Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/Byiv6ysY4u0HM1XfzoUlQZY8otI.roa
File:                     Byiv6ysY4u0HM1XfzoUlQZY8otI.roa (raw, json)
Hash identifier:          ChL+DWylAnotPLfojXdeoH/j0/IexpDEVBpyhuE0KTA=
Subject key identifier:   07:28:AF:EB:2B:18:E2:ED:07:33:55:DF:CE:85:25:41:96:3C:A2:D2
Certificate issuer:       /CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
Certificate serial:       018570E7513DBEC50002A26981E1DA82C966
Authority key identifier: 1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/Byiv6ysY4u0HM1XfzoUlQZY8otI.roa
Signing time:             Mon 02 Jan 2023 05:14:45 +0000
ROA not before:           Mon 02 Jan 2023 05:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47817
IP address blocks:        91.208.165.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:51:3d:be:c5:00:02:a2:69:81:e1:da:82:c9:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
        Validity
            Not Before: Jan  2 05:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0728afeb2b18e2ed073355dfce852541963ca2d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:7b:ea:bf:e8:d2:2a:b0:c8:36:3b:8b:1a:7d:
                    3e:95:ea:22:36:3b:5d:46:ed:f7:f4:47:a4:fc:70:
                    17:29:0e:b9:2c:b3:e8:dc:43:cd:7f:7e:e5:b5:82:
                    63:41:06:21:b7:ce:ac:e5:b6:05:7e:50:2e:cf:f9:
                    d5:bf:e3:fd:37:98:a1:f3:fa:56:ae:26:06:98:ce:
                    2b:b7:48:5d:bc:fe:0f:b1:fb:fc:23:f8:5b:eb:1f:
                    a1:29:c1:fc:85:b6:16:6c:bb:9e:96:88:9a:a7:08:
                    e9:10:7e:cc:84:e9:44:b7:9a:aa:c8:eb:58:d2:0c:
                    85:24:fb:3d:2f:9a:61:46:9d:a4:cf:ec:42:de:54:
                    de:a3:5f:a6:1c:fd:8f:0e:5d:79:ee:72:b3:37:cb:
                    10:eb:04:9f:dc:e4:1a:06:5a:a9:ac:78:68:52:5c:
                    74:37:ff:f1:87:51:60:be:e6:da:67:34:bc:71:5e:
                    f1:9b:5a:a3:10:06:78:5a:f6:68:dc:9b:00:42:54:
                    fb:21:3d:97:d5:0b:77:bc:30:82:96:22:e1:f1:63:
                    de:49:9d:e9:00:57:70:30:53:93:c1:94:64:3f:ea:
                    62:fc:25:35:9b:ff:39:69:89:00:35:d6:b8:ba:3e:
                    4f:02:1a:ed:4b:1f:e6:ee:e7:49:00:ec:82:77:12:
                    a7:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:28:AF:EB:2B:18:E2:ED:07:33:55:DF:CE:85:25:41:96:3C:A2:D2
            X509v3 Authority Key Identifier:
                keyid:1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/Byiv6ysY4u0HM1XfzoUlQZY8otI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:07:f6:73:b1:82:f7:05:10:4d:38:9c:f3:32:59:4d:6e:47:
         13:44:a3:8e:49:9e:3a:87:fd:29:c4:e5:46:25:a1:03:2c:dd:
         4c:da:d7:6a:71:ad:fa:c7:ed:b3:b0:c0:e2:33:d0:6b:28:26:
         4c:f6:8c:9e:41:8e:ab:ef:95:cc:4e:80:b9:a9:8e:f6:93:55:
         b2:0d:17:a7:73:61:c9:c2:30:9b:47:10:43:cc:aa:69:d5:82:
         82:96:f4:ff:04:94:fa:25:53:b9:4f:b2:58:4b:49:53:24:88:
         68:85:8c:21:43:16:cd:ef:f6:8a:66:88:17:0b:66:5a:e8:ea:
         b7:65:be:7f:ca:bb:3c:8b:58:94:23:02:4f:98:3b:e1:fa:4a:
         b3:df:e8:ea:24:49:57:d9:db:c0:53:91:c2:b6:4a:15:05:0a:
         53:c0:b3:be:ad:3b:ee:33:0c:af:e3:0e:b2:0f:28:15:1e:9a:
         15:dc:4e:be:ae:0b:4b:21:93:22:46:6d:25:09:3d:78:47:99:
         77:a9:f3:22:b4:ff:18:16:5e:7a:6a:3e:7e:b1:cd:9c:7d:86:
         04:42:20:b5:1e:c1:60:66:95:e4:2d:f2:48:4e:c6:86:5f:47:
         a7:33:b2:6d:63:73:d8:4b:fd:2b:7a:ca:4f:81:a4:3f:e4:e2:
         4c:59:e8:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw51E9vsUAAqJpgeHagslmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2IyZTI0M2Y4YWE5NTQ1OTc5MzJiY2RjZDlhZjY1NjBk
Y2U1MTYwHhcNMjMwMTAyMDUxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzI4YWZlYjJiMThlMmVkMDczMzU1ZGZjZTg1MjU0MTk2M2NhMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHvqv+jSKrDINjuLGn0+leoiNjtd
Ru339Eek/HAXKQ65LLPo3EPNf37ltYJjQQYht86s5bYFflAuz/nVv+P9N5ih8/pW
riYGmM4rt0hdvP4Psfv8I/hb6x+hKcH8hbYWbLueloiapwjpEH7MhOlEt5qqyOtY
0gyFJPs9L5phRp2kz+xC3lTeo1+mHP2PDl157nKzN8sQ6wSf3OQaBlqprHhoUlx0
N//xh1FgvubaZzS8cV7xm1qjEAZ4WvZo3JsAQlT7IT2X1Qt3vDCCliLh8WPeSZ3p
AFdwMFOTwZRkP+pi/CU1m/85aYkANda4uj5PAhrtSx/m7udJAOyCdxKnHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcor+srGOLtBzNV386FJUGWPKLSMB8GA1UdIwQY
MBaAFB57LiQ/iqlUWXkyvNzZr2Vg3OUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMt
ZDU0OTU1NjQzY2Q5LzEvQnlpdjZ5c1k0dTBITTFYZnpvVWxRWlk4b3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMtZDU0OTU1NjQzY2Q5
LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ClMA0G
CSqGSIb3DQEBCwUAA4IBAQCSB/ZzsYL3BRBNOJzzMllNbkcTRKOOSZ46h/0pxOVG
JaEDLN1M2tdqca36x+2zsMDiM9BrKCZM9oyeQY6r75XMToC5qY72k1WyDRenc2HJ
wjCbRxBDzKpp1YKClvT/BJT6JVO5T7JYS0lTJIhohYwhQxbN7/aKZogXC2Za6Oq3
Zb5/yrs8i1iUIwJPmDvh+kqz3+jqJElX2dvAU5HCtkoVBQpTwLO+rTvuMwyv4w6y
DygVHpoV3E6+rgtLIZMiRm0lCT14R5l3qfMitP8YFl56aj5+sc2cfYYEQiC1HsFg
ZpXkLfJITsaGX0enM7JtY3PYS/0respPgaQ/5OJMWeg8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:25 2024 by rpki-client on console-fra.rpki-client.org