Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/0-wACITSblOKHJbSxfyBQ2rvcxU.roa
File:                     0-wACITSblOKHJbSxfyBQ2rvcxU.roa (raw, json)
Hash identifier:          LSaOAFtaOvvVVAcPnh0hqRyBhV2rpB1xATL4D9anLyw=
Subject key identifier:   D3:EC:00:08:84:D2:6E:53:8A:1C:96:D2:C5:FC:81:43:6A:EF:73:15
Certificate issuer:       /CN=273a88c578166988506e13642adb12f631e0a3c2
Certificate serial:       018A429D11B5FD4714E0C7340AB785AA10F8
Authority key identifier: 27:3A:88:C5:78:16:69:88:50:6E:13:64:2A:DB:12:F6:31:E0:A3:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JzqIxXgWaYhQbhNkKtsS9jHgo8I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/0-wACITSblOKHJbSxfyBQ2rvcxU.roa
Signing time:             Tue 29 Aug 2023 18:45:04 +0000
ROA not before:           Tue 29 Aug 2023 18:45:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36113
IP address blocks:        91.234.202.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Sep 2023 14:54:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:42:9d:11:b5:fd:47:14:e0:c7:34:0a:b7:85:aa:10:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=273a88c578166988506e13642adb12f631e0a3c2
        Validity
            Not Before: Aug 29 18:45:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d3ec000884d26e538a1c96d2c5fc81436aef7315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:91:9d:c0:95:90:a0:39:80:25:74:8c:6d:1e:
                    04:6c:2a:67:9b:ce:9c:ec:40:89:49:39:ef:05:28:
                    73:50:7c:0e:c7:79:b1:12:a8:b2:66:66:b5:d5:d8:
                    bf:68:2e:56:24:48:37:1b:52:68:55:c5:1c:40:4f:
                    43:a7:4a:4e:04:98:d2:7b:29:b9:f1:d9:5e:1c:17:
                    12:a9:21:33:cd:d8:8c:82:bf:b1:f3:5e:4e:40:ce:
                    f4:12:15:13:45:8f:b0:ae:00:7b:60:fd:83:1e:f1:
                    4c:23:19:be:d2:14:34:51:b7:a6:f3:0a:c8:c7:7c:
                    6f:0d:1c:d0:2e:96:18:02:c5:7a:f1:ae:ed:18:e1:
                    f4:10:9e:13:0c:6b:bb:8b:1b:9c:2d:4f:6f:47:de:
                    aa:41:0c:57:fb:13:43:f8:54:24:6b:0a:90:c6:51:
                    b4:d8:d1:eb:4f:a7:87:2e:57:fc:2d:17:44:14:cf:
                    e7:85:d6:e5:15:bc:4e:e2:d7:a0:39:5d:c6:ff:c5:
                    1a:0e:65:51:49:23:39:0a:f2:e1:3f:8c:c5:28:a4:
                    c4:54:8f:6f:4f:aa:7d:76:23:af:08:b0:5f:d8:83:
                    3e:8d:21:27:b2:c6:c2:7c:31:f4:45:bf:13:f9:38:
                    ea:90:55:4d:25:11:cf:91:c2:95:76:a3:86:82:42:
                    96:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:EC:00:08:84:D2:6E:53:8A:1C:96:D2:C5:FC:81:43:6A:EF:73:15
            X509v3 Authority Key Identifier:
