Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/0e7ef7-1831-42f6-a2cc-ae290d55bdb7/1/M6OGR68lAMUQIvi_N0XeF2gJOsE.roa
File:                     M6OGR68lAMUQIvi_N0XeF2gJOsE.roa (raw, json)
Hash identifier:          Z6RBZZJosWOVGN+IC6XL2SDv3sk5Bba0X+Uszf+D0bc=
Subject key identifier:   33:A3:86:47:AF:25:00:C5:10:22:F8:BF:37:45:DE:17:68:09:3A:C1
Certificate issuer:       /CN=8edf6c2ad7acecad066e1f77fe05922f01691536
Certificate serial:       018C3AB7D49AA1427942525D80C185AA2C2C
Authority key identifier: 8E:DF:6C:2A:D7:AC:EC:AD:06:6E:1F:77:FE:05:92:2F:01:69:15:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jt9sKtes7K0Gbh93_gWSLwFpFTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/0e7ef7-1831-42f6-a2cc-ae290d55bdb7/1/M6OGR68lAMUQIvi_N0XeF2gJOsE.roa
Signing time:             Tue 05 Dec 2023 16:02:54 +0000
ROA not before:           Tue 05 Dec 2023 16:02:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207349
IP address blocks:        91.223.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3a:b7:d4:9a:a1:42:79:42:52:5d:80:c1:85:aa:2c:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8edf6c2ad7acecad066e1f77fe05922f01691536
        Validity
            Not Before: Dec  5 16:02:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33a38647af2500c51022f8bf3745de1768093ac1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:06:a2:16:15:5c:b9:5e:a4:55:ab:9d:bc:22:
                    5e:fe:19:b3:c9:87:97:e4:e3:71:65:da:2d:54:7b:
                    12:d0:c3:23:33:12:23:fd:0d:b7:df:60:06:53:f8:
                    8e:e9:f6:11:95:2c:89:ee:50:c6:75:2b:b1:7c:64:
                    fc:91:fb:b9:f8:f5:d3:27:bf:d8:34:c0:79:4d:18:
                    58:72:51:52:5e:4f:73:8e:fa:86:c5:71:9a:ae:ba:
                    4b:a9:db:68:fb:4f:72:18:ba:ff:6d:1e:03:32:85:
                    ad:60:f5:23:57:32:e9:c3:65:40:68:8c:5c:74:a6:
                    44:bb:c5:2b:fc:0f:3c:eb:b1:f7:90:8d:e7:97:14:
                    60:f8:3b:b5:4a:f8:af:1a:e1:42:76:ca:c6:76:08:
                    14:c7:14:95:5d:d7:1e:97:b7:24:cc:0a:5c:c3:c6:
                    c6:d3:c8:aa:17:3c:0a:09:8c:c6:6b:36:3c:26:38:
                    b5:4b:3a:96:32:0a:10:55:58:48:32:d3:62:95:47:
                    03:c7:b8:d7:bd:78:bc:00:0c:5a:7b:58:8d:0b:e4:
                    34:15:9e:0d:8b:0c:03:89:2e:05:06:36:87:f4:0a:
                    1e:de:21:fe:fc:a4:ae:ac:f7:6d:41:06:77:68:de:
                    a4:6e:c2:3d:f5:7b:0f:ca:bd:4b:7c:77:29:81:e0:
                    5c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:A3:86:47:AF:25:00:C5:10:22:F8:BF:37:45:DE:17:68:09:3A:C1
            X509v3 Authority Key Identifier:
