Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/1MxfPxXMJk2yCSULT3POSxPKVoE.roa
File:                     1MxfPxXMJk2yCSULT3POSxPKVoE.roa (raw, json)
Hash identifier:          F9gC8dy/xHdWarfLJ5sBq8F13oZXJg+2+RqZ+bzVbXA=
Subject key identifier:   D4:CC:5F:3F:15:CC:26:4D:B2:09:25:0B:4F:73:CE:4B:13:CA:56:81
Certificate issuer:       /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial:       0186D68D0C1E135D82CEC1165DBB2FC8A21C
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/1MxfPxXMJk2yCSULT3POSxPKVoE.roa
Signing time:             Sun 12 Mar 2023 16:00:13 +0000
ROA not before:           Sun 12 Mar 2023 16:00:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        91.193.252.0/24 maxlen: 24
                          93.89.215.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Mar 2023 11:16:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:d6:8d:0c:1e:13:5d:82:ce:c1:16:5d:bb:2f:c8:a2:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
        Validity
            Not Before: Mar 12 16:00:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4cc5f3f15cc264db209250b4f73ce4b13ca5681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:b2:46:5e:8b:14:0f:33:89:f7:8e:10:aa:13:
                    72:39:86:fa:9c:bd:95:61:18:e1:23:59:32:8f:c1:
                    d7:4c:5b:a5:c9:ac:ff:3f:bc:5a:f5:a9:ae:ff:96:
                    b6:ca:63:1a:f1:d8:f2:b6:c9:ed:b1:b6:b6:0f:d9:
                    75:d1:ee:c8:fc:94:79:b9:01:a1:d4:a2:9b:e0:60:
                    e6:d4:15:12:63:0e:2f:a2:65:2f:de:38:d4:45:0d:
                    89:30:bd:69:86:27:3c:9d:f6:03:b9:18:2b:d9:2b:
                    fa:7a:c2:9b:ac:8f:45:03:64:84:20:8a:c0:51:2a:
                    3d:41:2a:44:26:a0:d3:df:8b:62:01:f2:ed:bd:5f:
                    eb:bc:1e:26:ed:68:de:fa:06:33:3e:79:40:94:8d:
                    e2:23:9f:62:e3:49:bf:59:b5:cf:b3:2d:d2:ca:df:
                    5e:10:3a:aa:17:fb:e9:e7:00:9f:09:d2:cd:e0:25:
                    6f:35:f3:48:f5:3b:2e:19:6d:44:bb:c5:71:ce:69:
                    8b:d1:58:14:3c:f5:10:39:9d:85:f1:44:f1:56:95:
                    57:ba:85:24:fe:92:ad:ed:39:14:c8:00:ea:0a:81:
                    10:74:e5:6b:f7:3a:5b:08:16:09:91:0b:30:05:0f:
                    d9:26:fc:b4:cf:f6:84:05:4a:c9:40:6e:da:3b:95:
                    ab:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:CC:5F:3F:15:CC:26:4D:B2:09:25:0B:4F:73:CE:4B:13:CA:56:81
            X509v3 Authority Key Identifier:
                keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/1MxfPxXMJk2yCSULT3POSxPKVoE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.193.252.0/24
                  93.89.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:04:2b:48:8a:ac:9c:57:f8:9b:33:90:e0:d8:48:93:9d:c0:
         2c:d5:e0:60:c0:4b:8c:52:c6:26:34:60:b0:a3:90:05:d1:8c:
         ad:1e:06:c5:74:3c:6c:c1:8e:9a:f7:17:24:43:0b:63:b2:4f:
         42:ac:d3:97:d3:5b:63:07:c3:20:c8:41:48:b5:f1:84:4c:7e:
         14:65:3a:ee:4e:19:b3:7f:00:02:ae:0d:9f:15:3a:10:74:80:
         6f:e7:8c:e8:9c:8b:96:13:86:f9:db:6d:ea:9b:17:3d:a0:b0:
         e3:c9:2e:f6:e0:48:49:f6:f4:39:06:49:7e:9b:92:ed:90:9e:
         ab:1e:d3:83:49:6a:49:e2:fc:7d:20:2d:d1:df:f0:d2:f7:b4:
         c9:b9:70:c3:2f:fd:00:6e:10:82:cb:51:bf:73:25:b8:e9:1f:
         de:e6:92:dc:8c:0f:d3:24:0a:72:d3:7b:24:52:e9:d4:01:c4:
         e3:53:cd:b6:aa:18:48:f5:31:19:2f:a7:e5:0c:a9:48:99:aa:
         fe:d7:e7:5b:6d:2b:9e:17:1b:da:e4:7f:6e:4b:56:31:21:ff:
         7b:c8:72:8a:76:a4:78:ce:50:fb:d8:5f:67:36:35:0d:a5:3d:
         b0:c9:55:6a:49:0a:17:f0:22:3f:c6:35:71:89:95:c1:4e:c2:
         d8:72:55:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbWjQweE12CzsEWXbsvyKIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwMzEyMTYwMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGNjNWYzZjE1Y2MyNjRkYjIwOTI1MGI0ZjczY2U0YjEzY2E1NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLJGXosUDzOJ944QqhNyOYb6nL2V
YRjhI1kyj8HXTFulyaz/P7xa9amu/5a2ymMa8djytsntsba2D9l10e7I/JR5uQGh
1KKb4GDm1BUSYw4vomUv3jjURQ2JML1phic8nfYDuRgr2Sv6esKbrI9FA2SEIIrA
USo9QSpEJqDT34tiAfLtvV/rvB4m7Wje+gYzPnlAlI3iI59i40m/WbXPsy3Syt9e
EDqqF/vp5wCfCdLN4CVvNfNI9TsuGW1Eu8VxzmmL0VgUPPUQOZ2F8UTxVpVXuoUk
/pKt7TkUyADqCoEQdOVr9zpbCBYJkQswBQ/ZJvy0z/aEBUrJQG7aO5Wr+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNTMXz8VzCZNsgklC09zzksTylaBMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvMU14ZlB4WE1KazJ5Q1NVTFQzUE9TeFBLVm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8H8AwQA
XVnXMA0GCSqGSIb3DQEBCwUAA4IBAQCcBCtIiqycV/ibM5Dg2EiTncAs1eBgwEuM
UsYmNGCwo5AF0YytHgbFdDxswY6a9xckQwtjsk9CrNOX01tjB8MgyEFItfGETH4U
ZTruThmzfwACrg2fFToQdIBv54zonIuWE4b5223qmxc9oLDjyS724EhJ9vQ5Bkl+
m5LtkJ6rHtODSWpJ4vx9IC3R3/DS97TJuXDDL/0AbhCCy1G/cyW46R/e5pLcjA/T
JApy03skUunUAcTjU822qhhI9TEZL6flDKlImar+1+dbbSueFxva5H9uS1YxIf97
yHKKdqR4zlD72F9nNjUNpT2wyVVqSQoX8CI/xjVxiZXBTsLYclUG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:25 2024 by rpki-client on console-ams.rpki-client.org