:fc:ad:10:8f:
         b3:da:f2:f7:80:fe:3a:e9:62:00:8e:ac:68:01:af:45:e4:45:
         14:e9:b4:1c:22:87:33:f4:32:78:fb:ad:95:1b:3a:5a:93:1d:
         9f:f7:c0:cb:a9:12:ef:ea:4c:74:e7:6e:9c:9c:04:0c:c2:e2:
         b4:45:87:46:c6:4e:39:6d:2c:9a:fe:d1:13:7a:ab:33:6f:bd:
         78:dd:81:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3TmkY9Wokie9rKi3InsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTk0NjE4NDQ1NDk4MjQ1MDBiN2NkMWM0NTFkODI0YmE2
ZTU2NzcwHhcNMjMwMTAxMTUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjhlMGY1ZmVmZmM2NDE2YzEwZGFhMGUxOGI2OGMzMTZlM2IyNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCmH1TLGMpP/waZT8AZbnf0GYlew
gQnPMKCbdRXhYqn9MB+9ivE/2XvK3tQBLk6XcdnnUybRGMHmQDl5Tt2ymsXAYH27
BIHRECgrHahRyBF7EtyY85nR+o3Aitwwo/9zd25MaYddrhlww6FqZPLMxMPQct9j
5TP2rdVOs0+cQRKwqKuXBgM45Ro5Up137Jkh2LsZa8qfwebJyUSU96CaxnuUJ2uD
I0WCKDYijTcCwLlzjuaumLLexEOXnospaYj7RVbZfEW2QLFl9o9fmp05ijAzROaj
N/dvhtTUOJWpqcAUMb4dOl2WzRC3H7B8RV02DyWoa5lkbQdWqVQ389ZxHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKOD1/v/GQWwQ2qDhi2jDFuOyYzMB8GA1UdIwQY
MBaAFCkZRhhEVJgkUAt80cRR2CS6blZ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JsR0dFUlVtQ1JRQzN6UnhGSFlKTHB1Vm5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kOGM2ZjItNDE5MS00NmU2LThkYjYt
YjZlYTgyZjE5MjIwLzEvZ280UFgtXzhaQmJCRGFvT0dMYU1NVzQ3SmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kOGM2ZjItNDE5MS00NmU2LThkYjYtYjZlYTgyZjE5MjIw
LzEvS1JsR0dFUlVtQ1JRQzN6UnhGSFlKTHB1Vm5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8JOMA0G
CSqGSIb3DQEBCwUAA4IBAQAeWepiwbG3jc6d9UfYjRJ4uFNyR6DhlgT5XuMGFQe+
k0y6yykauJS3fImUntW4S0w5ly08sqPEw3DN7eRW04/FAWmUaHL1aA1r6OArb7dN
smnWZAsg/aR7paAtmdyEHW645XnVnLS6DnYMjCfSHXL1T/PSy+PcIk5oOckhU1Yl
vPdYbrXbE9ao/HV0jTO7BIRjUqADO6u4F32QnNtFTwQVjtsaXPhMKKD63fEBpAhC
ffytEI+z2vL3gP466WIAjqxoAa9F5EUU6bQcIocz9DJ4+62VGzpakx2f98DLqRLv
6kx0526cnAQMwuK0RYdGxk45bSya/tETeqszb7143YFr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:46 2024 by rpki-client on console-ams.rpki-client.org