Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/56a006-919f-487c-9316-0bb6a83f9f40/1/DRnlphz0QEyYqagiiL1pefHg1Ao.roa
File:                     DRnlphz0QEyYqagiiL1pefHg1Ao.roa (raw, json)
Hash identifier:          85qCnFWuv+v1wKTp/g+Xfo9/i/ZYbB0o4OexQu/PMzY=
Subject key identifier:   0D:19:E5:A6:1C:F4:40:4C:98:A9:A8:22:88:BD:69:79:F1:E0:D4:0A
Certificate issuer:       /CN=b79c2de3eb309180f4f5a5af2d56fe4258784648
Certificate serial:       018AA8BCA625DAE1D96A445873ED37B6CC15
Authority key identifier: B7:9C:2D:E3:EB:30:91:80:F4:F5:A5:AF:2D:56:FE:42:58:78:46:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t5wt4-swkYD09aWvLVb-Qlh4Rkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/56a006-919f-487c-9316-0bb6a83f9f40/1/DRnlphz0QEyYqagiiL1pefHg1Ao.roa
Signing time:             Mon 18 Sep 2023 14:40:50 +0000
ROA not before:           Mon 18 Sep 2023 14:40:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        91.203.230.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a8:bc:a6:25:da:e1:d9:6a:44:58:73:ed:37:b6:cc:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b79c2de3eb309180f4f5a5af2d56fe4258784648
        Validity
            Not Before: Sep 18 14:40:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d19e5a61cf4404c98a9a82288bd6979f1e0d40a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:85:05:a2:40:01:f3:9d:9c:3a:da:0a:d7:21:
                    60:cd:c0:70:c0:a0:2f:48:c0:ae:0b:a6:dc:a2:7e:
                    5f:a1:95:9b:60:c9:28:59:0a:58:58:28:e7:13:44:
                    e4:8a:3e:dd:42:92:5b:1d:4e:02:f4:af:20:ec:b9:
                    74:2d:81:5e:57:43:d6:ce:a0:3f:69:8d:3c:89:ec:
                    8c:2a:3e:8a:0b:6b:4e:62:fa:db:81:a9:2b:e3:f9:
                    87:b7:48:e8:0a:6b:26:91:25:f1:8d:51:4e:54:d8:
                    65:53:bb:71:73:c1:99:fb:e3:88:95:db:07:de:d3:
                    c9:eb:81:41:53:47:aa:4d:ab:d8:c2:80:38:94:53:
                    48:9d:f1:6b:d9:c0:0b:a6:85:58:36:3b:7a:10:1a:
                    5c:8c:74:e6:64:b7:7c:ee:c9:ed:42:6b:56:28:6b:
                    45:e3:9a:95:14:dd:0b:09:af:d4:6e:6f:b0:50:80:
                    de:f4:b3:dc:04:2e:11:52:ea:9a:40:6d:81:66:ae:
                    42:43:ae:93:f4:ba:49:6f:ef:a1:ac:b1:9c:82:53:
                    e6:11:20:99:59:65:a2:ac:57:31:63:ff:c6:11:f0:
                    04:1c:8c:da:08:e2:34:da:84:90:a9:8f:01:78:70:
                    a4:e2:f1:5f:d9:57:7d:02:c2:fa:16:01:ca:85:05:
                    c6:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:19:E5:A6:1C:F4:40:4C:98:A9:A8:22:88:BD:69:79:F1:E0:D4:0A
            X509v3 Authority Key Identifier:
                keyid:B7:9C:2D:E3:EB:30:91:80:F4:F5:A5:AF:2D:56:FE:42:58:78:46:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5wt4-swkYD09aWvLVb-Qlh4Rkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/56a006-919f-487c-9316-0bb6a83f9f40/1/DRnlphz0QEyYqagiiL1pefHg1Ao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/56a006-919f-487c-9316-0bb6a83f9f40/1/t5wt4-swkYD09aWvLVb-Qlh4Rkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.203.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:7d:84:33:77:93:6f:d4:34:2a:02:83:91:34:1b:19:46:4c:
         a5:6d:92:a8:d3:75:18:e8:10:3e:2d:83:c4:af:66:ef:9c:82:
         9e:d1:69:cc:da:c6:16:2d:f6:85:08:52:42:e7:43:2a:32:86:
         15:00:c0:38:d2:c3:4a:44:49:a8:04:b6:f2:56:12:11:6e:c7:
         61:3b:f3:eb:d9:eb:02:8b:d0:9d:db:f0:76:21:5c:35:4f:79:
         90:cb:45:9b:de:ed:b0:03:19:6b:5b:ad:48:f0:88:9d:2d:ee:
         b5:cf:6b:c4:a6:37:b0:56:0a:99:e7:0b:f1:0a:d7:e5:6a:2c:
         53:7e:40:b4:e4:43:e6:9a:ea:7b:85:4c:cc:87:8e:28:96:f9:
         37:e4:4e:e4:cb:f1:5e:cc:73:79:59:d3:50:3e:14:e3:9c:c3:
         9c:38:fd:bb:04:63:08:ef:9b:c9:07:a1:56:cf:8f:50:bd:08:
         2a:d3:c0:40:09:e3:a3:cb:f5:73:12:ca:c8:1b:fa:78:70:8f:
         8c:25:df:dc:14:fb:7a:b1:7f:12:a8:06:2b:80:18:1b:f9:90:
         0c:60:b6:0d:9a:71:b0:2b:ca:93:2a:3d:e6:8e:78:f7:78:02:
         93:3a:1c:e9:41:cb:9d:40:52:88:e1:e3:26:43:b3:7c:25:60:
         82:56:b9:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqovKYl2uHZakRYc+03tswVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OWMyZGUzZWIzMDkxODBmNGY1YTVhZjJkNTZmZTQyNTg3
ODQ2NDgwHhcNMjMwOTE4MTQ0MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE5ZTVhNjFjZjQ0MDRjOThhOWE4MjI4OGJkNjk3OWYxZTBkNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoUFokAB852cOtoK1yFgzcBwwKAv
SMCuC6bcon5foZWbYMkoWQpYWCjnE0Tkij7dQpJbHU4C9K8g7Ll0LYFeV0PWzqA/
aY08ieyMKj6KC2tOYvrbgakr4/mHt0joCmsmkSXxjVFOVNhlU7txc8GZ++OIldsH
3tPJ64FBU0eqTavYwoA4lFNInfFr2cALpoVYNjt6EBpcjHTmZLd87sntQmtWKGtF
45qVFN0LCa/Ubm+wUIDe9LPcBC4RUuqaQG2BZq5CQ66T9LpJb++hrLGcglPmESCZ
WWWirFcxY//GEfAEHIzaCOI02oSQqY8BeHCk4vFf2Vd9AsL6FgHKhQXGeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0Z5aYc9EBMmKmoIoi9aXnx4NQKMB8GA1UdIwQY
MBaAFLecLePrMJGA9PWlry1W/kJYeEZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDV3dDQtc3drWUQwOWFXdkxWYi1RbGg0UmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NmEwMDYtOTE5Zi00ODdjLTkzMTYt
MGJiNmE4M2Y5ZjQwLzEvRFJubHBoejBRRXlZcWFnaWlMMXBlZkhnMUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NmEwMDYtOTE5Zi00ODdjLTkzMTYtMGJiNmE4M2Y5ZjQw
LzEvdDV3dDQtc3drWUQwOWFXdkxWYi1RbGg0UmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8vmMA0G
CSqGSIb3DQEBCwUAA4IBAQBMfYQzd5Nv1DQqAoORNBsZRkylbZKo03UY6BA+LYPE
r2bvnIKe0WnM2sYWLfaFCFJC50MqMoYVAMA40sNKREmoBLbyVhIRbsdhO/Pr2esC
i9Cd2/B2IVw1T3mQy0Wb3u2wAxlrW61I8IidLe61z2vEpjewVgqZ5wvxCtflaixT
fkC05EPmmup7hUzMh44olvk35E7ky/FezHN5WdNQPhTjnMOcOP27BGMI75vJB6FW
z49QvQgq08BACeOjy/VzEsrIG/p4cI+MJd/cFPt6sX8SqAYrgBgb+ZAMYLYNmnGw
K8qTKj3mjnj3eAKTOhzpQcudQFKI4eMmQ7N8JWCCVrmN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:47 2024 by rpki-client on console-ams.rpki-client.org