Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d7d5cd-79a9-4c82-8fc4-046d2e2adcd5/1/pAzv9F4PHc4zYo2DgJXGT32jrfg.roa
File:                     pAzv9F4PHc4zYo2DgJXGT32jrfg.roa (raw, json)
Hash identifier:          JMqa5bSfor0xCuE7AsWpdvauC3scJDZFSr0dXHEwYSU=
Subject key identifier:   A4:0C:EF:F4:5E:0F:1D:CE:33:62:8D:83:80:95:C6:4F:7D:A3:AD:F8
Certificate issuer:       /CN=ce7180c4bad3cf425a50672e1cb7a9d2ac78e20c
Certificate serial:       0185724C89B98BE67B0088FBAA238EE55003
Authority key identifier: CE:71:80:C4:BA:D3:CF:42:5A:50:67:2E:1C:B7:A9:D2:AC:78:E2:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/znGAxLrTz0JaUGcuHLep0qx44gw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/d7d5cd-79a9-4c82-8fc4-046d2e2adcd5/1/pAzv9F4PHc4zYo2DgJXGT32jrfg.roa
Signing time:             Mon 02 Jan 2023 11:44:56 +0000
ROA not before:           Mon 02 Jan 2023 11:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30781
IP address blocks:        91.234.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:4c:89:b9:8b:e6:7b:00:88:fb:aa:23:8e:e5:50:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce7180c4bad3cf425a50672e1cb7a9d2ac78e20c
        Validity
            Not Before: Jan  2 11:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a40ceff45e0f1dce33628d838095c64f7da3adf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0e:73:8a:71:03:11:98:c6:f7:fa:51:44:bf:
                    63:66:52:15:fd:6d:11:71:b2:b8:07:37:c4:9f:0f:
                    26:ab:41:89:ee:47:13:5b:71:e5:a5:13:24:91:e0:
                    cd:f0:09:40:33:12:d9:5a:ce:a2:cf:7a:ac:60:d4:
                    84:89:cd:84:be:2c:51:21:69:ae:49:f3:7c:b2:22:
                    62:11:bf:27:d6:86:da:ae:00:e2:8d:24:f1:c3:e9:
                    22:3c:ff:27:f6:25:fb:fa:62:0d:d6:66:d0:ca:a3:
                    9b:bb:8e:17:c7:c3:5c:84:39:20:5c:4c:88:69:57:
                    f3:84:e4:24:31:e8:98:09:34:e3:e1:10:35:3a:26:
                    64:f7:5f:60:eb:5c:9c:a7:ef:5a:5a:6c:72:c7:ac:
                    e8:c7:ab:22:cd:5f:ac:8e:05:8c:1a:b7:a1:3d:43:
                    9f:c9:3a:ff:48:cf:7d:05:74:58:24:c9:ac:f5:47:
                    7d:90:72:1a:f3:cd:12:57:a5:6a:a1:74:e1:15:6e:
                    04:02:4a:cb:05:bb:41:4a:a7:c8:9f:b6:eb:23:25:
                    8f:53:e7:53:88:3a:a5:34:93:c0:e4:cc:fa:8e:2f:
                    cd:d8:a6:40:63:59:79:8c:36:2a:0b:ef:bf:02:2f:
                    09:7e:ea:79:ed:46:e3:31:c9:1b:9d:e9:4a:73:3a:
                    7f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:0C:EF:F4:5E:0F:1D:CE:33:62:8D:83:80:95:C6:4F:7D:A3:AD:F8
            X509v3 Authority Key Identifier:
