Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/AM8VkBWv89nkjDPmc-Pr41wc7eg.roa
File:                     AM8VkBWv89nkjDPmc-Pr41wc7eg.roa (raw, json)
Hash identifier:          fuTNmVfZHh5ItVkT3ebL781IQW18b2GTAK56zPf/ars=
Subject key identifier:   00:CF:15:90:15:AF:F3:D9:E4:8C:33:E6:73:E3:EB:E3:5C:1C:ED:E8
Certificate issuer:       /CN=71ee7ed4a6a91054e6bc2498693fe0c2f862101d
Certificate serial:       0185729EF32E275608E2935C869148A8F885
Authority key identifier: 71:EE:7E:D4:A6:A9:10:54:E6:BC:24:98:69:3F:E0:C2:F8:62:10:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ce5-1KapEFTmvCSYaT_gwvhiEB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/AM8VkBWv89nkjDPmc-Pr41wc7eg.roa
Signing time:             Mon 02 Jan 2023 13:14:57 +0000
ROA not before:           Mon 02 Jan 2023 13:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     196721
IP address blocks:        91.212.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:f3:2e:27:56:08:e2:93:5c:86:91:48:a8:f8:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71ee7ed4a6a91054e6bc2498693fe0c2f862101d
        Validity
            Not Before: Jan  2 13:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00cf159015aff3d9e48c33e673e3ebe35c1cede8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e5:04:92:6f:c0:6c:52:49:2a:5a:cb:20:83:
                    87:81:98:1f:e1:f5:00:cf:90:07:13:31:ca:db:63:
                    5f:fd:fc:85:f7:17:e5:46:9a:de:88:a0:b6:44:6c:
                    63:52:d9:a8:a9:87:ad:60:61:07:10:81:7e:5b:60:
                    b8:ab:43:61:16:dd:a2:d8:27:79:7a:b8:f2:0f:28:
                    02:70:aa:b8:12:4e:ce:69:1e:53:c2:13:6c:6f:12:
                    a9:5e:f3:46:0c:a5:d5:82:be:f0:08:6c:a1:a9:43:
                    e9:62:cf:1f:39:79:e5:f8:bf:94:78:1f:3e:c9:78:
                    d4:8b:21:02:28:d8:dc:02:e1:79:ee:f4:8f:f5:f5:
                    f1:c7:82:10:4c:e2:86:7b:a7:4b:69:b3:90:f0:37:
                    da:87:b9:cd:1d:9f:98:cf:a3:0c:d9:06:41:53:7a:
                    82:9b:6a:ac:87:1b:9b:8e:b6:d0:d4:a1:04:f0:02:
                    b5:bf:d3:be:4c:71:b1:75:46:6e:2d:5c:ce:88:0d:
                    cb:65:e2:7b:98:ad:f5:92:21:06:6b:2e:46:cd:79:
                    01:1a:8e:ad:2d:de:85:c6:c5:89:4a:34:4b:73:79:
                    e2:77:3c:c5:3b:a6:8a:9d:64:61:32:91:04:da:36:
                    11:19:65:16:61:fa:26:3f:b3:a7:9a:ac:48:8a:86:
                    55:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:CF:15:90:15:AF:F3:D9:E4:8C:33:E6:73:E3:EB:E3:5C:1C:ED:E8
            X509v3 Authority Key Identifier:
                keyid:71:EE:7E:D4:A6:A9:10:54:E6:BC:24:98:69:3F:E0:C2:F8:62:10:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce5-1KapEFTmvCSYaT_gwvhiEB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/AM8VkBWv89nkjDPmc-Pr41wc7eg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/ce5-1KapEFTmvCSYaT_gwvhiEB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.212.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:c0:91:4f:a1:f3:ce:e7:93:5c:e7:ee:fc:49:cd:61:20:e1:
         55:c4:17:ac:25:99:a1:55:1b:ab:2c:a0:47:f2:fb:33:42:33:
         7b:05:12:fe:75:fe:9e:03:44:d0:67:c8:c4:6f:3b:4e:8d:e8:
         24:e3:6d:b7:36:e2:59:58:34:94:e3:6a:41:73:07:0b:0a:ce:
         b1:5e:29:94:59:ca:f9:d5:e7:c9:46:b3:6f:9e:08:d4:3f:25:
         c1:bb:26:33:93:7d:13:b5:0b:38:a0:f5:e3:51:8f:95:14:50:
         f8:54:3b:02:e2:8c:c6:93:91:2e:ea:3d:50:9e:0a:b5:29:8c:
         d7:2a:2f:25:df:5e:95:1b:29:3b:cb:6c:e5:0d:43:f5:ac:46:
         f3:c8:e2:ed:09:d6:7c:80:db:12:66:c7:e8:e9:65:ab:4a:61:
         9f:84:28:0b:80:c0:48:8f:61:2c:51:c1:e8:7c:50:48:61:0f:
         35:95:cc:26:48:57:79:8c:db:b9:0d:53:30:87:e5:d9:11:fa:
         41:d2:ff:2b:b9:30:1c:49:d9:4c:a7:3f:1c:38:10:f0:8a:45:
         0b:d8:91:09:4e:8a:13:21:02:db:26:8d:58:67:87:96:fd:38:
         c4:30:6f:a5:90:53:de:8e:64:f0:e5:c5:cb:95:9a:97:4a:72:
         cc:15:34:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynvMuJ1YI4pNchpFIqPiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZWU3ZWQ0YTZhOTEwNTRlNmJjMjQ5ODY5M2ZlMGMyZjg2
MjEwMWQwHhcNMjMwMTAyMTMxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNmMTU5MDE1YWZmM2Q5ZTQ4YzMzZTY3M2UzZWJlMzVjMWNlZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleUEkm/AbFJJKlrLIIOHgZgf4fUA
z5AHEzHK22Nf/fyF9xflRpreiKC2RGxjUtmoqYetYGEHEIF+W2C4q0NhFt2i2Cd5
erjyDygCcKq4Ek7OaR5TwhNsbxKpXvNGDKXVgr7wCGyhqUPpYs8fOXnl+L+UeB8+
yXjUiyECKNjcAuF57vSP9fXxx4IQTOKGe6dLabOQ8Dfah7nNHZ+Yz6MM2QZBU3qC
m2qshxubjrbQ1KEE8AK1v9O+THGxdUZuLVzOiA3LZeJ7mK31kiEGay5GzXkBGo6t
Ld6FxsWJSjRLc3nidzzFO6aKnWRhMpEE2jYRGWUWYfomP7OnmqxIioZVpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADPFZAVr/PZ5Iwz5nPj6+NcHO3oMB8GA1UdIwQY
MBaAFHHuftSmqRBU5rwkmGk/4ML4YhAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2U1LTFLYXBFRlRtdkNTWWFUX2d3dmhpRUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MzhlZGItZDlmZi00YWY1LTgzNDEt
ZmM1Y2M2NGRiNzQ5LzEvQU04VmtCV3Y4OW5rakRQbWMtUHI0MXdjN2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MzhlZGItZDlmZi00YWY1LTgzNDEtZmM1Y2M2NGRiNzQ5
LzEvY2U1LTFLYXBFRlRtdkNTWWFUX2d3dmhpRUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RRMA0G
CSqGSIb3DQEBCwUAA4IBAQCiwJFPofPO55Nc5+78Sc1hIOFVxBesJZmhVRurLKBH
8vszQjN7BRL+df6eA0TQZ8jEbztOjegk4223NuJZWDSU42pBcwcLCs6xXimUWcr5
1efJRrNvngjUPyXBuyYzk30TtQs4oPXjUY+VFFD4VDsC4ozGk5Eu6j1Qngq1KYzX
Ki8l316VGyk7y2zlDUP1rEbzyOLtCdZ8gNsSZsfo6WWrSmGfhCgLgMBIj2EsUcHo
fFBIYQ81lcwmSFd5jNu5DVMwh+XZEfpB0v8ruTAcSdlMpz8cOBDwikUL2JEJTooT
IQLbJo1YZ4eW/TjEMG+lkFPejmTw5cXLlZqXSnLMFTTm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:59 2024 by rpki-client on console-fra.rpki-client.org