Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/1MhIH147BWHbIwCLRhEYBQBzosI.roa
File:                     1MhIH147BWHbIwCLRhEYBQBzosI.roa (raw, json)
Hash identifier:          qwAR/uSNBOLK0wpCEbXyC+AeV7XSnXhELpD4fa2Mab0=
Subject key identifier:   D4:C8:48:1F:5E:3B:05:61:DB:23:00:8B:46:11:18:05:00:73:A2:C2
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       01880E9202C686A989A09BB25ADC9C75B0C7
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/1MhIH147BWHbIwCLRhEYBQBzosI.roa
Signing time:             Fri 12 May 2023 06:07:09 +0000
ROA not before:           Fri 12 May 2023 06:07:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211975
IP address blocks:        91.208.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 05 Sep 2023 12:57:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0e:92:02:c6:86:a9:89:a0:9b:b2:5a:dc:9c:75:b0:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: May 12 06:07:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4c8481f5e3b0561db23008b461118050073a2c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:03:a7:fa:ca:93:1d:f4:35:1b:c1:cf:89:de:
                    f9:86:b2:b3:5b:7c:09:33:1f:d6:ca:5a:46:5a:be:
                    fd:32:00:e6:2b:0e:0e:18:3c:ff:2a:f1:67:ea:d7:
                    e1:ba:35:2c:5f:52:43:08:d6:8e:b1:f9:2e:32:2c:
                    3a:9c:58:62:20:8c:6a:92:8c:14:b2:4c:67:f8:20:
                    70:70:a9:dc:de:4e:0f:fa:bf:13:db:16:ba:2a:55:
                    fc:7a:d0:91:14:40:10:ce:42:da:63:8e:9a:4d:38:
                    a8:57:25:da:58:9b:78:7d:b9:61:c5:07:06:2d:d8:
                    03:8e:0e:87:ef:2c:c5:8c:ab:f7:58:c5:ce:8e:07:
                    72:6c:19:6e:89:77:15:bf:7f:62:75:b2:89:96:a9:
                    77:5e:8f:34:74:c1:bc:08:fd:8b:cf:72:6c:0b:00:
                    27:99:f2:35:4a:20:a6:24:b6:c4:21:e8:77:4b:33:
                    e8:65:86:98:e4:cc:69:47:65:ca:b1:ae:a5:f2:e1:
                    2d:f9:2e:f7:19:91:a1:07:88:9b:24:6a:9c:a5:c5:
                    2c:29:4b:1b:e6:94:16:72:a1:0c:56:0a:ef:15:a8:
                    c2:c7:4e:f6:da:60:54:42:ff:ff:4c:e5:da:d3:81:
                    30:6f:e0:aa:6e:a1:29:3e:de:60:5b:cb:65:e0:87:
                    e1:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:C8:48:1F:5E:3B:05:61:DB:23:00:8B:46:11:18:05:00:73:A2:C2
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/1MhIH147BWHbIwCLRhEYBQBzosI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:dc:b4:bc:83:01:f8:6c:6f:6f:bb:e6:32:5e:3b:0d:87:d9:
         f3:c3:48:aa:bb:7c:20:88:cc:11:fe:5d:13:75:db:9c:17:99:
         cb:d6:ce:a7:13:b0:8f:9d:7b:39:09:f5:a4:21:24:d2:71:1e:
         86:f6:5d:54:84:c7:42:14:c8:8a:42:7c:f1:bd:8b:52:8c:4b:
         c5:33:fd:04:88:13:4d:5f:b6:9b:0d:3a:db:f2:5f:a9:fc:5c:
         b7:04:fb:f2:56:2f:1d:ca:76:b0:e1:8a:f8:78:d6:80:4e:20:
         8d:b5:fe:72:1b:d9:6a:dc:70:8e:70:45:1c:38:a2:2e:8e:e8:
         c5:72:65:e1:0f:20:87:76:e2:a8:28:5f:cf:cd:f4:ee:6b:c0:
         a7:de:da:58:ba:e3:57:a7:f5:3b:54:1e:e0:cb:ea:7e:82:90:
         c4:e9:5a:dc:66:5c:58:b2:32:44:13:b1:65:4e:5b:31:38:57:
         fb:1c:6e:e9:67:ce:d9:e8:17:af:dc:62:3e:64:b9:bd:18:ba:
         0f:8e:1d:f5:05:bd:69:04:18:e7:a6:5b:4d:b0:e0:a5:18:30:
         f1:9a:ff:fc:4a:f0:4e:58:48:9c:44:fc:5c:4c:28:be:52:c6:
         e7:be:b1:fc:58:97:e4:44:61:51:b8:8a:60:1c:80:0d:21:3b:
         80:24:20:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgOkgLGhqmJoJuyWtycdbDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNTEyMDYwNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGM4NDgxZjVlM2IwNTYxZGIyMzAwOGI0NjExMTgwNTAwNzNhMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggOn+sqTHfQ1G8HPid75hrKzW3wJ
Mx/WylpGWr79MgDmKw4OGDz/KvFn6tfhujUsX1JDCNaOsfkuMiw6nFhiIIxqkowU
skxn+CBwcKnc3k4P+r8T2xa6KlX8etCRFEAQzkLaY46aTTioVyXaWJt4fblhxQcG
LdgDjg6H7yzFjKv3WMXOjgdybBluiXcVv39idbKJlql3Xo80dMG8CP2Lz3JsCwAn
mfI1SiCmJLbEIeh3SzPoZYaY5MxpR2XKsa6l8uEt+S73GZGhB4ibJGqcpcUsKUsb
5pQWcqEMVgrvFajCx0722mBUQv//TOXa04Ewb+CqbqEpPt5gW8tl4IfhBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTISB9eOwVh2yMAi0YRGAUAc6LCMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvMU1oSUgxNDdCV0hiSXdDTFJoRVlCUUJ6b3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BJMA0G
CSqGSIb3DQEBCwUAA4IBAQCA3LS8gwH4bG9vu+YyXjsNh9nzw0iqu3wgiMwR/l0T
dducF5nL1s6nE7CPnXs5CfWkISTScR6G9l1UhMdCFMiKQnzxvYtSjEvFM/0EiBNN
X7abDTrb8l+p/Fy3BPvyVi8dynaw4Yr4eNaATiCNtf5yG9lq3HCOcEUcOKIujujF
cmXhDyCHduKoKF/PzfTua8Cn3tpYuuNXp/U7VB7gy+p+gpDE6VrcZlxYsjJEE7Fl
TlsxOFf7HG7pZ87Z6Bev3GI+ZLm9GLoPjh31Bb1pBBjnpltNsOClGDDxmv/8SvBO
WEicRPxcTCi+UsbnvrH8WJfkRGFRuIpgHIANITuAJCB2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org