                keyid:CE:71:80:C4:BA:D3:CF:42:5A:50:67:2E:1C:B7:A9:D2:AC:78:E2:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znGAxLrTz0JaUGcuHLep0qx44gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d7d5cd-79a9-4c82-8fc4-046d2e2adcd5/1/pAzv9F4PHc4zYo2DgJXGT32jrfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d7d5cd-79a9-4c82-8fc4-046d2e2adcd5/1/znGAxLrTz0JaUGcuHLep0qx44gw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.234.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:d0:1d:ab:f4:4d:fe:16:54:17:2d:28:8c:c8:2c:96:12:de:
         de:2e:bf:9f:16:b9:b6:b2:2b:c4:28:07:93:9f:06:1f:da:cb:
         14:a5:d5:a8:d5:08:2f:dd:38:cf:26:7e:fb:3d:52:d8:de:52:
         fb:a5:f1:d0:43:75:02:64:07:ac:4c:77:ae:c1:32:c4:71:35:
         1e:81:67:f7:ac:f9:6e:9f:36:3c:62:40:97:cb:80:29:77:73:
         4d:e2:40:7c:e8:01:29:7e:fa:01:35:50:c9:04:bf:6d:8b:f3:
         58:34:e5:2d:8e:db:76:38:32:67:e3:57:2e:4f:6d:d0:35:4e:
         14:33:8b:8d:6f:ae:75:f8:e0:f0:d9:3f:bf:0e:40:ea:da:60:
         50:79:58:46:1f:5b:6d:86:4f:ad:4b:ae:45:62:99:d9:5b:43:
         d5:32:31:87:a4:83:38:3f:96:ca:cb:4a:a6:c6:ee:5a:b4:c6:
         4c:98:5e:2b:2e:20:50:22:98:12:d4:f8:88:2b:72:50:61:b6:
         51:b9:77:05:ae:2f:d7:95:7b:91:e1:1d:7b:da:8c:b6:89:56:
         fe:50:4d:87:d2:2b:f8:98:88:af:10:71:37:8d:72:b3:24:4a:
         73:a5:b4:71:23:4e:69:2d:9e:ba:82:86:f1:0c:5f:9f:1d:84:
         a0:6f:e9:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTIm5i+Z7AIj7qiOO5VADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNzE4MGM0YmFkM2NmNDI1YTUwNjcyZTFjYjdhOWQyYWM3
OGUyMGMwHhcNMjMwMTAyMTE0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDBjZWZmNDVlMGYxZGNlMzM2MjhkODM4MDk1YzY0ZjdkYTNhZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg5zinEDEZjG9/pRRL9jZlIV/W0R
cbK4BzfEnw8mq0GJ7kcTW3HlpRMkkeDN8AlAMxLZWs6iz3qsYNSEic2EvixRIWmu
SfN8siJiEb8n1obargDijSTxw+kiPP8n9iX7+mIN1mbQyqObu44Xx8NchDkgXEyI
aVfzhOQkMeiYCTTj4RA1OiZk919g61ycp+9aWmxyx6zox6sizV+sjgWMGrehPUOf
yTr/SM99BXRYJMms9Ud9kHIa880SV6VqoXThFW4EAkrLBbtBSqfIn7brIyWPU+dT
iDqlNJPA5Mz6ji/N2KZAY1l5jDYqC++/Ai8Jfup57UbjMckbnelKczp/VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQM7/ReDx3OM2KNg4CVxk99o634MB8GA1UdIwQY
MBaAFM5xgMS6089CWlBnLhy3qdKseOIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem5HQXhMclR6MEphVUdjdUhMZXAwcXg0NGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kN2Q1Y2QtNzlhOS00YzgyLThmYzQt
MDQ2ZDJlMmFkY2Q1LzEvcEF6djlGNFBIYzR6WW8yRGdKWEdUMzJqcmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kN2Q1Y2QtNzlhOS00YzgyLThmYzQtMDQ2ZDJlMmFkY2Q1
LzEvem5HQXhMclR6MEphVUdjdUhMZXAwcXg0NGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+oJMA0G
CSqGSIb3DQEBCwUAA4IBAQBG0B2r9E3+FlQXLSiMyCyWEt7eLr+fFrm2sivEKAeT
nwYf2ssUpdWo1Qgv3TjPJn77PVLY3lL7pfHQQ3UCZAesTHeuwTLEcTUegWf3rPlu
nzY8YkCXy4Apd3NN4kB86AEpfvoBNVDJBL9ti/NYNOUtjtt2ODJn41cuT23QNU4U
M4uNb651+ODw2T+/DkDq2mBQeVhGH1tthk+tS65FYpnZW0PVMjGHpIM4P5bKy0qm
xu5atMZMmF4rLiBQIpgS1PiIK3JQYbZRuXcFri/XlXuR4R172oy2iVb+UE2H0iv4
mIivEHE3jXKzJEpzpbRxI05pLZ66gobxDF+fHYSgb+kL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:59 2024 by rpki-client on console-ams.rpki-client.org