Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/asBlIKOtKwK47bkjXynzmc1mQrE.roa
File:                     asBlIKOtKwK47bkjXynzmc1mQrE.roa (raw, json)
Hash identifier:          enW6B0IZ5RStLJ/ws70ckhTMl3RoQprVktuBVQ/WFRI=
Subject key identifier:   6A:C0:65:20:A3:AD:2B:02:B8:ED:B9:23:5F:29:F3:99:CD:66:42:B1
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       018C2CC78388483DC9E2A82883ACA7A2A313
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/asBlIKOtKwK47bkjXynzmc1mQrE.roa
Signing time:             Sat 02 Dec 2023 23:05:21 +0000
ROA not before:           Sat 02 Dec 2023 23:05:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.213.174.0/24 maxlen: 24
                          91.213.186.0/24 maxlen: 24
                          45.150.197.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:2c:c7:83:88:48:3d:c9:e2:a8:28:83:ac:a7:a2:a3:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: Dec  2 23:05:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6ac06520a3ad2b02b8edb9235f29f399cd6642b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:a5:99:40:cb:88:5e:8b:3a:77:1e:79:3d:21:
                    b7:77:07:b1:02:21:9c:a0:01:75:9c:73:a3:a8:be:
                    8d:0c:9b:11:62:93:07:c2:5f:80:47:3a:e2:d3:1a:
                    59:be:30:82:c0:2a:8d:06:ac:fa:eb:cf:84:b0:a8:
                    54:f2:36:71:f1:3d:6a:bb:65:4a:38:53:7c:5a:6a:
                    da:b1:dd:cd:b0:55:2c:62:a4:a7:61:02:01:75:d7:
                    1d:d1:55:55:f3:7d:8b:43:70:10:bd:74:49:45:16:
                    9f:d3:91:e7:31:26:2f:06:13:7d:af:27:95:2a:ab:
                    9a:5c:7a:e5:eb:40:25:75:b7:b8:32:e5:17:ff:dc:
                    06:37:d5:a9:2e:15:46:7c:92:67:ca:68:6f:9f:f0:
                    a6:50:9f:05:3a:2e:26:ba:45:cb:b9:2f:a6:6d:52:
                    d3:76:e2:71:13:89:5c:cb:f1:b4:77:d3:06:07:d0:
                    be:f8:44:14:b6:ba:38:0c:1e:97:8e:cb:37:9c:4d:
                    e0:9a:b4:b9:e6:ec:f6:27:bd:3a:96:85:5d:ca:4a:
                    b3:5e:16:84:b2:10:ca:55:74:39:1b:db:2c:25:68:
                    69:88:55:15:fb:b6:ae:5a:89:64:b6:03:65:21:b6:
                    f2:e8:72:59:12:42:d1:d0:fe:00:68:7d:ff:69:38:
                    67:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:C0:65:20:A3:AD:2B:02:B8:ED:B9:23:5F:29:F3:99:CD:66:42:B1
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/asBlIKOtKwK47bkjXynzmc1mQrE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.197.0/24
                  91.213.174.0/24
                  91.213.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:a6:82:56:3a:fd:35:cd:e5:94:88:d0:b9:5e:a7:83:69:6b:
         aa:7b:10:36:5c:a4:53:cf:56:a8:67:16:cf:8c:c6:7c:fe:a3:
         3a:d8:65:32:1e:5b:61:17:ad:da:15:0e:a5:8a:10:0b:78:24:
         44:27:41:0b:e1:29:e9:50:de:9c:2f:32:d5:a9:96:25:da:fb:
         3a:c4:a6:4b:d0:ad:cc:94:7f:c3:90:e8:45:af:04:29:a9:c3:
         93:fb:9c:4e:3d:b5:9e:89:ec:d1:f6:ac:7f:b6:2b:26:64:0c:
         03:ec:7e:79:e2:92:17:f4:06:29:5e:9d:78:ec:d5:22:23:fd:
         ba:f6:0d:73:cf:b9:ed:e4:3d:fc:a2:58:cf:8f:60:bf:1a:52:
         af:4e:60:51:25:7a:81:26:85:fa:8b:a2:84:d1:2b:21:9f:d3:
         44:45:96:a0:28:0c:bb:49:7b:aa:c1:1c:24:cc:e8:56:cc:8b:
         29:bc:e4:1d:eb:b8:bf:93:a3:09:74:57:d3:33:df:37:5c:50:
         55:44:7a:60:c0:6e:ac:1f:ba:23:e3:a7:2d:b5:96:1e:49:59:
         34:ee:d5:38:f6:83:0a:d9:e4:aa:e8:c6:30:d4:4f:58:a1:db:
         b7:ed:41:a5:72:5a:21:0e:50:20:32:74:12:cc:d4:e7:14:5d:
         b4:ab:fe:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwsx4OISD3J4qgog6ynoqMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMxMjAyMjMwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWMwNjUyMGEzYWQyYjAyYjhlZGI5MjM1ZjI5ZjM5OWNkNjY0MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqWZQMuIXos6dx55PSG3dwexAiGc
oAF1nHOjqL6NDJsRYpMHwl+ARzri0xpZvjCCwCqNBqz668+EsKhU8jZx8T1qu2VK
OFN8Wmrasd3NsFUsYqSnYQIBddcd0VVV832LQ3AQvXRJRRaf05HnMSYvBhN9ryeV
KquaXHrl60Aldbe4MuUX/9wGN9WpLhVGfJJnymhvn/CmUJ8FOi4mukXLuS+mbVLT
duJxE4lcy/G0d9MGB9C++EQUtro4DB6Xjss3nE3gmrS55uz2J706loVdykqzXhaE
shDKVXQ5G9ssJWhpiFUV+7auWolktgNlIbby6HJZEkLR0P4AaH3/aThn7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGrAZSCjrSsCuO25I18p85nNZkKxMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvYXNCbElLT3RLd0s0N2Jralh5bnptYzFtUXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZbFAwQA
W9WuAwQAW9W6MA0GCSqGSIb3DQEBCwUAA4IBAQAopoJWOv01zeWUiNC5XqeDaWuq
exA2XKRTz1aoZxbPjMZ8/qM62GUyHlthF63aFQ6lihALeCREJ0EL4SnpUN6cLzLV
qZYl2vs6xKZL0K3MlH/DkOhFrwQpqcOT+5xOPbWeiezR9qx/tismZAwD7H554pIX
9AYpXp147NUiI/269g1zz7nt5D38oljPj2C/GlKvTmBRJXqBJoX6i6KE0Sshn9NE
RZagKAy7SXuqwRwkzOhWzIspvOQd67i/k6MJdFfTM983XFBVRHpgwG6sH7oj46ct
tZYeSVk07tU49oMK2eSq6MYw1E9Yodu37UGlclohDlAgMnQSzNTnFF20q/7m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org