Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3a094c-ff8e-4b44-81f0-94c7601aefda/1/MJk5vn5F1hiPJRsy1r6V3Ia8pZI.roa
File:                     MJk5vn5F1hiPJRsy1r6V3Ia8pZI.roa (raw, json)
Hash identifier:          85mqGXfvuSByCr00Zh2V+UTKjWWogpNKYrVRzrxPJc0=
Subject key identifier:   30:99:39:BE:7E:45:D6:18:8F:25:1B:32:D6:BE:95:DC:86:BC:A5:92
Certificate issuer:       /CN=19139575c401283fff536137b0e83e5415fe18d0
Certificate serial:       01856F94A31A8B41ABBE05B859660E796DEC
Authority key identifier: 19:13:95:75:C4:01:28:3F:FF:53:61:37:B0:E8:3E:54:15:FE:18:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GROVdcQBKD__U2E3sOg-VBX-GNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/3a094c-ff8e-4b44-81f0-94c7601aefda/1/MJk5vn5F1hiPJRsy1r6V3Ia8pZI.roa
Signing time:             Sun 01 Jan 2023 23:04:49 +0000
ROA not before:           Sun 01 Jan 2023 23:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44201
IP address blocks:        91.209.146.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:a3:1a:8b:41:ab:be:05:b8:59:66:0e:79:6d:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19139575c401283fff536137b0e83e5415fe18d0
        Validity
            Not Before: Jan  1 23:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=309939be7e45d6188f251b32d6be95dc86bca592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:6f:87:c6:8d:23:1b:45:e9:33:e4:d2:21:01:
                    7e:63:a7:c9:54:43:3e:0b:76:e6:58:d0:55:42:2b:
                    d7:f6:86:d3:51:ca:0a:ed:3d:86:75:c8:2d:6f:e4:
                    0f:0c:95:cb:1a:28:bb:5b:2c:c3:72:1b:55:84:97:
                    f9:fa:07:7f:1a:d0:7e:8a:5d:5e:9e:91:32:c6:c0:
                    2f:43:fb:28:81:9b:2e:29:b5:19:e4:a5:ac:a2:b9:
                    f6:72:46:78:f7:04:35:4a:d3:6e:82:db:0a:01:c2:
                    65:fc:21:93:eb:91:d0:f8:3d:0e:04:96:eb:3b:57:
                    a8:1c:d5:2d:13:b5:9c:1e:d8:d1:94:b0:ab:58:e5:
                    3c:aa:43:8b:40:bf:f2:00:5d:25:af:e1:52:7e:02:
                    85:6e:eb:29:da:8f:b7:a7:7a:dc:92:13:8c:b3:b7:
                    d1:39:9b:7a:fa:29:fc:ed:37:fb:83:de:e7:a4:a4:
                    61:0d:ca:37:c5:bc:21:b8:78:2a:12:41:5e:63:f7:
                    28:7c:1c:2c:fa:f7:40:76:bb:93:1d:0d:28:bf:d3:
                    a2:f7:7e:a9:25:e6:56:8a:c6:6f:9d:b2:38:91:ba:
                    b1:e9:77:0d:11:fc:b0:d6:f5:46:04:4e:9a:6a:2c:
                    03:fe:49:43:1c:26:6a:91:76:4f:de:ec:80:b4:88:
                    97:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:99:39:BE:7E:45:D6:18:8F:25:1B:32:D6:BE:95:DC:86:BC:A5:92
            X509v3 Authority Key Identifier:
                keyid:19:13:95:75:C4:01:28:3F:FF:53:61:37:B0:E8:3E:54:15:FE:18:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GROVdcQBKD__U2E3sOg-VBX-GNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3a094c-ff8e-4b44-81f0-94c7601aefda/1/MJk5vn5F1hiPJRsy1r6V3Ia8pZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3a094c-ff8e-4b44-81f0-94c7601aefda/1/GROVdcQBKD__U2E3sOg-VBX-GNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:95:5d:1d:0c:da:11:ef:5f:60:b2:c5:1a:1d:3e:6a:eb:9c:
         9b:70:22:21:91:d4:14:19:83:ad:a3:21:16:c1:58:58:29:40:
         09:d0:cd:8f:fe:0b:95:5e:8c:22:61:ad:6b:26:1b:af:92:c4:
         65:49:ee:57:be:48:6d:24:a7:0c:c0:c7:95:27:ec:d2:0e:07:
         2c:e4:f0:c4:8c:e8:39:da:a6:7b:d3:95:4e:02:dd:ed:16:bb:
         46:f2:30:44:e8:3b:03:40:54:1c:16:28:22:74:1f:31:47:35:
         9f:b0:3f:2a:49:22:ed:81:65:a0:5d:ff:40:4a:ca:a6:cd:e5:
         8c:a5:44:00:5d:50:e8:0f:28:64:2e:27:7e:5e:c1:fc:99:6b:
         13:1f:3b:4f:94:50:15:be:b5:6a:cb:4e:25:7f:79:9e:eb:e0:
         d5:2e:88:80:a8:6c:60:3e:8f:62:36:fb:42:8a:88:22:72:a3:
         72:1d:73:7f:dc:b5:9a:c3:e8:6c:9d:4f:90:f9:4f:bc:bf:8a:
         b4:0b:15:25:31:ff:44:13:06:08:22:e0:7b:81:e1:a5:a7:4c:
         b9:a0:53:f1:4f:d0:de:3c:0c:5f:12:69:5c:df:4a:2a:2d:c3:
         ba:4a:af:03:90:f4:ea:1f:1d:73:7a:5d:05:ed:bc:06:e0:6f:
         3a:c5:31:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlKMai0GrvgW4WWYOeW3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTM5NTc1YzQwMTI4M2ZmZjUzNjEzN2IwZTgzZTU0MTVm
ZTE4ZDAwHhcNMjMwMTAxMjMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk5MzliZTdlNDVkNjE4OGYyNTFiMzJkNmJlOTVkYzg2YmNhNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm+Hxo0jG0XpM+TSIQF+Y6fJVEM+
C3bmWNBVQivX9obTUcoK7T2Gdcgtb+QPDJXLGii7WyzDchtVhJf5+gd/GtB+il1e
npEyxsAvQ/sogZsuKbUZ5KWsorn2ckZ49wQ1StNugtsKAcJl/CGT65HQ+D0OBJbr
O1eoHNUtE7WcHtjRlLCrWOU8qkOLQL/yAF0lr+FSfgKFbusp2o+3p3rckhOMs7fR
OZt6+in87Tf7g97npKRhDco3xbwhuHgqEkFeY/cofBws+vdAdruTHQ0ov9Oi936p
JeZWisZvnbI4kbqx6XcNEfyw1vVGBE6aaiwD/klDHCZqkXZP3uyAtIiXAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCZOb5+RdYYjyUbMta+ldyGvKWSMB8GA1UdIwQY
MBaAFBkTlXXEASg//1NhN7DoPlQV/hjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JPVmRjUUJLRF9fVTJFM3NPZy1WQlgtR05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zYTA5NGMtZmY4ZS00YjQ0LTgxZjAt
OTRjNzYwMWFlZmRhLzEvTUprNXZuNUYxaGlQSlJzeTFyNlYzSWE4cFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zYTA5NGMtZmY4ZS00YjQ0LTgxZjAtOTRjNzYwMWFlZmRh
LzEvR1JPVmRjUUJLRF9fVTJFM3NPZy1WQlgtR05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GSMA0G
CSqGSIb3DQEBCwUAA4IBAQCIlV0dDNoR719gssUaHT5q65ybcCIhkdQUGYOtoyEW
wVhYKUAJ0M2P/guVXowiYa1rJhuvksRlSe5XvkhtJKcMwMeVJ+zSDgcs5PDEjOg5
2qZ705VOAt3tFrtG8jBE6DsDQFQcFigidB8xRzWfsD8qSSLtgWWgXf9ASsqmzeWM
pUQAXVDoDyhkLid+XsH8mWsTHztPlFAVvrVqy04lf3me6+DVLoiAqGxgPo9iNvtC
iogicqNyHXN/3LWaw+hsnU+Q+U+8v4q0CxUlMf9EEwYIIuB7geGlp0y5oFPxT9De
PAxfEmlc30oqLcO6Sq8DkPTqHx1zel0F7bwG4G86xTE9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:19 2024 by rpki-client on console-fra.rpki-client.org