Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/dWe_CNgHS4RZH1nppmyvSFmQOSs.roa
File:                     dWe_CNgHS4RZH1nppmyvSFmQOSs.roa (raw, json)
Hash identifier:          cpxQNX+RWRELBeY0Qt80Oz20BAxyPrW86OG4wynX5YE=
Subject key identifier:   75:67:BF:08:D8:07:4B:84:59:1F:59:E9:A6:6C:AF:48:59:90:39:2B
Certificate issuer:       /CN=6416bc721c740c10fc7b0d8b1b358a2d35f488b7
Certificate serial:       018A654F42C545C582627A41C9383E8FC163
Authority key identifier: 64:16:BC:72:1C:74:0C:10:FC:7B:0D:8B:1B:35:8A:2D:35:F4:88:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZBa8chx0DBD8ew2LGzWKLTX0iLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/dWe_CNgHS4RZH1nppmyvSFmQOSs.roa
Signing time:             Tue 05 Sep 2023 12:26:47 +0000
ROA not before:           Tue 05 Sep 2023 12:26:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57570
IP address blocks:        91.232.230.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:65:4f:42:c5:45:c5:82:62:7a:41:c9:38:3e:8f:c1:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6416bc721c740c10fc7b0d8b1b358a2d35f488b7
        Validity
            Not Before: Sep  5 12:26:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7567bf08d8074b84591f59e9a66caf485990392b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:65:b4:07:1a:1d:52:42:d2:5a:ad:8b:b9:2e:
                    f8:b4:a3:4a:6c:59:28:81:43:bb:a1:39:c1:be:71:
                    8b:48:50:d6:61:56:6d:d1:29:76:a1:f8:40:04:7f:
                    ee:ff:ea:1b:15:c3:82:78:e8:ea:23:06:eb:4e:be:
                    bd:3d:c9:3f:2a:dc:1d:66:2a:ca:1d:ed:b3:ae:83:
                    ab:52:c9:4a:08:f7:e3:04:33:fb:d0:88:e7:12:34:
                    47:1f:a2:b0:dc:90:ed:f1:c5:04:6e:39:04:87:08:
                    3d:fc:12:36:0c:3f:7e:a6:3d:27:e3:25:3b:86:99:
                    55:28:a9:13:97:3e:26:b0:0f:cb:7d:c7:19:6f:18:
                    72:2b:4f:42:c6:5b:e3:28:95:c6:7e:08:ef:34:b6:
                    23:a9:bc:83:0a:8e:39:c0:9f:a6:ef:06:2d:ad:f2:
                    28:11:a2:3f:bb:09:61:ca:7b:9b:20:05:75:03:ac:
                    26:25:bd:d3:1a:eb:a9:6e:de:47:34:63:5e:4c:58:
                    39:12:2e:fc:06:f9:25:ba:75:b5:52:6a:74:da:1b:
                    13:b2:d4:4b:e4:33:38:f1:3d:39:2c:53:7b:7d:3a:
                    93:bb:c9:b1:3d:95:3c:92:e0:45:c4:28:1a:0f:aa:
                    90:d6:60:32:6c:9e:b6:1c:c6:58:2c:7e:40:a5:ab:
                    e9:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:67:BF:08:D8:07:4B:84:59:1F:59:E9:A6:6C:AF:48:59:90:39:2B
            X509v3 Authority Key Identifier:
                keyid:64:16:BC:72:1C:74:0C:10:FC:7B:0D:8B:1B:35:8A:2D:35:F4:88:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBa8chx0DBD8ew2LGzWKLTX0iLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/dWe_CNgHS4RZH1nppmyvSFmQOSs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/ZBa8chx0DBD8ew2LGzWKLTX0iLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         69:7e:1f:3a:01:9b:b0:71:29:c0:e3:ae:77:24:47:1f:ea:30:
