Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c4b647-53fa-49ba-9c60-d1301bc05144/1/3RClT-LocSq-JrQhYysT8nrVHyo.roa
File:                     3RClT-LocSq-JrQhYysT8nrVHyo.roa (raw, json)
Hash identifier:          W4MaZjgog6OaT7ftQO2Jd88hrm49zl2mWkE1Ea0ukCQ=
Subject key identifier:   DD:10:A5:4F:E2:E8:71:2A:BE:26:B4:21:63:2B:13:F2:7A:D5:1F:2A
Certificate issuer:       /CN=34f5de738c51a935428efff8800bcf9b267edc14
Certificate serial:       018570708ADECB5F22923BA582C75E2945C1
Authority key identifier: 34:F5:DE:73:8C:51:A9:35:42:8E:FF:F8:80:0B:CF:9B:26:7E:DC:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NPXec4xRqTVCjv_4gAvPmyZ-3BQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/c4b647-53fa-49ba-9c60-d1301bc05144/1/3RClT-LocSq-JrQhYysT8nrVHyo.roa
Signing time:             Mon 02 Jan 2023 03:05:01 +0000
ROA not before:           Mon 02 Jan 2023 03:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57605
IP address blocks:        91.233.110.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:8a:de:cb:5f:22:92:3b:a5:82:c7:5e:29:45:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34f5de738c51a935428efff8800bcf9b267edc14
        Validity
            Not Before: Jan  2 03:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd10a54fe2e8712abe26b421632b13f27ad51f2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:6d:2a:3e:4c:5b:27:8a:bb:3b:9d:44:f6:65:
                    ad:f6:13:a1:7f:94:d9:9b:d8:7f:40:24:ba:f1:25:
                    24:df:58:be:4e:ed:d4:1b:b5:db:f0:3b:2d:f2:17:
                    89:38:2f:c4:0f:ab:62:52:0d:d5:25:7c:05:85:dc:
                    06:87:19:17:4a:aa:2c:a9:64:8c:c1:79:f3:5c:79:
                    dc:c7:a3:ba:84:65:e5:45:78:81:0a:46:bf:7f:4c:
                    5c:af:fa:3f:2f:7d:54:9a:44:bb:cf:8a:3c:d8:9f:
                    67:a0:1e:3c:78:df:e1:4a:4e:30:c8:ca:1f:76:79:
                    90:25:af:83:64:11:a9:4d:96:39:46:35:e5:b6:aa:
                    91:9f:60:34:44:6f:29:cb:74:02:bd:ab:65:c4:14:
                    d9:d5:34:dc:68:1c:60:19:ec:22:bb:25:67:af:87:
                    08:66:0e:22:b6:93:5b:7c:e8:37:b5:13:69:f2:01:
                    36:65:ac:76:65:5d:c2:19:be:32:61:68:57:fc:75:
                    0e:b7:38:96:fb:10:fc:02:f2:ce:34:f8:da:7c:51:
                    f6:61:a6:3a:c3:8b:29:74:d4:4a:43:94:73:c7:fc:
                    b0:61:3c:bd:fc:30:30:ed:70:9a:60:81:85:dd:4c:
                    10:42:eb:be:64:ae:0b:8d:ba:9f:a8:f4:57:d2:20:
                    ac:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:10:A5:4F:E2:E8:71:2A:BE:26:B4:21:63:2B:13:F2:7A:D5:1F:2A
            X509v3 Authority Key Identifier:
