Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5f8a76-9215-45b5-938b-76e4e1c93606/1/idCEpk-N5c1jdsy3dkNeCR1uUbY.roa
File:                     idCEpk-N5c1jdsy3dkNeCR1uUbY.roa (raw, json)
Hash identifier:          hYnJO56t/K1ut8/jmZvnK/aPPpxo6VA2fJUM/0mkhyo=
Subject key identifier:   89:D0:84:A6:4F:8D:E5:CD:63:76:CC:B7:76:43:5E:09:1D:6E:51:B6
Certificate issuer:       /CN=7dd51dc102a497518e16091e65e805c2438ef25b
Certificate serial:       018C68EC9CF9B7639B38AB3EF811FB544434
Authority key identifier: 7D:D5:1D:C1:02:A4:97:51:8E:16:09:1E:65:E8:05:C2:43:8E:F2:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fdUdwQKkl1GOFgkeZegFwkOO8ls.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/5f8a76-9215-45b5-938b-76e4e1c93606/1/idCEpk-N5c1jdsy3dkNeCR1uUbY.roa
Signing time:             Thu 14 Dec 2023 15:23:06 +0000
ROA not before:           Thu 14 Dec 2023 15:23:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52213
IP address blocks:        91.224.17.0/24 maxlen: 24
                          91.224.16.0/24 maxlen: 24
                          91.224.16.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:68:ec:9c:f9:b7:63:9b:38:ab:3e:f8:11:fb:54:44:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7dd51dc102a497518e16091e65e805c2438ef25b
        Validity
            Not Before: Dec 14 15:23:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89d084a64f8de5cd6376ccb776435e091d6e51b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:11:65:3d:4c:8a:e4:1a:b8:c2:c5:07:a9:cd:
                    fc:40:fd:f0:e3:a1:78:72:4d:e3:61:63:79:6a:f5:
                    88:a8:52:96:b0:03:a5:34:0e:60:8f:34:5b:20:4f:
                    dc:62:02:13:8d:a0:79:da:7b:06:31:0c:28:89:82:
                    4b:c9:a0:ec:5d:3d:2d:e7:e7:4b:d4:4d:39:e5:7c:
                    8d:e3:37:ce:d3:52:30:43:f6:7c:d2:29:2a:b1:0a:
                    2b:fc:f5:71:32:78:53:a5:ab:78:de:b1:59:c0:92:
                    6c:77:54:bd:97:ea:c0:8d:be:1f:ef:36:73:f3:1f:
                    d2:26:a2:71:99:df:e9:a8:51:bb:69:4d:98:f4:77:
                    07:0f:66:f6:a1:31:3e:8c:b5:18:c9:83:4c:01:52:
                    fb:83:35:2c:43:4a:7f:4c:a4:2f:28:19:b3:3a:f5:
                    5f:c7:b6:de:58:71:c3:cd:cb:a1:61:7c:13:53:14:
                    6d:78:33:01:51:bc:d4:2e:13:17:fd:28:f1:a5:53:
                    19:2f:b5:43:6c:62:9a:d2:02:c9:7a:c8:4f:0f:b3:
                    98:bd:f4:4c:c5:9e:51:d4:4d:6f:bc:d1:e8:df:c4:
                    41:98:6c:22:49:c1:29:4d:4c:4d:ac:98:68:96:e1:
                    93:23:64:55:32:db:cf:1f:c6:94:ef:15:55:84:54:
                    10:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:D0:84:A6:4F:8D:E5:CD:63:76:CC:B7:76:43:5E:09:1D:6E:51:B6
            X509v3 Authority Key Identifier:
                keyid:7D:D5:1D:C1:02:A4:97:51:8E:16:09:1E:65:E8:05:C2:43:8E:F2:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fdUdwQKkl1GOFgkeZegFwkOO8ls.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f8a76-9215-45b5-938b-76e4e1c93606/1/idCEpk-N5c1jdsy3dkNeCR1uUbY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f8a76-9215-45b5-938b-76e4e1c93606/1/fdUdwQKkl1GOFgkeZegFwkOO8ls.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.224.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4b:86:ad:7f:9f:d5:5a:92:48:f7:44:22:fd:73:90:bc:69:75:
         27:69:cd:14:6f:34:44:54:02:2b:97:a0:e7:2a:67:35:5f:10:
         ef:16:ff:37:ff:fb:61:b6:3b:18:55:58:7b:86:43:6c:1b:76:
         bd:c3:f6:07:72:9b:c0:f2:c5:19:dc:25:3f:d5:39:58:0b:ff:
         23:d7:85:da:3f:6e:bc:2f:5f:5e:8a:32:82:24:cf:4d:ef:41:
         d0:9f:fc:e4:15:78:b5:1a:47:28:a4:fb:bd:95:07:92:32:f4:
         44:cd:9e:d7:bd:f5:e5:de:f2:b5:e9:bc:ad:12:a0:6a:f3:d1:
         01:6d:5c:f5:77:27:56:fa:d2:4a:04:a3:6c:8c:d0:08:3b:2b:
         e3:c3:fb:bd:2c:b2:7f:72:c9:f9:6f:ea:90:a1:3b:72:cd:49:
         9b:46:2a:62:f0:30:81:bd:28:98:42:4c:fd:17:01:c2:eb:28:
         95:9b:22:56:9d:ab:be:3f:84:12:91:fe:cc:a8:e8:47:89:99:
         84:88:e4:6a:f9:a6:e7:80:b0:74:c0:63:32:83:64:d5:b2:18:
         f8:a5:66:11:b9:1e:d5:6d:8f:37:29:d3:8c:8e:f2:c6:0b:ac:
         1e:79:70:12:6f:60:aa:9a:56:dc:33:a8:9c:1e:95:ac:11:64:
         f1:5e:47:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxo7Jz5t2ObOKs++BH7VEQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZDUxZGMxMDJhNDk3NTE4ZTE2MDkxZTY1ZTgwNWMyNDM4
ZWYyNWIwHhcNMjMxMjE0MTUyMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQwODRhNjRmOGRlNWNkNjM3NmNjYjc3NjQzNWUwOTFkNmU1MWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBFlPUyK5Bq4wsUHqc38QP3w46F4
ck3jYWN5avWIqFKWsAOlNA5gjzRbIE/cYgITjaB52nsGMQwoiYJLyaDsXT0t5+dL
1E055XyN4zfO01IwQ/Z80ikqsQor/PVxMnhTpat43rFZwJJsd1S9l+rAjb4f7zZz
8x/SJqJxmd/pqFG7aU2Y9HcHD2b2oTE+jLUYyYNMAVL7gzUsQ0p/TKQvKBmzOvVf
x7beWHHDzcuhYXwTUxRteDMBUbzULhMX/SjxpVMZL7VDbGKa0gLJeshPD7OYvfRM
xZ5R1E1vvNHo38RBmGwiScEpTUxNrJholuGTI2RVMtvPH8aU7xVVhFQQKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInQhKZPjeXNY3bMt3ZDXgkdblG2MB8GA1UdIwQY
MBaAFH3VHcECpJdRjhYJHmXoBcJDjvJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmRVZHdRS2tsMUdPRmdrZVplZ0Z3a09POGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81ZjhhNzYtOTIxNS00NWI1LTkzOGIt
NzZlNGUxYzkzNjA2LzEvaWRDRXBrLU41YzFqZHN5M2RrTmVDUjF1VWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81ZjhhNzYtOTIxNS00NWI1LTkzOGItNzZlNGUxYzkzNjA2
LzEvZmRVZHdRS2tsMUdPRmdrZVplZ0Z3a09POGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+AQMA0G
CSqGSIb3DQEBCwUAA4IBAQBLhq1/n9Vakkj3RCL9c5C8aXUnac0UbzREVAIrl6Dn
Kmc1XxDvFv83//thtjsYVVh7hkNsG3a9w/YHcpvA8sUZ3CU/1TlYC/8j14XaP268
L19eijKCJM9N70HQn/zkFXi1GkcopPu9lQeSMvREzZ7XvfXl3vK16bytEqBq89EB
bVz1dydW+tJKBKNsjNAIOyvjw/u9LLJ/csn5b+qQoTtyzUmbRipi8DCBvSiYQkz9
FwHC6yiVmyJWnau+P4QSkf7MqOhHiZmEiORq+abngLB0wGMyg2TVshj4pWYRuR7V
bY83KdOMjvLGC6weeXASb2CqmlbcM6icHpWsEWTxXkf7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:02 2024 by rpki-client on console-fra.rpki-client.org