         13:02:0d:cb:a9:6a:8a:39:9c:bb:94:10:50:00:62:77:f6:15:
         d0:1e:c7:b9:a8:6d:97:d2:66:d6:11:e6:ba:57:af:62:15:c0:
         f3:7c:94:22:f9:77:4a:3f:99:5c:26:a3:f5:ff:20:88:7b:ef:
         cd:1e:cc:8a:90:f9:68:04:cb:24:b1:58:34:05:3d:1b:b7:9c:
         3f:68:8c:be:98:8d:31:d8:4f:2d:f5:fd:13:b9:1c:ac:2c:cf:
         e6:98:6f:70:bf:d2:e4:bb:8b:b9:91:4a:7d:4d:7e:7e:e3:44:
         26:48:5c:28:29:78:cd:0c:14:f3:32:7e:66:f0:80:58:89:5a:
         1a:da:57:5d:95:f7:1e:55:e0:67:1e:e8:96:86:38:fa:bc:07:
         89:a9:86:72:eb:c0:97:36:43:00:36:88:8f:e6:36:c7:7c:a9:
         50:e8:68:76:0e:90:b0:3d:6c:70:82:fd:46:e2:6f:29:57:b7:
         74:ae:d7:34:8a:01:9a:03:04:af:6c:5f:27:e3:d0:bd:4f:68:
         61:1b:92:08:f6:03:f7:3d:da:38:93:01:40:29:75:38:89:a4:
         13:a4:0b:ff:f2:af:70:f4:d4:2e:6c:1a:e9:19:e6:ac:1d:7f:
         fb:ec:3f:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYplT0LFRcWCYnpByTg+j8FjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTZiYzcyMWM3NDBjMTBmYzdiMGQ4YjFiMzU4YTJkMzVm
NDg4YjcwHhcNMjMwOTA1MTIyNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTY3YmYwOGQ4MDc0Yjg0NTkxZjU5ZTlhNjZjYWY0ODU5OTAzOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2W0BxodUkLSWq2LuS74tKNKbFko
gUO7oTnBvnGLSFDWYVZt0Sl2ofhABH/u/+obFcOCeOjqIwbrTr69Pck/KtwdZirK
He2zroOrUslKCPfjBDP70IjnEjRHH6Kw3JDt8cUEbjkEhwg9/BI2DD9+pj0n4yU7
hplVKKkTlz4msA/LfccZbxhyK09CxlvjKJXGfgjvNLYjqbyDCo45wJ+m7wYtrfIo
EaI/uwlhynubIAV1A6wmJb3TGuupbt5HNGNeTFg5Ei78BvklunW1Ump02hsTstRL
5DM48T05LFN7fTqTu8mxPZU8kuBFxCgaD6qQ1mAybJ62HMZYLH5ApavpfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHVnvwjYB0uEWR9Z6aZsr0hZkDkrMB8GA1UdIwQY
MBaAFGQWvHIcdAwQ/HsNixs1ii019Ii3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJhOGNoeDBEQkQ4ZXcyTEd6V0tMVFgwaUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy82ZGIyNjQtNzNkNC00M2FjLWE5N2Ut
NTkwYjFiMmE0NjA5LzEvZFdlX0NOZ0hTNFJaSDFucHBteXZTRm1RT1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy82ZGIyNjQtNzNkNC00M2FjLWE5N2UtNTkwYjFiMmE0NjA5
LzEvWkJhOGNoeDBEQkQ4ZXcyTEd6V0tMVFgwaUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+jmMA0G
CSqGSIb3DQEBCwUAA4IBAQBpfh86AZuwcSnA4653JEcf6jATAg3LqWqKOZy7lBBQ
AGJ39hXQHse5qG2X0mbWEea6V69iFcDzfJQi+XdKP5lcJqP1/yCIe+/NHsyKkPlo
BMsksVg0BT0bt5w/aIy+mI0x2E8t9f0TuRysLM/mmG9wv9Lku4u5kUp9TX5+40Qm
SFwoKXjNDBTzMn5m8IBYiVoa2lddlfceVeBnHuiWhjj6vAeJqYZy68CXNkMANoiP
5jbHfKlQ6Gh2DpCwPWxwgv1G4m8pV7d0rtc0igGaAwSvbF8n49C9T2hhG5II9gP3
Pdo4kwFAKXU4iaQTpAv/8q9w9NQubBrpGeasHX/77D/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:03 2024 by rpki-client on console-ams.rpki-client.org