Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/oBIs4VAH-bs9SNff01MlCr51Vjg.roa
File:                     oBIs4VAH-bs9SNff01MlCr51Vjg.roa (raw, json)
Hash identifier:          k+WDyn8BUuTyWcbWL7ogsViTcflzVpoP1UYyvBfTOWg=
Subject key identifier:   A0:12:2C:E1:50:07:F9:BB:3D:48:D7:DF:D3:53:25:0A:BE:75:56:38
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       018D77585E6F04B39BA8B7FFAC5B03E02B97
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/oBIs4VAH-bs9SNff01MlCr51Vjg.roa
Signing time:             Mon 05 Feb 2024 03:38:16 +0000
ROA not before:           Mon 05 Feb 2024 03:38:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61135
IP address blocks:        91.213.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 17 Feb 2024 02:14:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:77:58:5e:6f:04:b3:9b:a8:b7:ff:ac:5b:03:e0:2b:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: Feb  5 03:38:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a0122ce15007f9bb3d48d7dfd353250abe755638
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:03:c1:30:6d:3d:21:16:c6:3a:9b:ce:e2:79:
                    bc:06:69:5b:28:1b:42:da:6a:7a:00:cf:2e:48:fa:
                    0c:c7:e9:b2:f5:5a:8d:2b:5d:16:f0:e1:41:79:f5:
                    4c:6a:c0:fd:52:e3:81:65:90:99:b5:82:31:a0:0d:
                    bc:86:1e:9f:bf:3e:35:d8:e6:f1:5a:77:e3:8e:38:
                    21:e8:b6:97:14:fd:fe:2a:be:74:22:8c:af:c2:c2:
                    0f:e3:9f:79:46:a3:6a:02:ea:97:e0:ef:51:45:93:
                    6d:83:2f:be:1f:0e:57:29:80:ff:18:50:ec:9b:d8:
                    75:3d:63:7b:f7:82:f3:e1:0a:6f:cc:cd:27:c2:a9:
                    e0:9c:6a:63:f2:00:95:27:75:44:eb:ac:75:88:ea:
                    d0:36:4f:71:a6:13:a9:be:e5:43:1b:80:5d:02:c3:
                    41:41:4e:44:a3:0d:be:e6:48:9e:b3:56:d5:c5:dc:
                    f0:5b:df:c4:26:37:5e:c6:13:d1:62:7e:06:cd:34:
                    d7:be:f9:f8:ba:56:1d:0e:a4:04:6f:79:15:71:b2:
                    9a:c4:f2:04:63:08:67:1f:ce:fe:a3:17:be:fc:ee:
                    c8:1d:d1:2e:76:5d:1c:03:62:ed:5c:f8:14:d3:ef:
                    76:17:71:7a:57:3b:b1:23:f1:ca:b9:3a:57:3c:3c:
                    09:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:12:2C:E1:50:07:F9:BB:3D:48:D7:DF:D3:53:25:0A:BE:75:56:38
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/oBIs4VAH-bs9SNff01MlCr51Vjg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:dd:d4:67:70:2c:77:78:2f:cf:30:b7:2c:de:10:31:0d:80:
         32:87:b0:b6:a3:bf:ef:d9:87:a9:7c:ce:5c:23:82:42:49:56:
         35:81:4d:97:ae:e5:11:77:73:ab:d8:2a:91:f0:21:a2:b5:d8:
         ae:4e:1b:71:e1:90:6d:3d:4f:75:b8:30:ed:a9:31:b9:b6:3c:
         de:7e:e5:5e:5a:74:ee:a0:ae:64:69:4e:a2:b1:47:84:a9:00:
         c5:1a:5a:72:ba:be:fc:a1:d3:05:1d:37:4b:b9:2a:55:d2:51:
         26:df:97:77:4a:ba:7a:4c:90:9d:dc:f4:68:57:3d:7e:3b:e0:
         a9:f8:8c:f0:a2:0b:a2:d8:33:3b:00:3c:be:6e:1d:80:42:a2:
         a4:85:12:e9:36:22:b6:41:b0:e3:dc:97:21:22:4b:83:1a:67:
         ea:a7:b2:92:64:73:3b:1b:c8:c3:60:76:93:93:9f:e7:24:96:
         a9:5b:5d:b4:4d:bb:24:11:ae:4e:8d:b0:b7:17:51:6d:8b:d4:
         53:13:60:d4:53:48:44:93:19:c3:95:7a:c4:18:90:4d:1a:0e:
         d9:2e:7b:32:db:fe:12:40:a6:a5:70:1f:0e:14:6f:e7:b4:71:
         1b:95:34:d5:dd:1e:2c:63:40:df:06:2e:f2:e6:2b:b4:7f:2c:
         ac:0e:77:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY13WF5vBLObqLf/rFsD4CuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjQwMjA1MDMzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDEyMmNlMTUwMDdmOWJiM2Q0OGQ3ZGZkMzUzMjUwYWJlNzU1NjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwPBMG09IRbGOpvO4nm8BmlbKBtC
2mp6AM8uSPoMx+my9VqNK10W8OFBefVMasD9UuOBZZCZtYIxoA28hh6fvz412Obx
Wnfjjjgh6LaXFP3+Kr50IoyvwsIP4595RqNqAuqX4O9RRZNtgy++Hw5XKYD/GFDs
m9h1PWN794Lz4QpvzM0nwqngnGpj8gCVJ3VE66x1iOrQNk9xphOpvuVDG4BdAsNB
QU5Eow2+5kies1bVxdzwW9/EJjdexhPRYn4GzTTXvvn4ulYdDqQEb3kVcbKaxPIE
YwhnH87+oxe+/O7IHdEudl0cA2LtXPgU0+92F3F6VzuxI/HKuTpXPDwJiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKASLOFQB/m7PUjX39NTJQq+dVY4MB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvb0JJczRWQUgtYnM5U05mZjAxTWxDcjUxVmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9W9MA0G
CSqGSIb3DQEBCwUAA4IBAQBO3dRncCx3eC/PMLcs3hAxDYAyh7C2o7/v2YepfM5c
I4JCSVY1gU2XruURd3Or2CqR8CGitdiuThtx4ZBtPU91uDDtqTG5tjzefuVeWnTu
oK5kaU6isUeEqQDFGlpyur78odMFHTdLuSpV0lEm35d3Srp6TJCd3PRoVz1+O+Cp
+Izwogui2DM7ADy+bh2AQqKkhRLpNiK2QbDj3JchIkuDGmfqp7KSZHM7G8jDYHaT
k5/nJJapW120TbskEa5OjbC3F1Fti9RTE2DUU0hEkxnDlXrEGJBNGg7ZLnsy2/4S
QKalcB8OFG/ntHEblTTV3R4sY0DfBi7y5iu0fyysDndw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org