Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/wd7j2WCbrPdExQv8aeJ22JtnLo4.roa
File:                     wd7j2WCbrPdExQv8aeJ22JtnLo4.roa (raw, json)
Hash identifier:          yu/RnVZeWGGNFcgdua4lYXJOQb7O3XN6pE+m10u70Ms=
Subject key identifier:   C1:DE:E3:D9:60:9B:AC:F7:44:C5:0B:FC:69:E2:76:D8:9B:67:2E:8E
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       018CC50032B0D8AFC510574196184E4125F4
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/wd7j2WCbrPdExQv8aeJ22JtnLo4.roa
Signing time:             Mon 01 Jan 2024 12:29:33 +0000
ROA not before:           Mon 01 Jan 2024 12:29:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     63018
IP address blocks:        91.213.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 18:04:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:32:b0:d8:af:c5:10:57:41:96:18:4e:41:25:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: Jan  1 12:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c1dee3d9609bacf744c50bfc69e276d89b672e8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:89:cb:81:af:c3:42:fc:08:fb:f6:2a:83:2b:
                    6c:e7:84:50:b0:c5:19:dd:6a:f2:e7:95:d2:77:c6:
                    62:c5:e4:f7:91:75:54:ae:a5:61:13:fb:5d:ca:29:
                    63:99:21:f3:4c:99:ef:4e:e5:9f:7b:62:52:3c:be:
                    0a:ff:8a:b4:62:c6:ca:0a:2c:ed:25:0f:f4:6c:6d:
                    f1:af:2e:68:cd:df:d3:5c:06:06:ae:61:c8:2b:53:
                    05:a3:b0:4b:e7:15:8a:57:db:96:cc:8f:84:b9:44:
                    c1:a8:e0:4d:c6:9f:14:bc:17:6a:2a:db:21:47:f6:
                    f7:9f:92:a2:00:ae:b8:c0:53:ab:12:43:4e:13:58:
                    a9:22:d6:79:ad:d1:97:72:2f:78:ec:7e:0a:e2:87:
                    54:ff:a6:37:56:f9:b3:04:22:38:aa:14:a4:3a:e3:
                    71:4a:80:18:22:90:5b:6b:37:22:6c:53:25:bb:d5:
                    13:94:83:56:a4:14:d0:13:51:a7:10:23:63:e7:cd:
                    02:2b:48:ed:e7:9a:5b:a6:40:65:84:8d:cc:67:dc:
                    a9:79:6a:98:a5:c7:d8:cf:01:dc:0d:c2:fe:c9:3f:
                    7c:8d:7b:a2:20:54:54:d6:11:af:6a:7a:24:3c:2e:
                    10:c1:95:9d:0a:21:92:27:8b:4e:47:2f:77:a6:bd:
                    45:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:DE:E3:D9:60:9B:AC:F7:44:C5:0B:FC:69:E2:76:D8:9B:67:2E:8E
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/wd7j2WCbrPdExQv8aeJ22JtnLo4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:fc:e9:5a:13:7e:1c:a3:ea:62:f4:0f:88:4e:5e:94:ad:8f:
         99:9e:03:dc:56:62:d3:2e:54:40:11:72:c0:d4:79:23:94:dd:
         34:3a:a5:49:e6:e1:bd:44:f3:f4:0d:c1:89:ae:e8:c1:9a:48:
         78:39:1c:c3:9f:f2:94:d6:81:51:d0:8b:f0:cb:c3:6b:87:6a:
         fc:78:a3:50:6f:af:95:b0:39:b8:b5:04:02:8e:dd:de:05:47:
         c8:c2:7c:d9:28:8e:a0:f0:86:57:be:19:00:73:73:9b:9f:b3:
         d7:cb:f2:d7:84:c3:1e:fa:02:46:02:7d:6f:39:08:c1:2b:da:
         db:0d:ae:2b:c6:b9:f4:ae:0b:dc:da:c6:e3:c9:27:b0:58:9c:
         13:0a:8f:99:d4:de:9f:a7:fc:83:01:a3:87:4b:f9:e9:9d:bd:
         4d:96:82:15:b2:47:b6:00:b8:74:50:01:2d:5e:1e:da:0c:f6:
         39:fe:61:5d:c3:68:62:bb:16:2f:b2:fe:82:39:6b:a3:ae:df:
         75:fc:72:93:24:4d:9d:ec:49:35:fd:bd:2b:45:da:d3:4e:0c:
         1e:ab:f0:96:31:81:a4:a2:8b:a6:37:85:32:15:f5:c6:8d:48:
         97:5d:dc:2a:55:0a:da:fc:38:e6:fb:8d:37:7a:7c:a9:62:b3:
         e5:61:f1:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFADKw2K/FEFdBlhhOQSX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRlZTNkOTYwOWJhY2Y3NDRjNTBiZmM2OWUyNzZkODliNjcyZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4nLga/DQvwI+/Yqgyts54RQsMUZ
3Wry55XSd8ZixeT3kXVUrqVhE/tdyiljmSHzTJnvTuWfe2JSPL4K/4q0YsbKCizt
JQ/0bG3xry5ozd/TXAYGrmHIK1MFo7BL5xWKV9uWzI+EuUTBqOBNxp8UvBdqKtsh
R/b3n5KiAK64wFOrEkNOE1ipItZ5rdGXci947H4K4odU/6Y3VvmzBCI4qhSkOuNx
SoAYIpBbazcibFMlu9UTlINWpBTQE1GnECNj580CK0jt55pbpkBlhI3MZ9ypeWqY
pcfYzwHcDcL+yT98jXuiIFRU1hGvanokPC4QwZWdCiGSJ4tORy93pr1FOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHe49lgm6z3RMUL/GnidtibZy6OMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvd2Q3ajJXQ2JyUGRFeFF2OGFlSjIySnRuTG80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9W9MA0G
CSqGSIb3DQEBCwUAA4IBAQBY/OlaE34co+pi9A+ITl6UrY+ZngPcVmLTLlRAEXLA
1HkjlN00OqVJ5uG9RPP0DcGJrujBmkh4ORzDn/KU1oFR0Ivwy8Nrh2r8eKNQb6+V
sDm4tQQCjt3eBUfIwnzZKI6g8IZXvhkAc3Obn7PXy/LXhMMe+gJGAn1vOQjBK9rb
Da4rxrn0rgvc2sbjySewWJwTCo+Z1N6fp/yDAaOHS/npnb1NloIVske2ALh0UAEt
Xh7aDPY5/mFdw2hiuxYvsv6COWujrt91/HKTJE2d7Ek1/b0rRdrTTgweq/CWMYGk
ooumN4UyFfXGjUiXXdwqVQra/Djm+403enypYrPlYfFW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org