Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/OwMAO9xBNEd4_iRuJmBTcCH8Mac.roa
File:                     OwMAO9xBNEd4_iRuJmBTcCH8Mac.roa (raw, json)
Hash identifier:          tTe4sL7f9AifDshqwVAtK8oO47MOsCERLseWVboH8SM=
Subject key identifier:   3B:03:00:3B:DC:41:34:47:78:FE:24:6E:26:60:53:70:21:FC:31:A7
Certificate issuer:       /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial:       0186739A4BEE353F744BBD82ED5233A137CB
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/OwMAO9xBNEd4_iRuJmBTcCH8Mac.roa
Signing time:             Tue 21 Feb 2023 10:52:17 +0000
ROA not before:           Tue 21 Feb 2023 10:52:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202218
IP address blocks:        91.193.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Mar 2023 12:25:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:73:9a:4b:ee:35:3f:74:4b:bd:82:ed:52:33:a1:37:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
        Validity
            Not Before: Feb 21 10:52:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b03003bdc41344778fe246e2660537021fc31a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:73:e1:39:2b:bf:90:a1:45:77:27:07:eb:ba:
                    24:f0:f6:f9:cb:40:ee:63:e0:9e:0f:df:d0:ac:8b:
                    41:dd:c9:6f:75:a6:e4:02:a7:43:22:d4:d9:ca:f6:
                    35:19:d5:cd:78:23:08:aa:03:99:06:23:3e:7a:59:
                    8b:d0:71:c0:27:9f:90:f4:c2:45:c0:ed:f3:76:8a:
                    03:a6:2b:98:dc:ea:b3:24:6a:55:b5:d1:99:67:34:
                    de:36:95:5e:98:56:32:0c:4b:8e:04:64:b8:eb:88:
                    0b:4e:51:7e:49:7f:77:f3:c5:0b:eb:e7:7f:2c:b3:
                    5d:32:fa:d6:3b:0d:d9:d3:10:a4:44:66:ef:b8:19:
                    37:a3:8d:80:0d:68:33:60:fd:59:32:b4:28:dd:93:
                    32:46:87:da:d7:52:78:ec:08:50:09:7b:c9:da:c9:
                    8d:fa:33:8f:28:e3:d8:5e:9b:46:35:b1:18:72:d1:
                    8e:fd:d7:29:4a:55:ea:65:1b:4b:23:da:4b:56:64:
                    84:f6:83:d2:f4:e7:ed:ad:da:cb:03:90:c7:92:2c:
                    a7:d5:d7:58:b5:65:15:7c:4b:72:76:8c:3c:be:50:
                    34:b0:26:12:8f:f8:d6:11:9a:e7:9d:31:c1:c0:c8:
                    7f:11:9d:3d:e6:01:da:52:fa:9d:c7:48:21:f1:39:
                    ce:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:03:00:3B:DC:41:34:47:78:FE:24:6E:26:60:53:70:21:FC:31:A7
            X509v3 Authority Key Identifier:
                keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/OwMAO9xBNEd4_iRuJmBTcCH8Mac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.193.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:b2:48:38:b1:be:0a:86:1e:08:eb:57:28:a7:ba:b9:52:9c:
         f9:d4:76:50:88:c7:89:53:75:b1:0c:7b:cb:8f:44:4a:51:4d:
         d7:ce:5a:7f:68:33:16:bf:26:63:b5:bd:8a:0c:db:dc:8e:c4:
         05:d8:dc:b4:ab:53:e4:1f:a5:cb:c5:2f:f8:e0:ae:f8:34:ab:
         d6:2d:88:42:e0:f1:43:68:79:2e:77:70:b9:90:83:6a:5c:32:
         1d:ee:05:7c:f0:f5:33:5a:74:90:3d:7a:d9:98:06:c5:0c:3d:
         aa:4d:9d:e4:b8:d2:f4:cf:ad:b7:a9:b3:24:27:22:63:e0:09:
         5d:98:05:86:7a:d5:f0:54:72:98:68:b4:54:8f:aa:87:c6:79:
         e3:69:b1:d8:a7:fd:c2:01:d1:0c:86:f7:ff:4b:26:47:b2:eb:
         cc:be:e4:48:0d:bf:b2:15:40:83:3b:64:07:3a:69:b0:a1:2a:
         89:23:27:b8:95:ec:f4:8b:40:42:20:97:03:28:1f:22:69:3e:
         07:e1:fb:5e:62:33:c7:f8:d7:67:df:33:98:c0:f6:b0:7e:7e:
         74:3b:dd:8c:cf:cb:bc:d5:9e:01:49:31:0c:3d:78:41:84:66:
         20:a1:dd:5a:04:ec:ad:93:aa:10:66:5d:59:3d:05:62:d2:8b:
         9e:58:df:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZzmkvuNT90S72C7VIzoTfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwMjIxMTA1MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjAzMDAzYmRjNDEzNDQ3NzhmZTI0NmUyNjYwNTM3MDIxZmMzMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHPhOSu/kKFFdycH67ok8Pb5y0Du
Y+CeD9/QrItB3clvdabkAqdDItTZyvY1GdXNeCMIqgOZBiM+elmL0HHAJ5+Q9MJF
wO3zdooDpiuY3OqzJGpVtdGZZzTeNpVemFYyDEuOBGS464gLTlF+SX9388UL6+d/
LLNdMvrWOw3Z0xCkRGbvuBk3o42ADWgzYP1ZMrQo3ZMyRofa11J47AhQCXvJ2smN
+jOPKOPYXptGNbEYctGO/dcpSlXqZRtLI9pLVmSE9oPS9OftrdrLA5DHkiyn1ddY
tWUVfEtydow8vlA0sCYSj/jWEZrnnTHBwMh/EZ095gHaUvqdx0gh8TnOkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsDADvcQTRHeP4kbiZgU3Ah/DGnMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvT3dNQU85eEJORWQ0X2lSdUptQlRjQ0g4TWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8H8MA0G
CSqGSIb3DQEBCwUAA4IBAQAGskg4sb4Khh4I61cop7q5Upz51HZQiMeJU3WxDHvL
j0RKUU3Xzlp/aDMWvyZjtb2KDNvcjsQF2Ny0q1PkH6XLxS/44K74NKvWLYhC4PFD
aHkud3C5kINqXDId7gV88PUzWnSQPXrZmAbFDD2qTZ3kuNL0z623qbMkJyJj4Ald
mAWGetXwVHKYaLRUj6qHxnnjabHYp/3CAdEMhvf/SyZHsuvMvuRIDb+yFUCDO2QH
OmmwoSqJIye4lez0i0BCIJcDKB8iaT4H4fteYjPH+Ndn3zOYwPawfn50O92Mz8u8
1Z4BSTEMPXhBhGYgod1aBOytk6oQZl1ZPQVi0oueWN/Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org