Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/001b9f-e4d8-4dac-bf08-7240c36000d7/1/Em51ez_8vnxmvxv0KMwKynWt3o8.roa
File:                     Em51ez_8vnxmvxv0KMwKynWt3o8.roa (raw, json)
Hash identifier:          cN7ABO81pMfWwiecSNYEtdxTg+miUvDQSzwmnwQ3avE=
Subject key identifier:   12:6E:75:7B:3F:FC:BE:7C:66:BF:1B:F4:28:CC:0A:CA:75:AD:DE:8F
Certificate issuer:       /CN=979586035abe23569c2135e320dbd1a255b84034
Certificate serial:       01856E2FC1FF10261B37E0BE234884B2BFE4
Authority key identifier: 97:95:86:03:5A:BE:23:56:9C:21:35:E3:20:DB:D1:A2:55:B8:40:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l5WGA1q-I1acITXjINvRolW4QDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/001b9f-e4d8-4dac-bf08-7240c36000d7/1/Em51ez_8vnxmvxv0KMwKynWt3o8.roa
Signing time:             Sun 01 Jan 2023 16:35:01 +0000
ROA not before:           Sun 01 Jan 2023 16:35:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197470
IP address blocks:        91.220.221.0/24 maxlen: 24
                          46.151.232.0/21 maxlen: 21
                          91.221.170.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:2f:c1:ff:10:26:1b:37:e0:be:23:48:84:b2:bf:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=979586035abe23569c2135e320dbd1a255b84034
        Validity
            Not Before: Jan  1 16:35:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=126e757b3ffcbe7c66bf1bf428cc0aca75adde8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:0b:f1:8e:97:34:58:83:e7:fd:ea:12:ad:66:
                    81:9f:f6:7e:4e:73:75:ab:ea:30:8c:54:5e:7a:b8:
                    6c:36:72:bc:63:9d:10:95:bc:2a:46:ad:df:cf:89:
                    4f:90:72:ef:ef:b0:ed:12:ab:aa:c5:58:db:c6:9a:
                    60:1c:86:f1:a9:bd:40:02:ed:6a:5d:cf:d4:90:9c:
                    01:7d:18:36:74:24:46:e6:79:d5:1d:34:dd:e6:c3:
                    e1:d0:8a:54:68:b2:ec:d5:e2:0c:e0:e3:a5:63:1b:
                    2c:d0:ff:7b:73:3a:dd:51:56:32:96:b3:8f:1c:53:
                    cc:0b:16:f0:bf:82:7a:aa:d9:fc:61:3f:ea:26:a3:
                    84:a1:53:d9:b1:fa:97:e5:c3:51:d2:5b:0d:dd:4b:
                    c0:4f:6e:b9:b8:11:4d:0e:df:ab:c1:66:3d:f6:56:
                    c2:b4:8a:1c:ba:7e:ce:14:de:6a:70:44:9c:1f:f2:
                    7e:d2:f0:78:38:17:19:1f:83:e9:e2:52:15:47:0f:
                    54:0e:9a:86:20:7c:8c:e9:23:a8:17:b8:e6:26:59:
                    12:a2:86:a7:08:c0:ef:19:8f:5b:78:3e:bc:35:48:
                    9e:95:48:30:8d:c8:bb:a8:51:cf:5a:0e:6e:7a:92:
                    87:1c:a3:f4:ea:32:be:69:1a:89:62:56:2b:ef:6a:
                    25:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:6E:75:7B:3F:FC:BE:7C:66:BF:1B:F4:28:CC:0A:CA:75:AD:DE:8F
            X509v3 Authority Key Identifier:
                keyid:97:95:86:03:5A:BE:23:56:9C:21:35:E3:20:DB:D1:A2:55:B8:40:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5WGA1q-I1acITXjINvRolW4QDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/001b9f-e4d8-4dac-bf08-7240c36000d7/1/Em51ez_8vnxmvxv0KMwKynWt3o8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/001b9f-e4d8-4dac-bf08-7240c36000d7/1/l5WGA1q-I1acITXjINvRolW4QDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.151.232.0/21
