Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5f8a76-9215-45b5-938b-76e4e1c93606/1/OQPwPfhTh8-lY0QCUtqw9n_YtZ4.roa
File:                     OQPwPfhTh8-lY0QCUtqw9n_YtZ4.roa (raw, json)
Hash identifier:          flMPdwqog8uO2On1+gYy7Ay3VAIx+bNPBCE5bhCR/NM=
Subject key identifier:   39:03:F0:3D:F8:53:87:CF:A5:63:44:02:52:DA:B0:F6:7F:D8:B5:9E
Certificate issuer:       /CN=7dd51dc102a497518e16091e65e805c2438ef25b
Certificate serial:       018AA7B325573CA3FE4C7CA634B1D3892230
Authority key identifier: 7D:D5:1D:C1:02:A4:97:51:8E:16:09:1E:65:E8:05:C2:43:8E:F2:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fdUdwQKkl1GOFgkeZegFwkOO8ls.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/5f8a76-9215-45b5-938b-76e4e1c93606/1/OQPwPfhTh8-lY0QCUtqw9n_YtZ4.roa
Signing time:             Mon 18 Sep 2023 09:50:50 +0000
ROA not before:           Mon 18 Sep 2023 09:50:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52213
IP address blocks:        91.224.16.0/23 maxlen: 23
                          91.224.16.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Dec 2023 15:23:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a7:b3:25:57:3c:a3:fe:4c:7c:a6:34:b1:d3:89:22:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7dd51dc102a497518e16091e65e805c2438ef25b
        Validity
            Not Before: Sep 18 09:50:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3903f03df85387cfa563440252dab0f67fd8b59e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b5:73:4d:36:83:d3:10:03:c7:a9:f9:5e:79:
                    56:f6:f4:23:ac:8d:76:a1:fc:94:05:d9:d5:06:dd:
                    93:57:59:8c:ce:f1:cc:2e:7b:bf:da:b5:46:cf:08:
                    f3:25:17:28:36:c1:74:3a:f1:e0:6d:32:64:04:16:
                    37:7c:b6:b9:b6:11:12:b9:39:10:c4:6f:dd:ef:f4:
                    59:53:28:b4:c8:37:97:c8:33:5e:0b:67:ed:b1:c7:
                    fd:bf:f6:22:76:cd:41:da:38:97:52:e4:7a:83:2a:
                    02:a1:fc:63:3d:0f:af:b8:c7:08:51:e4:b8:2f:18:
                    bf:23:12:fd:57:1c:cf:e3:66:0a:ab:e8:d8:b0:28:
                    f1:22:3f:4b:3f:a8:90:c6:5c:1a:b7:35:d7:79:a6:
                    dd:15:5a:6c:1f:72:94:af:7e:d1:1d:bd:b7:48:03:
                    c7:0c:b7:8e:8e:10:d4:e9:7b:81:18:da:06:89:06:
                    9b:10:5f:36:a7:87:6d:e8:a6:b9:65:3e:18:4c:e4:
                    6c:fd:f4:c8:05:10:c7:45:b7:86:96:2a:21:bc:51:
                    c7:fd:3e:2b:53:9c:23:1b:9c:38:96:cb:90:9d:b7:
                    e4:b6:27:51:55:9a:43:75:62:72:7d:2e:9d:b2:35:
                    86:34:5b:7c:2b:ff:ff:d6:56:6b:d7:d6:da:d6:e3:
                    60:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:03:F0:3D:F8:53:87:CF:A5:63:44:02:52:DA:B0:F6:7F:D8:B5:9E
            X509v3 Authority Key Identifier:
                keyid:7D:D5:1D:C1:02:A4:97:51:8E:16:09:1E:65:E8:05:C2:43:8E:F2:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fdUdwQKkl1GOFgkeZegFwkOO8ls.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f8a76-9215-45b5-938b-76e4e1c93606/1/OQPwPfhTh8-lY0QCUtqw9n_YtZ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f8a76-9215-45b5-938b-76e4e1c93606/1/fdUdwQKkl1GOFgkeZegFwkOO8ls.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.224.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1a:66:7f:7a:c3:0f:4c:2d:fe:0c:e3:f1:67:b0:e4:5a:06:aa:
         be:73:6e:7c:6a:7e:f6:8a:4e:61:a7:d3:42:dc:b5:91:7d:55:
         34:79:7f:fd:5f:21:8a:f2:20:24:80:56:02:76:40:62:33:1d:
         5e:0c:8d:60:1a:c9:46:6d:5e:8f:1f:29:80:65:64:25:12:b8:
         6a:da:ea:15:9f:ad:9e:4a:28:34:af:1f:63:46:b7:f0:3f:f6:
         92:7e:bb:15:67:c8:df:40:07:28:21:5e:2a:0b:d1:72:99:74:
         d2:f2:f7:95:32:ad:e0:4c:24:2f:85:a9:18:22:d1:15:7b:5f:
         b0:5a:96:e1:8a:d4:d7:df:bc:9a:7a:31:ee:9e:fd:52:9b:5b:
         b8:a0:66:21:40:c9:a3:91:29:19:2b:8b:2c:dc:76:51:7d:b9:
         90:6c:84:b4:a2:67:02:16:f1:64:4b:6d:ac:74:d3:34:c0:25:
         b1:3d:61:74:cf:36:dd:15:51:c0:ca:44:b2:45:ef:19:96:0f:
         a4:eb:cb:f3:24:23:e1:40:f5:e0:b8:85:e8:f6:3d:91:e5:59:
         24:26:cf:59:4d:fe:ae:82:07:4c:b8:de:34:5c:b2:65:30:15:
         86:e5:46:b4:2a:03:3b:50:4f:11:35:84:3b:17:32:b2:85:95:
         f1:b9:e7:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqnsyVXPKP+THymNLHTiSIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZDUxZGMxMDJhNDk3NTE4ZTE2MDkxZTY1ZTgwNWMyNDM4
ZWYyNWIwHhcNMjMwOTE4MDk1MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTAzZjAzZGY4NTM4N2NmYTU2MzQ0MDI1MmRhYjBmNjdmZDhiNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7VzTTaD0xADx6n5XnlW9vQjrI12
ofyUBdnVBt2TV1mMzvHMLnu/2rVGzwjzJRcoNsF0OvHgbTJkBBY3fLa5thESuTkQ
xG/d7/RZUyi0yDeXyDNeC2ftscf9v/Yids1B2jiXUuR6gyoCofxjPQ+vuMcIUeS4
Lxi/IxL9VxzP42YKq+jYsCjxIj9LP6iQxlwatzXXeabdFVpsH3KUr37RHb23SAPH
DLeOjhDU6XuBGNoGiQabEF82p4dt6Ka5ZT4YTORs/fTIBRDHRbeGliohvFHH/T4r
U5wjG5w4lsuQnbfktidRVZpDdWJyfS6dsjWGNFt8K///1lZr19ba1uNgqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkD8D34U4fPpWNEAlLasPZ/2LWeMB8GA1UdIwQY
MBaAFH3VHcECpJdRjhYJHmXoBcJDjvJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmRVZHdRS2tsMUdPRmdrZVplZ0Z3a09POGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81ZjhhNzYtOTIxNS00NWI1LTkzOGIt
NzZlNGUxYzkzNjA2LzEvT1FQd1BmaFRoOC1sWTBRQ1V0cXc5bl9ZdFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81ZjhhNzYtOTIxNS00NWI1LTkzOGItNzZlNGUxYzkzNjA2
LzEvZmRVZHdRS2tsMUdPRmdrZVplZ0Z3a09POGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+AQMA0G
CSqGSIb3DQEBCwUAA4IBAQAaZn96ww9MLf4M4/FnsORaBqq+c258an72ik5hp9NC
3LWRfVU0eX/9XyGK8iAkgFYCdkBiMx1eDI1gGslGbV6PHymAZWQlErhq2uoVn62e
Sig0rx9jRrfwP/aSfrsVZ8jfQAcoIV4qC9FymXTS8veVMq3gTCQvhakYItEVe1+w
WpbhitTX37yaejHunv1Sm1u4oGYhQMmjkSkZK4ss3HZRfbmQbIS0omcCFvFkS22s
dNM0wCWxPWF0zzbdFVHAykSyRe8Zlg+k68vzJCPhQPXguIXo9j2R5VkkJs9ZTf6u
ggdMuN40XLJlMBWG5Ua0KgM7UE8RNYQ7FzKyhZXxuefT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:02 2024 by rpki-client on console-fra.rpki-client.org