Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/alc7TDbd3NxE9miwq0hQfgTAQ44.roa
File:                     alc7TDbd3NxE9miwq0hQfgTAQ44.roa (raw, json)
Hash identifier:          JjBwbjvD964Gy+t74ARaQOND2jO7wnDxyy+v1tSBJ3M=
Subject key identifier:   6A:57:3B:4C:36:DD:DC:DC:44:F6:68:B0:AB:48:50:7E:04:C0:43:8E
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       01856D9D3D4A5A8C8B14FAA1A5DB92C1FEBA
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/alc7TDbd3NxE9miwq0hQfgTAQ44.roa
Signing time:             Sun 01 Jan 2023 13:54:59 +0000
ROA not before:           Sun 01 Jan 2023 13:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211373
IP address blocks:        91.208.69.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 May 2023 05:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:9d:3d:4a:5a:8c:8b:14:fa:a1:a5:db:92:c1:fe:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: Jan  1 13:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a573b4c36dddcdc44f668b0ab48507e04c0438e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:97:be:90:a6:d7:77:3d:b7:c9:5f:23:c6:df:
                    b9:95:16:1c:29:8f:a4:8d:65:97:6d:eb:28:16:b3:
                    83:da:7b:19:7a:10:49:11:b4:8a:8b:8a:e7:5d:5d:
                    bb:12:60:26:de:ed:9c:a7:6f:ca:08:c0:a2:51:e7:
                    41:72:7f:83:60:66:c0:64:70:6e:78:b9:09:23:f9:
                    3b:cc:d3:0e:c3:1c:7e:48:86:e8:8a:4f:3f:01:ea:
                    dd:00:e9:cf:05:8a:58:d9:b9:8e:22:23:99:b9:30:
                    01:7b:58:16:02:92:d8:f9:17:95:38:75:1e:75:a5:
                    8b:d6:59:92:a6:31:86:61:e4:56:52:03:6f:01:8d:
                    2c:4a:93:f8:77:14:ae:f1:ff:c8:bb:5b:43:53:cc:
                    b6:b1:22:fd:ee:ee:a5:c2:39:c3:92:8d:93:16:f6:
                    23:84:47:78:df:40:44:80:68:13:a0:7c:47:43:fd:
                    ce:10:5a:d2:05:c2:88:a5:4b:f7:09:01:e7:9a:68:
                    03:88:1b:b3:e7:1b:83:c6:c4:87:78:4d:f5:86:20:
                    e1:af:9f:1b:5c:c3:31:ce:67:4b:b8:3e:e3:b0:72:
                    75:da:98:73:2d:2e:4c:ed:0a:3f:1d:3a:f1:13:c9:
                    66:66:b7:17:f4:cd:40:87:4e:57:81:dc:bd:cc:b3:
                    c8:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:57:3B:4C:36:DD:DC:DC:44:F6:68:B0:AB:48:50:7E:04:C0:43:8E
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/alc7TDbd3NxE9miwq0hQfgTAQ44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:64:46:26:fa:68:ba:2b:b0:9d:a7:80:bf:fe:93:93:98:7f:
         d9:07:e2:e2:4e:00:01:f0:9e:cf:54:82:d0:e1:e1:80:ed:c2:
         5b:b9:3b:0b:bd:71:d5:e7:38:be:b7:3e:25:be:30:14:72:3b:
         33:bb:27:07:52:14:b9:50:f6:6c:40:86:9b:4a:27:a0:e4:27:
         1f:00:b7:ad:d4:c0:6d:25:2c:23:b8:42:b3:79:39:a7:65:d4:
         3e:7d:b3:87:2a:ec:69:ec:45:00:9a:34:4c:95:f7:de:19:a4:
         c2:59:3f:f0:24:8d:00:e4:6b:33:31:20:7f:d3:67:76:4c:aa:
         7e:9a:35:79:f0:f5:81:4f:cd:ab:54:0a:26:64:ef:bb:64:5d:
         e7:00:7c:91:70:54:da:5a:0c:46:81:25:7f:42:55:0a:e4:e6:
         89:96:1c:ea:75:92:1f:2f:f4:64:01:76:1f:fc:e3:0a:d6:ed:
         33:f6:ff:3a:2b:e7:a7:1e:28:b5:0c:d7:c5:74:0e:b3:5a:30:
         4c:26:8a:6b:b6:ba:93:89:65:1b:5c:82:b6:e2:80:c0:68:1e:
         5d:e0:ea:d0:f7:e0:7f:ac:a9:e4:01:f7:5d:95:e0:57:5c:a9:
         9d:74:41:6f:43:a7:ad:e4:92:a8:8e:0a:1e:64:ee:9c:6f:08:
         fd:4c:92:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnT1KWoyLFPqhpduSwf66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwMTAxMTM1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTU3M2I0YzM2ZGRkY2RjNDRmNjY4YjBhYjQ4NTA3ZTA0YzA0MzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05e+kKbXdz23yV8jxt+5lRYcKY+k
jWWXbesoFrOD2nsZehBJEbSKi4rnXV27EmAm3u2cp2/KCMCiUedBcn+DYGbAZHBu
eLkJI/k7zNMOwxx+SIboik8/AerdAOnPBYpY2bmOIiOZuTABe1gWApLY+ReVOHUe
daWL1lmSpjGGYeRWUgNvAY0sSpP4dxSu8f/Iu1tDU8y2sSL97u6lwjnDko2TFvYj
hEd430BEgGgToHxHQ/3OEFrSBcKIpUv3CQHnmmgDiBuz5xuDxsSHeE31hiDhr58b
XMMxzmdLuD7jsHJ12phzLS5M7Qo/HTrxE8lmZrcX9M1Ah05Xgdy9zLPIUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpXO0w23dzcRPZosKtIUH4EwEOOMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvYWxjN1REYmQzTnhFOW1pd3EwaFFmZ1RBUTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BFMA0G
CSqGSIb3DQEBCwUAA4IBAQAOZEYm+mi6K7Cdp4C//pOTmH/ZB+LiTgAB8J7PVILQ
4eGA7cJbuTsLvXHV5zi+tz4lvjAUcjszuycHUhS5UPZsQIabSieg5CcfALet1MBt
JSwjuEKzeTmnZdQ+fbOHKuxp7EUAmjRMlffeGaTCWT/wJI0A5GszMSB/02d2TKp+
mjV58PWBT82rVAomZO+7ZF3nAHyRcFTaWgxGgSV/QlUK5OaJlhzqdZIfL/RkAXYf
/OMK1u0z9v86K+enHii1DNfFdA6zWjBMJoprtrqTiWUbXIK24oDAaB5d4OrQ9+B/
rKnkAfddleBXXKmddEFvQ6et5JKojgoeZO6cbwj9TJK7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org