                  91.220.221.0/24
                  91.221.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:86:41:50:93:72:06:48:f2:c7:f5:63:64:fa:7d:b0:cb:51:
         50:56:6c:f5:72:2d:ed:c0:cf:21:8f:64:b4:2e:f8:c4:41:de:
         3a:f5:f0:1f:fc:d5:74:7c:bf:4a:0c:23:d4:2d:de:4f:69:d4:
         df:29:7c:bf:fa:52:96:7d:28:7d:5b:b0:93:a7:e3:8a:93:43:
         14:62:79:c1:ba:b6:61:73:98:d5:15:08:5d:9a:ec:70:7f:1f:
         d2:ce:b1:56:36:1f:03:36:04:94:85:f7:a9:89:98:41:1c:ca:
         3c:ec:ef:ce:ab:99:36:28:64:ac:d1:ec:df:ae:16:1f:1d:70:
         93:23:b5:53:f3:cd:f8:dc:43:5b:d3:0c:8c:4a:cc:73:3b:88:
         3c:47:c3:ef:18:0a:db:85:f6:6b:65:85:98:84:d7:b8:74:b9:
         12:f4:c6:94:69:e7:74:24:5e:f1:e3:cd:db:95:4b:73:8c:fa:
         bb:c4:3b:96:c6:39:a6:19:6e:88:01:e4:66:d9:10:d5:80:82:
         27:0d:fb:da:9d:be:51:9b:21:3f:95:03:1a:cc:49:52:8c:b1:
         bc:8c:07:c6:d1:de:73:18:39:cf:6d:0b:70:dd:77:dd:78:8c:
         5d:97:b9:7d:17:71:a4:65:37:54:e2:e5:74:8c:01:61:bf:5f:
         5d:0e:73:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuL8H/ECYbN+C+I0iEsr/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTU4NjAzNWFiZTIzNTY5YzIxMzVlMzIwZGJkMWEyNTVi
ODQwMzQwHhcNMjMwMTAxMTYzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjZlNzU3YjNmZmNiZTdjNjZiZjFiZjQyOGNjMGFjYTc1YWRkZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAvxjpc0WIPn/eoSrWaBn/Z+TnN1
q+owjFReerhsNnK8Y50QlbwqRq3fz4lPkHLv77DtEquqxVjbxppgHIbxqb1AAu1q
Xc/UkJwBfRg2dCRG5nnVHTTd5sPh0IpUaLLs1eIM4OOlYxss0P97czrdUVYylrOP
HFPMCxbwv4J6qtn8YT/qJqOEoVPZsfqX5cNR0lsN3UvAT265uBFNDt+rwWY99lbC
tIocun7OFN5qcEScH/J+0vB4OBcZH4Pp4lIVRw9UDpqGIHyM6SOoF7jmJlkSooan
CMDvGY9beD68NUielUgwjci7qFHPWg5uepKHHKP06jK+aRqJYlYr72olwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBJudXs//L58Zr8b9CjMCsp1rd6PMB8GA1UdIwQY
MBaAFJeVhgNaviNWnCE14yDb0aJVuEA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVXR0ExcS1JMWFjSVRYaklOdlJvbFc0UURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wMDFiOWYtZTRkOC00ZGFjLWJmMDgt
NzI0MGMzNjAwMGQ3LzEvRW01MWV6Xzh2bnhtdnh2MEtNd0t5bld0M284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wMDFiOWYtZTRkOC00ZGFjLWJmMDgtNzI0MGMzNjAwMGQ3
LzEvbDVXR0ExcS1JMWFjSVRYaklOdlJvbFc0UURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLpfoAwQA
W9zdAwQBW92qMA0GCSqGSIb3DQEBCwUAA4IBAQAGhkFQk3IGSPLH9WNk+n2wy1FQ
Vmz1ci3twM8hj2S0LvjEQd469fAf/NV0fL9KDCPULd5PadTfKXy/+lKWfSh9W7CT
p+OKk0MUYnnBurZhc5jVFQhdmuxwfx/SzrFWNh8DNgSUhfepiZhBHMo87O/Oq5k2
KGSs0ezfrhYfHXCTI7VT88343ENb0wyMSsxzO4g8R8PvGArbhfZrZYWYhNe4dLkS
9MaUaed0JF7x483blUtzjPq7xDuWxjmmGW6IAeRm2RDVgIInDfvanb5RmyE/lQMa
zElSjLG8jAfG0d5zGDnPbQtw3XfdeIxdl7l9F3GkZTdU4uV0jAFhv19dDnMw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:40 2024 by rpki-client on console-ams.rpki-client.org