Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/1-OBAMB4nedlXhYuQiFH0tJnVYsU.roa
File:                     1-OBAMB4nedlXhYuQiFH0tJnVYsU.roa (raw, json)
Hash identifier:          aVMEhTl5ZdA6TDtAErTOnHDwC8aMcmJkjXhW6K4USrQ=
Subject key identifier:   F8:E0:40:30:1E:27:79:D9:57:85:8B:90:88:51:F4:B4:99:D5:62:C5
Certificate issuer:       /CN=a8305c6e58294ad0ed5162fa8429da5165653930
Certificate serial:       01857139DBB749D79FC23817D531FF59FCF2
Authority key identifier: A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/1-OBAMB4nedlXhYuQiFH0tJnVYsU.roa
Signing time:             Mon 02 Jan 2023 06:44:55 +0000
ROA not before:           Mon 02 Jan 2023 06:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34182
IP address blocks:        91.238.144.0/24 maxlen: 24
                          2001:67c:938::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:db:b7:49:d7:9f:c2:38:17:d5:31:ff:59:fc:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8305c6e58294ad0ed5162fa8429da5165653930
        Validity
            Not Before: Jan  2 06:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8e040301e2779d957858b908851f4b499d562c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:e9:16:1f:c0:2e:9e:93:38:b7:33:b6:ac:21:
                    f2:0e:4a:a1:9e:2e:c0:2e:65:50:41:22:0d:37:26:
                    ef:a6:1f:9a:ec:e5:ab:be:c1:6a:53:6b:19:7b:3c:
                    5f:e6:bf:22:51:18:9c:57:3a:30:ec:ed:75:e5:3d:
                    cd:fb:62:dd:d6:7f:98:0e:26:7d:81:c5:e3:4c:69:
                    14:67:ef:6d:1a:04:24:92:68:d1:6e:a1:3e:23:aa:
                    c7:37:50:84:32:c1:04:3e:ab:ee:ce:3c:72:5e:f7:
                    85:93:c2:7f:b0:24:98:51:cd:c6:6e:a2:9a:4b:f2:
                    52:85:ce:1b:2b:98:fa:ce:b1:0e:ac:1e:e6:f8:36:
                    57:40:2b:bb:ca:61:9a:90:29:68:75:f5:13:9b:6b:
                    60:89:df:6c:66:c6:1b:2e:98:85:aa:de:97:4c:78:
                    e2:5f:80:03:b0:c5:34:37:bb:6c:fd:8a:3b:b1:14:
                    f7:f6:d9:3a:3c:e6:8c:b5:f4:76:54:2d:48:4f:50:
                    8e:9f:70:72:52:f5:ae:33:bd:86:41:27:93:db:ea:
                    a7:fb:ee:2e:54:8b:fb:cc:c5:51:04:97:05:69:bf:
                    1b:d7:a2:8f:37:f6:c5:67:a7:82:d4:cd:35:68:85:
                    7b:3c:16:a9:81:a9:06:37:d2:b5:17:2c:f9:66:c7:
                    a3:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:E0:40:30:1E:27:79:D9:57:85:8B:90:88:51:F4:B4:99:D5:62:C5
            X509v3 Authority Key Identifier:
                keyid:A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/1-OBAMB4nedlXhYuQiFH0tJnVYsU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/qDBcblgpStDtUWL6hCnaUWVlOTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.238.144.0/24
                IPv6:
                  2001:67c:938::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:0b:81:9e:ce:0c:33:eb:77:8c:bc:e9:6a:d3:26:82:38:ea:
         d3:2f:a5:2d:65:22:7f:05:6c:3d:ee:f9:05:87:c2:81:83:da:
         68:5f:ff:e3:51:6f:70:ce:89:7b:0d:c4:f2:7f:95:16:51:c7:
         ed:c2:8e:b6:0a:54:33:d4:cb:1c:d7:3d:ac:65:e3:7f:2e:a4:
         68:eb:50:3c:d8:b6:6a:0b:bc:74:d7:cf:72:38:0d:c2:7f:16:
         5f:85:7a:da:60:71:51:cc:80:b6:7d:69:04:ae:96:f8:84:5b:
         5a:6f:95:be:e4:13:36:cc:05:2b:74:73:60:85:62:95:49:fd:
         ba:73:53:fc:e8:5b:b5:16:8c:15:d4:97:31:ea:37:44:08:47:
         2a:b8:eb:70:46:1d:53:07:f4:fd:aa:d9:74:ff:13:51:c2:6d:
         fb:f1:22:5d:54:5a:02:b7:17:cd:ec:05:54:18:f7:94:c2:52:
         07:ae:35:19:aa:04:03:d5:1b:79:81:6c:11:fd:26:0f:3f:9d:
         b2:df:da:3f:48:b0:3b:84:5a:2f:b2:09:1d:3b:f1:a8:da:6c:
         fc:63:b3:4a:51:72:25:15:dd:a1:8b:4d:30:7b:85:4c:1c:e0:
         15:7e:45:e5:af:79:15:63:8d:13:c2:ba:6e:a6:b4:55:56:40:
         7e:cc:69:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxOdu3SdefwjgX1TH/WfzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MzA1YzZlNTgyOTRhZDBlZDUxNjJmYTg0MjlkYTUxNjU2
NTM5MzAwHhcNMjMwMTAyMDY0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUwNDAzMDFlMjc3OWQ5NTc4NThiOTA4ODUxZjRiNDk5ZDU2MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOkWH8AunpM4tzO2rCHyDkqhni7A
LmVQQSINNybvph+a7OWrvsFqU2sZezxf5r8iURicVzow7O115T3N+2Ld1n+YDiZ9
gcXjTGkUZ+9tGgQkkmjRbqE+I6rHN1CEMsEEPqvuzjxyXveFk8J/sCSYUc3GbqKa
S/JShc4bK5j6zrEOrB7m+DZXQCu7ymGakClodfUTm2tgid9sZsYbLpiFqt6XTHji
X4ADsMU0N7ts/Yo7sRT39tk6POaMtfR2VC1IT1COn3ByUvWuM72GQSeT2+qn++4u
VIv7zMVRBJcFab8b16KPN/bFZ6eC1M01aIV7PBapgakGN9K1Fyz5ZsejLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPjgQDAeJ3nZV4WLkIhR9LSZ1WLFMB8GA1UdIwQY
MBaAFKgwXG5YKUrQ7VFi+oQp2lFlZTkwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcURCY2JsZ3BTdER0VVdMNmhDbmFVV1ZsT1RBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80YzE1ZDktNzllNi00NTJmLWFhMzIt
MDJkYjhiNzdkMDg3LzEvMS1PQkFNQjRuZWRsWGhZdVFpRkgwdEpuVllzVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzEvNGMxNWQ5LTc5ZTYtNDUyZi1hYTMyLTAyZGI4Yjc3ZDA4
Ny8xL3FEQmNibGdwU3REdFVXTDZoQ25hVVdWbE9UQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvukDAP
BAIAAjAJAwcAIAEGfAk4MA0GCSqGSIb3DQEBCwUAA4IBAQBsC4Gezgwz63eMvOlq
0yaCOOrTL6UtZSJ/BWw97vkFh8KBg9poX//jUW9wzol7DcTyf5UWUcftwo62ClQz
1Msc1z2sZeN/LqRo61A82LZqC7x0189yOA3CfxZfhXraYHFRzIC2fWkErpb4hFta
b5W+5BM2zAUrdHNghWKVSf26c1P86Fu1FowV1Jcx6jdECEcquOtwRh1TB/T9qtl0
/xNRwm378SJdVFoCtxfN7AVUGPeUwlIHrjUZqgQD1Rt5gWwR/SYPP52y39o/SLA7
hFovsgkdO/Go2mz8Y7NKUXIlFd2hi00we4VMHOAVfkXlr3kVY40TwrpuprRVVkB+
zGmp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:43 2024 by rpki-client on console-fra.rpki-client.org