Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/1-PWP6oRuQM186PO36hbX8yO-BPA.roa
File:                     1-PWP6oRuQM186PO36hbX8yO-BPA.roa (raw, json)
Hash identifier:          0OPAmqgAyOrmcbQxf2Td6nORmA98pkth9tcQeqgDvbw=
Subject key identifier:   F8:F5:8F:EA:84:6E:40:CD:7C:E8:F3:B7:EA:16:D7:F3:23:BE:04:F0
Certificate issuer:       /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial:       0188047253510E93B183A00C4D5CD8ED9ED1
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/1-PWP6oRuQM186PO36hbX8yO-BPA.roa
Signing time:             Wed 10 May 2023 06:56:21 +0000
ROA not before:           Wed 10 May 2023 06:56:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210402
IP address blocks:        91.106.36.0/22 maxlen: 22
                          91.106.36.0/24 maxlen: 24
                          91.106.37.0/24 maxlen: 24
                          91.106.38.0/24 maxlen: 24
                          91.106.39.0/24 maxlen: 24
                          91.106.38.0/23 maxlen: 23
                          91.106.50.0/24 maxlen: 24
                          91.106.57.0/24 maxlen: 24
                          91.106.58.0/24 maxlen: 24
                          91.106.53.0/24 maxlen: 24
                          91.106.54.0/24 maxlen: 24
                          91.106.55.0/24 maxlen: 24
                          91.106.56.0/24 maxlen: 24
                          91.106.56.0/22 maxlen: 22
                          91.106.52.0/24 maxlen: 24
                          91.106.60.0/24 maxlen: 24
                          91.106.61.0/24 maxlen: 24
                          91.106.62.0/24 maxlen: 24
                          91.106.63.0/24 maxlen: 24
                          91.106.59.0/24 maxlen: 24
                          91.106.60.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 06:20:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:04:72:53:51:0e:93:b1:83:a0:0c:4d:5c:d8:ed:9e:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
        Validity
            Not Before: May 10 06:56:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8f58fea846e40cd7ce8f3b7ea16d7f323be04f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a8:dd:de:e5:d8:20:a4:a1:75:68:71:54:24:
                    90:77:73:df:f3:62:2b:c6:b4:d2:03:1a:e0:17:17:
                    bc:58:96:03:0f:f3:db:e8:92:20:4a:e0:81:a0:10:
                    aa:07:7b:c4:04:48:a5:b1:f5:db:1b:11:a2:65:9f:
                    e5:20:3a:2a:6b:03:ba:21:20:58:69:ab:a4:46:72:
                    bc:21:39:6d:b5:da:f2:42:27:07:9e:9b:ff:ac:a3:
                    24:cc:0a:3a:b1:5b:e1:4d:23:aa:5f:36:49:49:d3:
                    3c:4a:a9:e7:03:78:a2:a7:92:ad:6e:0d:b0:7a:44:
                    6d:08:5b:d5:cf:ea:24:e7:23:58:cf:16:5a:11:f1:
                    bc:84:7b:eb:da:5d:9b:6f:86:17:59:68:e8:8f:fe:
                    ba:ca:14:0b:16:d3:7f:6e:bf:b1:f5:f1:6e:e8:6b:
                    2e:77:0b:16:4b:af:8d:05:88:35:fe:8d:74:0d:2b:
                    c2:03:af:74:e7:f1:44:d2:cf:91:58:89:92:9d:c7:
                    26:39:80:a9:3a:27:ae:7b:f4:6b:6b:6c:71:25:a5:
