Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Cdd8g_g2Z-uP1yU73PjvzrlZaN4.roa
File:                     Cdd8g_g2Z-uP1yU73PjvzrlZaN4.roa (raw, json)
Hash identifier:          8/ezB79fciMmozHsZocfDiOTyS7hWUDclqegxs9Syqw=
Subject key identifier:   09:D7:7C:83:F8:36:67:EB:8F:D7:25:3B:DC:F8:EF:CE:B9:59:68:DE
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       0188244E1D7DF07C0B8A27D2B90106FBED57
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Cdd8g_g2Z-uP1yU73PjvzrlZaN4.roa
Signing time:             Tue 16 May 2023 11:24:39 +0000
ROA not before:           Tue 16 May 2023 11:24:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        91.208.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:24:4e:1d:7d:f0:7c:0b:8a:27:d2:b9:01:06:fb:ed:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: May 16 11:24:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=09d77c83f83667eb8fd7253bdcf8efceb95968de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c4:f6:67:fc:a6:2e:63:9c:4c:e9:70:88:bc:
                    21:4f:19:26:8a:e9:f5:cf:7f:5a:5c:23:1f:10:5b:
                    5a:de:f0:81:a5:91:3e:82:a3:e5:b2:41:3c:51:92:
                    54:51:79:74:4c:0f:8b:13:38:73:d7:24:66:9b:a2:
                    91:19:27:8c:e3:5e:59:49:e0:92:66:96:04:43:c2:
                    04:9b:d3:58:c2:e0:5a:ca:ef:4d:09:54:19:fc:d0:
                    d9:48:f6:ac:79:5a:ea:7d:da:52:b5:cc:a8:57:b3:
                    a9:e3:85:c4:d8:c3:4f:0a:d7:72:ac:be:07:a8:df:
                    60:35:ae:f5:bd:b8:ce:3b:17:fe:c5:97:43:ce:52:
                    15:9d:74:ff:62:09:d7:36:cb:13:fe:de:0d:f0:62:
                    8d:b0:05:02:3d:83:4b:6a:ae:31:47:69:20:cb:26:
                    5c:d9:83:1c:24:99:db:c3:18:3f:c6:fb:e9:f5:ef:
                    ee:5a:fa:e2:43:a4:e8:72:ad:b0:c5:11:a1:08:9c:
                    8e:3a:6b:b2:9d:4c:13:ca:52:0f:6d:01:c0:1e:14:
                    3a:03:1f:df:15:88:c0:01:0c:cf:4f:21:c7:42:6b:
                    c2:a7:b1:73:45:d7:52:e6:89:a9:f1:6d:ae:b9:f8:
                    d7:44:01:f0:cf:52:2b:32:f6:e7:4d:fd:91:c9:9f:
                    50:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:D7:7C:83:F8:36:67:EB:8F:D7:25:3B:DC:F8:EF:CE:B9:59:68:DE
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Cdd8g_g2Z-uP1yU73PjvzrlZaN4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:00:30:08:fd:9f:1c:09:0d:e1:4f:93:ca:aa:11:5a:df:a9:
         71:85:4f:af:00:29:8a:ad:4d:67:f7:f7:38:35:e8:a9:e4:fd:
         56:1a:bf:77:06:09:91:cd:74:60:da:ec:23:57:cd:fa:73:5c:
         7c:07:fe:c2:22:81:8c:4a:38:3d:8e:be:49:09:0f:52:c3:45:
         ab:83:c8:79:f0:96:91:ed:46:74:28:f6:36:c0:fb:9d:08:d8:
         ac:7b:9e:51:fc:08:ed:1e:d2:b4:5a:72:ac:40:d0:ea:9d:5c:
         c7:34:4f:9d:76:18:82:c9:02:e7:6b:a8:6d:e4:ac:cb:b1:94:
         bb:df:31:93:f8:59:d7:81:c9:b1:1a:a1:ee:00:75:b9:75:8e:
         a6:4f:9e:7f:c6:32:83:c1:f1:89:ab:b8:20:db:ea:1d:c8:f0:
         5f:52:2c:f9:e4:ec:aa:e6:33:b2:4c:31:bc:e7:14:2f:6c:d1:
         e0:f3:f4:d1:80:03:57:3a:3c:f3:55:f8:0d:8e:cc:ff:1c:d4:
         27:db:23:2a:92:a7:e1:5d:95:a6:d5:3b:09:d7:78:23:c3:d6:
         96:3a:cb:8d:58:08:0a:67:55:f0:a7:6b:cb:4c:70:a9:bc:74:
         ce:11:f1:29:9c:08:95:ae:38:6f:eb:e1:73:28:4b:b6:c4:c4:
         f5:39:c5:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgkTh198HwLiifSuQEG++1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNTE2MTEyNDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ3N2M4M2Y4MzY2N2ViOGZkNzI1M2JkY2Y4ZWZjZWI5NTk2OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsT2Z/ymLmOcTOlwiLwhTxkmiun1
z39aXCMfEFta3vCBpZE+gqPlskE8UZJUUXl0TA+LEzhz1yRmm6KRGSeM415ZSeCS
ZpYEQ8IEm9NYwuBayu9NCVQZ/NDZSPaseVrqfdpStcyoV7Op44XE2MNPCtdyrL4H
qN9gNa71vbjOOxf+xZdDzlIVnXT/YgnXNssT/t4N8GKNsAUCPYNLaq4xR2kgyyZc
2YMcJJnbwxg/xvvp9e/uWvriQ6Tocq2wxRGhCJyOOmuynUwTylIPbQHAHhQ6Ax/f
FYjAAQzPTyHHQmvCp7FzRddS5omp8W2uufjXRAHwz1IrMvbnTf2RyZ9QEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAnXfIP4Nmfrj9clO9z47865WWjeMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvQ2RkOGdfZzJaLXVQMXlVNzNQanZ6cmxaYU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BtMA0G
CSqGSIb3DQEBCwUAA4IBAQBMADAI/Z8cCQ3hT5PKqhFa36lxhU+vACmKrU1n9/c4
Neip5P1WGr93BgmRzXRg2uwjV836c1x8B/7CIoGMSjg9jr5JCQ9Sw0Wrg8h58JaR
7UZ0KPY2wPudCNise55R/AjtHtK0WnKsQNDqnVzHNE+ddhiCyQLna6ht5KzLsZS7
3zGT+FnXgcmxGqHuAHW5dY6mT55/xjKDwfGJq7gg2+odyPBfUiz55Oyq5jOyTDG8
5xQvbNHg8/TRgANXOjzzVfgNjsz/HNQn2yMqkqfhXZWm1TsJ13gjw9aWOsuNWAgK
Z1Xwp2vLTHCpvHTOEfEpnAiVrjhv6+FzKEu2xMT1OcU8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org