Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/KFjR1aBvQO6lGl2mQtujW4hshew.roa
File:                     KFjR1aBvQO6lGl2mQtujW4hshew.roa (raw, json)
Hash identifier:          YOM/CMwM4b8WBAbje8MHmo826vvfSOkl7MmYR7VrBIs=
Subject key identifier:   28:58:D1:D5:A0:6F:40:EE:A5:1A:5D:A6:42:DB:A3:5B:88:6C:85:EC
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       01856D9D35C93A925F95FED00C71E7B1D571
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/KFjR1aBvQO6lGl2mQtujW4hshew.roa
Signing time:             Sun 01 Jan 2023 13:54:57 +0000
ROA not before:           Sun 01 Jan 2023 13:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        91.213.174.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 May 2023 05:56:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:9d:35:c9:3a:92:5f:95:fe:d0:0c:71:e7:b1:d5:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: Jan  1 13:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2858d1d5a06f40eea51a5da642dba35b886c85ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7d:0e:40:49:07:f5:7e:ce:43:98:56:ce:59:
                    83:a8:4a:04:5b:b2:ad:bc:1c:50:b3:fb:83:d4:f6:
                    dd:c1:14:14:ef:cb:e5:52:d8:7c:13:6f:d3:42:ff:
                    1b:09:c9:2e:ab:6d:cb:16:95:d6:1f:c7:a4:ec:8b:
                    bc:b4:90:a3:43:8b:1a:f4:1d:7d:e6:10:eb:ac:cb:
                    c7:cc:1d:b4:c8:e0:23:05:25:f2:5d:92:84:83:46:
                    90:f1:77:10:23:d6:98:25:f5:c1:dc:bb:ba:3c:66:
                    18:4a:1e:31:7f:1f:2c:b3:5a:cc:4e:ae:41:4e:c0:
                    8d:a7:0e:b0:ce:5d:01:13:bd:64:18:de:35:ff:6f:
                    c6:09:17:7b:e4:53:8b:c8:48:f5:54:36:32:87:31:
                    99:19:41:69:2f:40:2c:da:a9:d5:5d:38:dc:41:97:
                    ac:4d:73:e4:59:d9:1b:36:73:f5:84:b9:9f:d1:5b:
                    86:f8:83:1a:85:3b:55:55:00:df:e0:92:2a:39:ad:
                    fd:c1:f4:bb:0d:e5:8f:0b:02:51:08:44:a1:f3:f4:
                    e4:b0:65:e9:12:9e:4a:fa:fa:28:5f:57:26:a3:7a:
                    15:1c:c9:cb:d9:b7:18:47:e0:9f:69:ca:3c:36:c3:
                    4b:8f:2e:fd:db:f0:4d:c1:eb:70:15:2e:2c:fa:9a:
                    e2:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:58:D1:D5:A0:6F:40:EE:A5:1A:5D:A6:42:DB:A3:5B:88:6C:85:EC
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/KFjR1aBvQO6lGl2mQtujW4hshew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:36:b9:8d:2f:10:43:d7:00:fe:09:66:24:16:92:2f:d6:2a:
         7c:6d:87:92:65:50:5a:c6:95:f3:d2:a6:03:8e:64:e1:ec:5c:
         53:79:7c:ce:86:cc:1b:18:57:8a:dd:d7:7d:a7:c7:48:a4:6b:
         99:f7:d0:7e:8f:6c:9c:cf:1f:63:5a:7d:28:c0:28:5d:d0:ee:
         de:2e:25:3a:14:8a:c6:83:be:97:ca:5e:45:53:3c:3c:ea:4a:
         80:b2:17:2e:8b:50:e9:34:7f:86:1a:5f:38:43:51:27:e4:96:
         92:ed:b5:d0:c3:47:0a:52:3a:89:24:33:46:ae:75:46:ea:77:
         37:73:e4:9b:03:5f:40:b4:4f:b4:58:1f:05:d3:86:64:ed:6e:
         5e:84:e9:e3:3c:53:e3:88:84:1c:fc:a9:0a:20:ec:fc:54:bf:
         3f:aa:f2:4f:2d:a6:a0:51:c1:e8:1d:20:6a:5c:bc:a8:d3:87:
         20:67:de:82:c2:a4:18:8c:8d:90:65:46:66:ae:ec:e0:c2:f5:
         31:84:71:d2:9c:e2:aa:01:65:e7:ee:ee:f9:45:06:1b:9e:d0:
         ad:15:e0:58:96:2c:82:23:34:d7:6c:aa:f5:6d:c6:f4:c1:99:
         13:9c:ce:70:e5:51:08:5c:1a:e1:88:cb:36:c9:36:78:61:21:
         fa:af:b7:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnTXJOpJflf7QDHHnsdVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwMTAxMTM1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODU4ZDFkNWEwNmY0MGVlYTUxYTVkYTY0MmRiYTM1Yjg4NmM4NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH0OQEkH9X7OQ5hWzlmDqEoEW7Kt
vBxQs/uD1PbdwRQU78vlUth8E2/TQv8bCckuq23LFpXWH8ek7Iu8tJCjQ4sa9B19
5hDrrMvHzB20yOAjBSXyXZKEg0aQ8XcQI9aYJfXB3Lu6PGYYSh4xfx8ss1rMTq5B
TsCNpw6wzl0BE71kGN41/2/GCRd75FOLyEj1VDYyhzGZGUFpL0As2qnVXTjcQZes
TXPkWdkbNnP1hLmf0VuG+IMahTtVVQDf4JIqOa39wfS7DeWPCwJRCESh8/TksGXp
Ep5K+vooX1cmo3oVHMnL2bcYR+Cfaco8NsNLjy792/BNwetwFS4s+pri8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChY0dWgb0DupRpdpkLbo1uIbIXsMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvS0ZqUjFhQnZRTzZsR2wybVF0dWpXNGhzaGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9WuMA0G
CSqGSIb3DQEBCwUAA4IBAQBqNrmNLxBD1wD+CWYkFpIv1ip8bYeSZVBaxpXz0qYD
jmTh7FxTeXzOhswbGFeK3dd9p8dIpGuZ99B+j2yczx9jWn0owChd0O7eLiU6FIrG
g76Xyl5FUzw86kqAshcui1DpNH+GGl84Q1En5JaS7bXQw0cKUjqJJDNGrnVG6nc3
c+SbA19AtE+0WB8F04Zk7W5ehOnjPFPjiIQc/KkKIOz8VL8/qvJPLaagUcHoHSBq
XLyo04cgZ96CwqQYjI2QZUZmruzgwvUxhHHSnOKqAWXn7u75RQYbntCtFeBYliyC
IzTXbKr1bcb0wZkTnM5w5VEIXBrhiMs2yTZ4YSH6r7fh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org