Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/a2N1xB4_Ev69vkPHnzLZypL7rgg.roa
File:                     a2N1xB4_Ev69vkPHnzLZypL7rgg.roa (raw, json)
Hash identifier:          O7/PwSIO0NVpyafVSgc65rMni+P83Z3OoiPBD57PKnA=
Subject key identifier:   6B:63:75:C4:1E:3F:12:FE:BD:BE:43:C7:9F:32:D9:CA:92:FB:AE:08
Certificate issuer:       /CN=5b1a2cf2f13745ee1bbf7f0a74bead3ce5074855
Certificate serial:       01857321C0B31C75F1B34F12DC68FE33AB7A
Authority key identifier: 5B:1A:2C:F2:F1:37:45:EE:1B:BF:7F:0A:74:BE:AD:3C:E5:07:48:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/a2N1xB4_Ev69vkPHnzLZypL7rgg.roa
Signing time:             Mon 02 Jan 2023 15:37:49 +0000
ROA not before:           Mon 02 Jan 2023 15:37:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3303
IP address blocks:        91.198.58.0/24 maxlen: 24
                          2001:678:d98::/48 maxlen: 48
                          2001:678:d9c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:21:c0:b3:1c:75:f1:b3:4f:12:dc:68:fe:33:ab:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b1a2cf2f13745ee1bbf7f0a74bead3ce5074855
        Validity
            Not Before: Jan  2 15:37:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b6375c41e3f12febdbe43c79f32d9ca92fbae08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ad:bd:e8:67:7b:d1:07:2e:48:78:83:e9:c8:
                    7d:22:50:06:8f:68:ef:8b:8f:97:fe:8b:a4:43:30:
                    4a:a5:96:16:00:5a:20:26:75:9e:de:fc:30:25:8a:
                    38:32:e3:36:f2:aa:38:8a:f1:eb:46:ac:61:1e:10:
                    c8:9b:4a:d9:60:8a:f9:86:2b:14:dc:74:e2:b3:be:
                    a5:8f:84:af:ce:5c:a8:23:1c:c0:f7:d7:05:1d:a2:
                    f1:42:79:13:61:83:25:06:d4:5f:1d:9a:99:ba:99:
                    58:9b:0f:4d:a3:da:27:6a:e1:70:2f:02:d3:8c:ac:
                    da:0c:ff:79:18:71:a6:f8:a1:10:14:39:8d:df:96:
                    68:6d:87:98:fc:33:c3:da:cc:a2:04:bf:40:60:8c:
                    1b:54:1e:b3:43:9d:c3:a3:67:cc:a1:35:24:34:57:
                    95:d4:81:5d:d0:fc:26:6b:d0:35:d5:5c:b3:79:ae:
                    03:96:a6:66:d9:9e:d0:e4:01:42:3d:b9:05:27:9f:
                    84:4d:dc:ec:3b:f3:9a:dc:cb:8a:72:aa:08:cf:d5:
                    db:d4:0a:f0:39:a3:99:e4:d7:a4:17:f0:90:85:75:
                    3d:ee:c9:5e:92:12:7b:ec:36:1b:4a:30:2b:8a:65:
                    99:4a:79:c9:cd:91:17:53:c1:bd:9c:6c:b2:e4:59:
                    30:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:63:75:C4:1E:3F:12:FE:BD:BE:43:C7:9F:32:D9:CA:92:FB:AE:08
            X509v3 Authority Key Identifier:
                keyid:5B:1A:2C:F2:F1:37:45:EE:1B:BF:7F:0A:74:BE:AD:3C:E5:07:48:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/a2N1xB4_Ev69vkPHnzLZypL7rgg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/Wxos8vE3Re4bv38KdL6tPOUHSFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.58.0/24