                keyid:27:3A:88:C5:78:16:69:88:50:6E:13:64:2A:DB:12:F6:31:E0:A3:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JzqIxXgWaYhQbhNkKtsS9jHgo8I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/0-wACITSblOKHJbSxfyBQ2rvcxU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/JzqIxXgWaYhQbhNkKtsS9jHgo8I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.234.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:41:5b:7f:f1:a4:5c:9b:76:99:15:ae:8f:4f:e2:41:47:6e:
         a3:16:43:fb:0f:ea:10:70:5d:8e:85:8c:90:fe:85:d5:23:3d:
         92:67:2c:72:6d:4d:12:51:ad:aa:03:8c:ea:b6:e2:e2:13:a3:
         71:b0:e2:03:91:6f:27:a7:6a:f6:f8:49:90:38:68:bb:26:3d:
         cf:fe:78:13:1c:a1:03:38:13:2a:4a:88:16:bd:83:80:c7:19:
         61:0b:d9:e1:bb:91:ad:15:32:1b:23:f9:65:57:13:35:54:60:
         29:78:2a:cd:3f:7f:59:5b:2e:1c:1e:86:55:2f:ae:ce:29:84:
         fa:d0:85:dd:d0:e1:c1:ec:5a:5c:8b:b2:70:e9:c7:30:5b:23:
         dd:de:5e:50:fe:4c:ed:44:a1:67:99:0c:a9:57:03:4e:4c:da:
         f2:56:36:2d:d2:da:5f:49:0f:a5:1d:bd:19:73:ed:9a:03:52:
         65:70:65:90:33:d0:ee:ff:69:e8:6b:03:cd:86:5b:9f:a5:12:
         00:e6:5e:61:16:f8:eb:76:03:82:00:c6:6c:69:7a:b8:36:69:
         52:1e:a0:8f:c4:5f:72:d3:9a:83:e2:53:d9:6e:1b:87:4e:aa:
         d5:29:26:0a:bb:21:7d:d4:61:ad:fe:d8:91:a5:96:76:68:29:
         1e:d9:af:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpCnRG1/UcU4Mc0CreFqhD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3M2E4OGM1NzgxNjY5ODg1MDZlMTM2NDJhZGIxMmY2MzFl
MGEzYzIwHhcNMjMwODI5MTg0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2VjMDAwODg0ZDI2ZTUzOGExYzk2ZDJjNWZjODE0MzZhZWY3MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5GdwJWQoDmAJXSMbR4EbCpnm86c
7ECJSTnvBShzUHwOx3mxEqiyZma11di/aC5WJEg3G1JoVcUcQE9Dp0pOBJjSeym5
8dleHBcSqSEzzdiMgr+x815OQM70EhUTRY+wrgB7YP2DHvFMIxm+0hQ0Ubem8wrI
x3xvDRzQLpYYAsV68a7tGOH0EJ4TDGu7ixucLU9vR96qQQxX+xND+FQkawqQxlG0
2NHrT6eHLlf8LRdEFM/nhdblFbxO4tegOV3G/8UaDmVRSSM5CvLhP4zFKKTEVI9v
T6p9diOvCLBf2IM+jSEnssbCfDH0Rb8T+TjqkFVNJRHPkcKVdqOGgkKWXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPsAAiE0m5TihyW0sX8gUNq73MVMB8GA1UdIwQY
MBaAFCc6iMV4FmmIUG4TZCrbEvYx4KPCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnpxSXhYZ1dhWWhRYmhOa0t0c1M5akhnbzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85YjRiOTYtMmJkZC00YmY1LWEwMjIt
ZWU3ODk2ZTVjYzk1LzEvMC13QUNJVFNibE9LSEpiU3hmeUJRMnJ2Y3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85YjRiOTYtMmJkZC00YmY1LWEwMjItZWU3ODk2ZTVjYzk1
LzEvSnpxSXhYZ1dhWWhRYmhOa0t0c1M5akhnbzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+rKMA0G
CSqGSIb3DQEBCwUAA4IBAQCsQVt/8aRcm3aZFa6PT+JBR26jFkP7D+oQcF2OhYyQ
/oXVIz2SZyxybU0SUa2qA4zqtuLiE6NxsOIDkW8np2r2+EmQOGi7Jj3P/ngTHKED
OBMqSogWvYOAxxlhC9nhu5GtFTIbI/llVxM1VGApeCrNP39ZWy4cHoZVL67OKYT6
0IXd0OHB7Fpci7Jw6ccwWyPd3l5Q/kztRKFnmQypVwNOTNryVjYt0tpfSQ+lHb0Z
c+2aA1JlcGWQM9Du/2noawPNhlufpRIA5l5hFvjrdgOCAMZsaXq4NmlSHqCPxF9y
05qD4lPZbhuHTqrVKSYKuyF91GGt/tiRpZZ2aCke2a+a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:27 2024 by rpki-client on console-fra.rpki-client.org