Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/78QeTt3y83MEMNhUpk8s_8xhCkc.roa
File:                     78QeTt3y83MEMNhUpk8s_8xhCkc.roa (raw, json)
Hash identifier:          WNfKiWBn4A2seB7Vupyoa6OiLGcu2iF+RpP8ZkmZs8U=
Subject key identifier:   EF:C4:1E:4E:DD:F2:F3:73:04:30:D8:54:A6:4F:2C:FF:CC:61:0A:47
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       0188A3BD9B01952BB5E79A7E6E9D93EED5E5
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/78QeTt3y83MEMNhUpk8s_8xhCkc.roa
Signing time:             Sat 10 Jun 2023 05:18:12 +0000
ROA not before:           Sat 10 Jun 2023 05:18:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.225.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 14 Jun 2023 03:54:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:a3:bd:9b:01:95:2b:b5:e7:9a:7e:6e:9d:93:ee:d5:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Jun 10 05:18:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=efc41e4eddf2f3730430d854a64f2cffcc610a47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f3:da:8a:f0:d1:fe:e3:65:bb:4c:4c:20:17:
                    90:fa:ed:0c:96:51:e0:43:62:2f:c5:42:35:22:ea:
                    bd:d6:c1:8a:47:d3:95:30:f8:9f:ed:e8:68:4d:4b:
                    e7:2d:e1:c3:93:48:26:e2:ce:27:8f:3e:42:0d:c2:
                    90:c7:31:b6:11:ad:23:62:f8:6a:93:60:47:46:55:
                    f4:59:45:76:23:ea:de:e5:4d:5d:04:ef:b2:e4:b6:
                    be:3d:ec:35:55:a2:1a:7b:bf:7c:49:d5:5f:41:89:
                    8f:f5:33:69:3a:4e:15:40:cb:f9:b4:6c:fd:be:08:
                    4d:48:20:2d:c7:24:03:74:23:7d:6e:f6:db:7f:f2:
                    59:c8:7e:f4:c7:d0:28:6d:a8:21:53:b5:4e:41:11:
                    e5:9d:af:42:34:8b:2b:7f:bd:e4:4e:00:cf:e8:36:
                    ff:e8:a6:e1:a3:b1:97:cd:76:4c:10:bf:65:72:31:
                    20:52:9f:ed:b9:03:c0:2b:7e:e1:df:6f:59:00:d0:
                    78:09:00:63:f6:46:01:e6:af:93:3c:89:3f:45:88:
                    d3:dd:e9:9c:48:7d:08:df:fb:8a:53:43:ae:b1:d1:
                    1a:31:c3:c9:1c:46:98:b5:96:5a:ca:7f:31:fb:7d:
                    f2:db:24:40:05:9b:28:8f:80:c3:e8:5b:d7:be:bf:
                    fe:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:C4:1E:4E:DD:F2:F3:73:04:30:D8:54:A6:4F:2C:FF:CC:61:0A:47
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/78QeTt3y83MEMNhUpk8s_8xhCkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:36:6a:68:ba:03:70:6f:c1:00:17:48:36:44:b2:6c:ad:19:
         13:ee:03:6b:ca:a8:74:cb:8f:98:9b:a9:70:79:a4:d6:b6:74:
         d9:6b:ed:fb:f3:b1:9f:80:3c:f4:cc:fa:0b:b9:c7:e5:33:49:
         08:d9:24:f9:5c:50:42:ec:88:6d:32:e3:83:69:9b:93:cb:7c:
         31:9a:e5:6c:7f:e4:8b:6f:8d:f6:61:d2:e1:85:83:77:98:97:
         8d:cb:9e:32:6c:c7:9b:c2:82:3a:8d:e3:29:80:4c:1d:39:3d:
         51:70:42:75:65:30:ed:d5:0a:f1:e6:f1:5d:69:1e:ee:ff:23:
         5f:09:4e:5f:6d:0c:74:0d:d8:37:cd:08:15:73:e2:4a:6a:4b:
         25:e6:50:5e:c4:1c:63:11:e3:57:10:0f:90:4a:d5:60:86:4f:
         02:cf:23:75:0f:5a:58:6f:df:89:c0:5b:79:64:fe:12:22:6c:
         e2:c1:a3:eb:0a:f6:76:07:35:d8:04:f3:7e:c6:54:a8:57:d6:
         f3:ac:85:ef:18:91:e6:54:4b:ad:17:33:3d:4c:79:60:70:ef:
         2b:4d:b6:25:07:1e:c8:b7:e5:70:f8:91:c3:31:1a:a9:ac:05:
         15:eb:c5:f1:61:e7:d8:33:2f:ff:17:27:a0:1a:ac:22:b9:2a:
         d0:b4:fb:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYijvZsBlSu155p+bp2T7tXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNjEwMDUxODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmM0MWU0ZWRkZjJmMzczMDQzMGQ4NTRhNjRmMmNmZmNjNjEwYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/PaivDR/uNlu0xMIBeQ+u0MllHg
Q2IvxUI1Iuq91sGKR9OVMPif7ehoTUvnLeHDk0gm4s4njz5CDcKQxzG2Ea0jYvhq
k2BHRlX0WUV2I+re5U1dBO+y5La+Pew1VaIae798SdVfQYmP9TNpOk4VQMv5tGz9
vghNSCAtxyQDdCN9bvbbf/JZyH70x9AobaghU7VOQRHlna9CNIsrf73kTgDP6Db/
6Kbho7GXzXZMEL9lcjEgUp/tuQPAK37h329ZANB4CQBj9kYB5q+TPIk/RYjT3emc
SH0I3/uKU0OusdEaMcPJHEaYtZZayn8x+33y2yRABZsoj4DD6FvXvr/+1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/EHk7d8vNzBDDYVKZPLP/MYQpHMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvNzhRZVR0M3k4M01FTU5oVXBrOHNfOHhoQ2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+HiMA0G
CSqGSIb3DQEBCwUAA4IBAQBMNmpougNwb8EAF0g2RLJsrRkT7gNryqh0y4+Ym6lw
eaTWtnTZa+3787GfgDz0zPoLucflM0kI2ST5XFBC7IhtMuODaZuTy3wxmuVsf+SL
b432YdLhhYN3mJeNy54ybMebwoI6jeMpgEwdOT1RcEJ1ZTDt1Qrx5vFdaR7u/yNf
CU5fbQx0Ddg3zQgVc+JKaksl5lBexBxjEeNXEA+QStVghk8CzyN1D1pYb9+JwFt5
ZP4SImziwaPrCvZ2BzXYBPN+xlSoV9bzrIXvGJHmVEutFzM9THlgcO8rTbYlBx7I
t+Vw+JHDMRqprAUV68XxYefYMy//FyegGqwiuSrQtPti
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org