                keyid:8E:DF:6C:2A:D7:AC:EC:AD:06:6E:1F:77:FE:05:92:2F:01:69:15:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jt9sKtes7K0Gbh93_gWSLwFpFTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/0e7ef7-1831-42f6-a2cc-ae290d55bdb7/1/M6OGR68lAMUQIvi_N0XeF2gJOsE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/0e7ef7-1831-42f6-a2cc-ae290d55bdb7/1/jt9sKtes7K0Gbh93_gWSLwFpFTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:b2:e8:92:fc:65:94:43:35:da:38:db:46:99:9e:b6:c7:99:
         60:23:6d:ac:0c:69:e9:07:42:ed:88:76:68:58:a5:17:4e:8c:
         67:cd:b7:9b:cc:c6:a9:3b:14:a8:83:6d:77:aa:f3:d2:78:14:
         ef:ce:11:d0:27:5a:ed:84:82:03:a6:95:a8:35:f7:9d:47:59:
         7d:88:9a:57:13:3b:9f:d2:6d:90:17:2e:2a:ca:f9:5f:31:f2:
         70:b5:4b:b9:1c:e7:33:cb:81:c9:d9:59:ec:f5:df:a2:33:c5:
         de:2b:1c:53:76:24:18:d7:ac:fc:e9:b4:7c:18:7b:70:3d:a1:
         47:24:4a:51:f7:bb:bc:40:0e:29:8c:47:71:11:f9:2c:6e:72:
         2d:50:df:fb:ba:fa:fa:b6:fc:0a:df:20:3b:04:ba:4b:25:60:
         44:db:09:a9:2f:81:f5:49:41:30:09:ab:3f:c1:89:1f:60:ab:
         2b:4f:a0:da:21:63:61:40:a8:d1:9f:73:39:b1:81:0d:e1:36:
         05:96:b7:15:4d:d0:18:a4:6a:65:bf:74:ac:ee:eb:01:e2:46:
         5a:e9:c8:0a:91:97:a2:2a:d9:d6:c4:fd:de:ec:3d:72:22:bb:
         57:0b:cb:81:21:91:54:67:d0:8b:2e:88:ab:5f:fc:3f:f4:e9:
         bb:e6:57:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw6t9SaoUJ5QlJdgMGFqiwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZGY2YzJhZDdhY2VjYWQwNjZlMWY3N2ZlMDU5MjJmMDE2
OTE1MzYwHhcNMjMxMjA1MTYwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2EzODY0N2FmMjUwMGM1MTAyMmY4YmYzNzQ1ZGUxNzY4MDkzYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAaiFhVcuV6kVaudvCJe/hmzyYeX
5ONxZdotVHsS0MMjMxIj/Q2332AGU/iO6fYRlSyJ7lDGdSuxfGT8kfu5+PXTJ7/Y
NMB5TRhYclFSXk9zjvqGxXGarrpLqdto+09yGLr/bR4DMoWtYPUjVzLpw2VAaIxc
dKZEu8Ur/A8867H3kI3nlxRg+Du1SvivGuFCdsrGdggUxxSVXdcel7ckzApcw8bG
08iqFzwKCYzGazY8Jji1SzqWMgoQVVhIMtNilUcDx7jXvXi8AAxae1iNC+Q0FZ4N
iwwDiS4FBjaH9Aoe3iH+/KSurPdtQQZ3aN6kbsI99XsPyr1LfHcpgeBcbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDOjhkevJQDFECL4vzdF3hdoCTrBMB8GA1UdIwQY
MBaAFI7fbCrXrOytBm4fd/4Fki8BaRU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanQ5c0t0ZXM3SzBHYmg5M19nV1NMd0ZwRlRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8wZTdlZjctMTgzMS00MmY2LWEyY2Mt
YWUyOTBkNTViZGI3LzEvTTZPR1I2OGxBTVVRSXZpX04wWGVGMmdKT3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8wZTdlZjctMTgzMS00MmY2LWEyY2MtYWUyOTBkNTViZGI3
LzEvanQ5c0t0ZXM3SzBHYmg5M19nV1NMd0ZwRlRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/eMA0G
CSqGSIb3DQEBCwUAA4IBAQAzsuiS/GWUQzXaONtGmZ62x5lgI22sDGnpB0LtiHZo
WKUXToxnzbebzMapOxSog213qvPSeBTvzhHQJ1rthIIDppWoNfedR1l9iJpXEzuf
0m2QFy4qyvlfMfJwtUu5HOczy4HJ2Vns9d+iM8XeKxxTdiQY16z86bR8GHtwPaFH
JEpR97u8QA4pjEdxEfksbnItUN/7uvr6tvwK3yA7BLpLJWBE2wmpL4H1SUEwCas/
wYkfYKsrT6DaIWNhQKjRn3M5sYEN4TYFlrcVTdAYpGplv3Ss7usB4kZa6cgKkZei
KtnWxP3e7D1yIrtXC8uBIZFUZ9CLLoirX/w/9Om75lfC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:37 2024 by rpki-client on console-fra.rpki-client.org