                    af:1b:a6:0d:e2:62:43:81:eb:0b:8f:c8:13:e4:4e:
                    be:e7:42:93:e1:42:e8:78:40:9c:4b:3a:13:34:e1:
                    4b:25:b0:73:05:17:70:5b:68:12:1b:33:5a:9c:a1:
                    3f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:F5:8F:EA:84:6E:40:CD:7C:E8:F3:B7:EA:16:D7:F3:23:BE:04:F0
            X509v3 Authority Key Identifier:
                keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/1-PWP6oRuQM186PO36hbX8yO-BPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.106.36.0/22
                  91.106.50.0/24
                  91.106.52.0-91.106.63.255

    Signature Algorithm: sha256WithRSAEncryption
         00:33:94:c4:93:3e:d1:19:f1:07:30:2b:80:73:66:cf:4d:af:
         73:4a:6c:76:f1:0a:06:28:76:44:2e:17:54:ad:86:0e:f0:af:
         8e:59:fa:77:48:da:ff:66:a0:17:dd:9e:8e:4a:6b:04:27:45:
         cd:61:0a:23:1a:fa:31:d4:3d:4d:3e:fa:b6:37:a6:7a:ae:60:
         4b:e3:5c:39:1e:77:54:ac:98:12:dd:d7:a6:a2:e9:f0:56:3c:
         31:5a:d7:3d:b9:b8:91:40:f2:4c:9d:c8:ed:fc:e5:d0:8d:8d:
         42:d7:41:da:c3:ce:1f:ba:b4:88:29:62:ab:a9:a7:5c:20:86:
         a1:94:cb:b4:19:44:1e:14:e1:fd:99:e3:13:ac:82:a6:8d:e9:
         87:66:a4:b2:2b:04:9f:df:5e:99:45:04:77:83:c0:18:a3:53:
         70:17:1f:f4:ad:19:66:a7:7b:de:ef:c4:63:3d:d4:e8:b6:ef:
         88:0a:e5:48:e5:3b:18:3e:9e:d2:14:30:d0:5d:e6:c2:75:e2:
         67:32:59:65:cd:fc:61:21:2f:b7:93:c0:40:01:84:f9:fb:fc:
         ff:32:10:73:5f:d3:61:62:9c:29:5a:3c:0d:49:67:86:3f:de:
         39:f5:e6:11:ce:2d:14:f3:78:24:f1:3d:e7:82:61:90:b5:27:
         c2:d4:45:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYgEclNRDpOxg6AMTVzY7Z7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjMwNTEwMDY1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGY1OGZlYTg0NmU0MGNkN2NlOGYzYjdlYTE2ZDdmMzIzYmUwNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKjd3uXYIKShdWhxVCSQd3Pf82Ir
xrTSAxrgFxe8WJYDD/Pb6JIgSuCBoBCqB3vEBEilsfXbGxGiZZ/lIDoqawO6ISBY
aaukRnK8ITlttdryQicHnpv/rKMkzAo6sVvhTSOqXzZJSdM8SqnnA3iip5Ktbg2w
ekRtCFvVz+ok5yNYzxZaEfG8hHvr2l2bb4YXWWjoj/66yhQLFtN/br+x9fFu6Gsu
dwsWS6+NBYg1/o10DSvCA6905/FE0s+RWImSnccmOYCpOieue/Rra2xxJaWvG6YN
4mJDgesLj8gT5E6+50KT4ULoeECcSzoTNOFLJbBzBRdwW2gSGzNanKE/ZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPj1j+qEbkDNfOjzt+oW1/MjvgTwMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvMS1QV1A2b1J1UU0xODZQTzM2aGJYOHlPLUJQQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvZDQzMGQ5LWQyMTQtNDFjMC04ZTUxLTI2N2ExNmI0NjI5
Zi8xL3dKTFkxVkViR2V6a1ZwWVBJNy1vaHU0ZFZ3cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAltqJAME
AFtqMjAMAwQCW2o0AwQGW2oAMA0GCSqGSIb3DQEBCwUAA4IBAQAAM5TEkz7RGfEH
MCuAc2bPTa9zSmx28QoGKHZELhdUrYYO8K+OWfp3SNr/ZqAX3Z6OSmsEJ0XNYQoj
Gvox1D1NPvq2N6Z6rmBL41w5HndUrJgS3demounwVjwxWtc9ubiRQPJMncjt/OXQ
jY1C10Haw84furSIKWKrqadcIIahlMu0GUQeFOH9meMTrIKmjemHZqSyKwSf316Z
RQR3g8AYo1NwFx/0rRlmp3ve78RjPdTotu+ICuVI5TsYPp7SFDDQXebCdeJnMlll
zfxhIS+3k8BAAYT5+/z/MhBzX9NhYpwpWjwNSWeGP9459eYRzi0U83gk8T3ngmGQ
tSfC1EXy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org