Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/g_aXHXMl_GgDmbWelcxghi_kf4g.roa
File:                     g_aXHXMl_GgDmbWelcxghi_kf4g.roa (raw, json)
Hash identifier:          BxeRFAH/kAZglzjfUC5S+Bj5766OqjUH/3JBS4mAjpI=
Subject key identifier:   83:F6:97:1D:73:25:FC:68:03:99:B5:9E:95:CC:60:86:2F:E4:7F:88
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       0187701C32059A3F4B632AD32358663283EF
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/g_aXHXMl_GgDmbWelcxghi_kf4g.roa
Signing time:             Tue 11 Apr 2023 11:38:28 +0000
ROA not before:           Tue 11 Apr 2023 11:38:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212219
IP address blocks:        91.225.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 18:46:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:1c:32:05:9a:3f:4b:63:2a:d3:23:58:66:32:83:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Apr 11 11:38:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83f6971d7325fc680399b59e95cc60862fe47f88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:eb:05:bd:f3:72:7f:73:52:f2:88:3e:90:46:
                    ff:22:ed:a8:7a:8b:a4:2f:28:78:6e:87:e4:7e:36:
                    68:18:62:d4:75:a2:6d:ab:01:5a:b4:cf:0a:55:39:
                    ea:17:ed:52:41:c0:f5:c0:64:d4:ce:ca:79:f2:77:
                    f1:08:94:ed:8f:d3:fc:ba:de:aa:c0:7b:8c:5d:c7:
                    d3:f9:25:a0:38:8d:ec:5e:21:ff:e9:5a:e1:28:2e:
                    b1:2d:83:79:bc:38:11:c8:8c:f7:2a:a5:3b:95:04:
                    3d:0f:7b:f9:d7:c4:62:0f:dd:ac:59:a5:ff:3a:4b:
                    10:24:7d:cb:94:2f:35:bc:19:50:fe:83:76:e3:8a:
                    19:05:5d:e1:5e:86:d0:43:b9:52:3f:45:8f:b3:e2:
                    b4:a0:b7:9d:ef:b4:4d:5b:2d:d0:3d:7f:38:37:8b:
                    61:14:6d:b0:8f:f5:94:cc:fd:c8:b8:a7:0b:9f:49:
                    7e:5f:53:ae:2e:3e:11:83:aa:60:ea:d6:eb:5b:32:
                    63:8b:e4:98:8d:26:ca:4d:6c:b8:63:58:eb:28:c5:
                    b9:80:0c:b9:89:63:c5:e9:63:a0:38:f2:86:2a:d3:
                    e4:7e:bb:58:f1:b4:c2:e8:5e:9e:d3:4a:36:91:c1:
                    3f:98:fc:e8:09:bf:7a:b0:99:ea:3c:c4:ab:6c:56:
                    57:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:F6:97:1D:73:25:FC:68:03:99:B5:9E:95:CC:60:86:2F:E4:7F:88
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/g_aXHXMl_GgDmbWelcxghi_kf4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:ba:8a:ac:eb:1f:f6:c2:9d:36:eb:db:70:26:33:4b:94:30:
         54:d9:ca:26:19:69:bd:3b:ed:21:87:b5:72:cb:ba:8c:13:c0:
         7b:a1:0e:f6:21:ad:d3:fb:31:33:db:b6:ef:61:23:bc:9a:64:
         82:f1:7d:3a:80:28:aa:41:2d:4f:96:cf:5d:44:8a:43:63:02:
         37:84:3c:80:a8:c9:43:8c:a5:e5:ed:d6:ee:64:93:be:44:03:
         e2:b6:94:a1:99:46:9c:0c:5a:4c:90:ed:46:d3:41:99:18:e5:
         23:93:58:81:e0:06:b3:71:6f:e2:12:33:43:29:29:2a:9e:b1:
         de:c3:1d:33:4c:80:80:2d:cc:d9:46:59:5d:31:46:2f:05:00:
         85:87:ba:6c:51:4e:02:10:04:8d:4a:cb:73:4a:d1:6c:d8:ca:
         68:d9:71:a1:0d:5a:5f:2b:27:83:e0:8c:8f:2b:d7:e0:97:2d:
         d2:3c:6a:84:da:1c:ac:4a:03:99:64:ac:67:a0:52:54:e8:7e:
         0c:b3:ce:4b:af:1d:e4:49:04:39:ea:d7:d5:6c:e3:b5:e0:3e:
         53:fe:c3:5f:22:32:a4:d1:fd:a3:ca:20:e0:49:e6:80:a3:12:
         90:7a:7a:a9:bb:b1:8d:92:75:38:ee:c7:62:2a:3b:bc:1b:9d:
         0f:a4:42:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdwHDIFmj9LYyrTI1hmMoPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNDExMTEzODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y2OTcxZDczMjVmYzY4MDM5OWI1OWU5NWNjNjA4NjJmZTQ3Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOsFvfNyf3NS8og+kEb/Iu2oeouk
Lyh4bofkfjZoGGLUdaJtqwFatM8KVTnqF+1SQcD1wGTUzsp58nfxCJTtj9P8ut6q
wHuMXcfT+SWgOI3sXiH/6VrhKC6xLYN5vDgRyIz3KqU7lQQ9D3v518RiD92sWaX/
OksQJH3LlC81vBlQ/oN244oZBV3hXobQQ7lSP0WPs+K0oLed77RNWy3QPX84N4th
FG2wj/WUzP3IuKcLn0l+X1OuLj4Rg6pg6tbrWzJji+SYjSbKTWy4Y1jrKMW5gAy5
iWPF6WOgOPKGKtPkfrtY8bTC6F6e00o2kcE/mPzoCb96sJnqPMSrbFZXmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIP2lx1zJfxoA5m1npXMYIYv5H+IMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvZ19hWEhYTWxfR2dEbWJXZWxjeGdoaV9rZjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+HhMA0G
CSqGSIb3DQEBCwUAA4IBAQAKuoqs6x/2wp0269twJjNLlDBU2comGWm9O+0hh7Vy
y7qME8B7oQ72Ia3T+zEz27bvYSO8mmSC8X06gCiqQS1Pls9dRIpDYwI3hDyAqMlD
jKXl7dbuZJO+RAPitpShmUacDFpMkO1G00GZGOUjk1iB4AazcW/iEjNDKSkqnrHe
wx0zTICALczZRlldMUYvBQCFh7psUU4CEASNSstzStFs2Mpo2XGhDVpfKyeD4IyP
K9fgly3SPGqE2hysSgOZZKxnoFJU6H4Ms85Lrx3kSQQ56tfVbOO14D5T/sNfIjKk
0f2jyiDgSeaAoxKQenqpu7GNknU47sdiKju8G50PpEL+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org