                keyid:34:F5:DE:73:8C:51:A9:35:42:8E:FF:F8:80:0B:CF:9B:26:7E:DC:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPXec4xRqTVCjv_4gAvPmyZ-3BQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c4b647-53fa-49ba-9c60-d1301bc05144/1/3RClT-LocSq-JrQhYysT8nrVHyo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c4b647-53fa-49ba-9c60-d1301bc05144/1/NPXec4xRqTVCjv_4gAvPmyZ-3BQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.233.110.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bf:15:a5:f1:71:dc:71:4b:ba:19:c8:26:d0:27:1b:0c:87:41:
         44:ff:7d:68:2f:12:10:72:7b:e7:4f:31:b8:b5:28:2c:fc:fc:
         d0:07:ac:30:e8:bf:75:c7:21:63:54:22:bb:e0:fb:77:ac:aa:
         eb:92:43:94:b3:85:dc:c7:fc:88:d6:ab:07:6e:b8:a3:e0:89:
         24:7d:dc:3f:8e:ae:aa:22:e4:07:43:9f:35:6a:c6:64:78:88:
         60:21:72:e5:4a:63:74:b8:a3:b9:bb:ca:c0:e3:13:80:9f:bc:
         5c:af:7c:73:dd:7d:b7:f8:2e:4c:fc:e9:ac:cd:2b:20:43:e4:
         c6:de:ed:ef:f8:9a:ab:69:07:66:c6:74:41:62:ca:80:be:7d:
         4f:ce:e8:21:de:91:1e:69:17:b5:d1:e1:35:bb:f1:27:aa:76:
         1a:51:61:8f:f5:b8:c3:08:bc:f0:0a:5d:47:f6:ba:d6:5a:ee:
         4b:97:bb:29:a6:2f:d9:e0:4f:86:d3:17:67:f2:7e:15:c2:24:
         df:e3:4c:eb:a1:e0:4e:cf:af:43:5f:14:b2:55:d9:62:a3:98:
         fc:76:e6:24:2f:d8:d8:50:a5:07:3f:25:2d:3b:b5:9f:7c:93:
         88:14:b7:71:73:50:c7:e1:47:33:30:5b:45:38:85:e5:85:34:
         45:7f:54:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcIrey18ikjulgsdeKUXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjVkZTczOGM1MWE5MzU0MjhlZmZmODgwMGJjZjliMjY3
ZWRjMTQwHhcNMjMwMTAyMDMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDEwYTU0ZmUyZTg3MTJhYmUyNmI0MjE2MzJiMTNmMjdhZDUxZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm0qPkxbJ4q7O51E9mWt9hOhf5TZ
m9h/QCS68SUk31i+Tu3UG7Xb8Dst8heJOC/ED6tiUg3VJXwFhdwGhxkXSqosqWSM
wXnzXHncx6O6hGXlRXiBCka/f0xcr/o/L31UmkS7z4o82J9noB48eN/hSk4wyMof
dnmQJa+DZBGpTZY5RjXltqqRn2A0RG8py3QCvatlxBTZ1TTcaBxgGewiuyVnr4cI
Zg4itpNbfOg3tRNp8gE2Zax2ZV3CGb4yYWhX/HUOtziW+xD8AvLONPjafFH2YaY6
w4spdNRKQ5Rzx/ywYTy9/DAw7XCaYIGF3UwQQuu+ZK4LjbqfqPRX0iCsAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0QpU/i6HEqvia0IWMrE/J61R8qMB8GA1UdIwQY
MBaAFDT13nOMUak1Qo7/+IALz5smftwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBYZWM0eFJxVFZDanZfNGdBdlBteVotM0JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNGI2NDctNTNmYS00OWJhLTljNjAt
ZDEzMDFiYzA1MTQ0LzEvM1JDbFQtTG9jU3EtSnJRaFl5c1Q4bnJWSHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNGI2NDctNTNmYS00OWJhLTljNjAtZDEzMDFiYzA1MTQ0
LzEvTlBYZWM0eFJxVFZDanZfNGdBdlBteVotM0JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+luMA0G
CSqGSIb3DQEBCwUAA4IBAQC/FaXxcdxxS7oZyCbQJxsMh0FE/31oLxIQcnvnTzG4
tSgs/PzQB6ww6L91xyFjVCK74Pt3rKrrkkOUs4Xcx/yI1qsHbrij4Ikkfdw/jq6q
IuQHQ581asZkeIhgIXLlSmN0uKO5u8rA4xOAn7xcr3xz3X23+C5M/OmszSsgQ+TG
3u3v+JqraQdmxnRBYsqAvn1Pzugh3pEeaRe10eE1u/EnqnYaUWGP9bjDCLzwCl1H
9rrWWu5Ll7sppi/Z4E+G0xdn8n4VwiTf40zroeBOz69DXxSyVdlio5j8duYkL9jY
UKUHPyUtO7WffJOIFLdxc1DH4UczMFtFOIXlhTRFf1Sw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:55 2024 by rpki-client on console-fra.rpki-client.org