                IPv6:
                  2001:678:d98::/48
                  2001:678:d9c::/48

    Signature Algorithm: sha256WithRSAEncryption
         c0:60:f3:44:6a:18:74:1b:c4:cd:8c:6a:af:91:9d:fa:ab:ea:
         18:22:29:5d:26:2d:0f:b4:66:7b:12:fb:91:d0:c4:95:3c:f5:
         5e:c4:8e:a4:74:ed:34:8e:5f:9a:1d:56:24:ee:d0:95:49:27:
         9f:0f:a8:c2:d5:34:90:64:28:68:4d:67:bb:54:3d:ba:9c:7c:
         9a:b8:3f:55:44:2a:10:67:54:06:ca:6e:d8:4a:78:a5:d6:26:
         55:bd:e1:b1:66:24:a9:3f:d4:88:21:22:10:67:f7:47:95:b3:
         0e:f7:cc:9f:2a:a9:4f:12:98:1e:30:6c:01:7b:2e:24:11:bd:
         1f:14:b2:97:33:8a:43:72:85:c7:40:f6:fc:b1:18:78:e3:2b:
         10:7d:08:ba:96:eb:af:2f:a1:46:02:a9:89:9d:29:19:94:b3:
         6b:45:57:68:8f:05:dd:75:7f:63:e6:50:5b:39:cd:ad:ac:4b:
         0a:f4:40:7c:f4:8a:ce:8f:23:84:dc:7a:4b:5b:d7:c9:b3:ce:
         32:1f:09:ab:1a:53:ed:73:d6:b7:04:9b:ad:c8:23:0f:7c:d8:
         60:be:fc:68:84:39:72:63:b0:7a:e0:28:0f:68:79:3d:c3:60:
         89:ad:e8:67:6e:a6:8a:a3:e4:fe:03:fc:f2:c2:a3:a9:f6:a3:
         58:55:06:e6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVzIcCzHHXxs08S3Gj+M6t6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMWEyY2YyZjEzNzQ1ZWUxYmJmN2YwYTc0YmVhZDNjZTUw
NzQ4NTUwHhcNMjMwMTAyMTUzNzQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjYzNzVjNDFlM2YxMmZlYmRiZTQzYzc5ZjMyZDljYTkyZmJhZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq296Gd70QcuSHiD6ch9IlAGj2jv
i4+X/oukQzBKpZYWAFogJnWe3vwwJYo4MuM28qo4ivHrRqxhHhDIm0rZYIr5hisU
3HTis76lj4SvzlyoIxzA99cFHaLxQnkTYYMlBtRfHZqZuplYmw9No9onauFwLwLT
jKzaDP95GHGm+KEQFDmN35ZobYeY/DPD2syiBL9AYIwbVB6zQ53Do2fMoTUkNFeV
1IFd0Pwma9A11Vyzea4DlqZm2Z7Q5AFCPbkFJ5+ETdzsO/Oa3MuKcqoIz9Xb1Arw
OaOZ5NekF/CQhXU97slekhJ77DYbSjArimWZSnnJzZEXU8G9nGyy5FkwnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGtjdcQePxL+vb5Dx58y2cqS+64IMB8GA1UdIwQY
MBaAFFsaLPLxN0XuG79/CnS+rTzlB0hVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3hvczh2RTNSZTRidjM4S2RMNnRQT1VIU0ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yNGYwMmQtYjIzYS00YzgxLTkxZjAt
N2Y5MDI1ZTUzMTA5LzEvYTJOMXhCNF9FdjY5dmtQSG56TFp5cEw3cmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yNGYwMmQtYjIzYS00YzgxLTkxZjAtN2Y5MDI1ZTUzMTA5
LzEvV3hvczh2RTNSZTRidjM4S2RMNnRQT1VIU0ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW8Y6MBgE
AgACMBIDBwAgAQZ4DZgDBwAgAQZ4DZwwDQYJKoZIhvcNAQELBQADggEBAMBg80Rq
GHQbxM2Maq+Rnfqr6hgiKV0mLQ+0ZnsS+5HQxJU89V7EjqR07TSOX5odViTu0JVJ
J58PqMLVNJBkKGhNZ7tUPbqcfJq4P1VEKhBnVAbKbthKeKXWJlW94bFmJKk/1Igh
IhBn90eVsw73zJ8qqU8SmB4wbAF7LiQRvR8UspczikNyhcdA9vyxGHjjKxB9CLqW
668voUYCqYmdKRmUs2tFV2iPBd11f2PmUFs5za2sSwr0QHz0is6PI4Tcektb18mz
zjIfCasaU+1z1rcEm63IIw982GC+/GiEOXJjsHrgKA9oeT3DYImt6Gdupoqj5P4D
/PLCo6n2o1hVBuY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:14 2024 by rpki-client on console-fra.rpki-client.org