Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/K-eqABRPFmI-BaM42G2jIQrJWp4.roa
File:                     K-eqABRPFmI-BaM42G2jIQrJWp4.roa (raw, json)
Hash identifier:          NFkfeKGFlqVIR/CIG15UnyackpAXu1qyqJGdbQqrmD8=
Subject key identifier:   2B:E7:AA:00:14:4F:16:62:3E:05:A3:38:D8:6D:A3:21:0A:C9:5A:9E
Certificate issuer:       /CN=038af86795417a3584d616375209a72efee2462b
Certificate serial:       018573438DE7745B040F6DFA2606C722F7C9
Authority key identifier: 03:8A:F8:67:95:41:7A:35:84:D6:16:37:52:09:A7:2E:FE:E2:46:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A4r4Z5VBejWE1hY3UgmnLv7iRis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/K-eqABRPFmI-BaM42G2jIQrJWp4.roa
Signing time:             Mon 02 Jan 2023 16:14:45 +0000
ROA not before:           Mon 02 Jan 2023 16:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2856
IP address blocks:        91.142.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:43:8d:e7:74:5b:04:0f:6d:fa:26:06:c7:22:f7:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=038af86795417a3584d616375209a72efee2462b
        Validity
            Not Before: Jan  2 16:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2be7aa00144f16623e05a338d86da3210ac95a9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e3:8c:a5:35:12:ec:53:5c:47:20:47:41:28:
                    3e:48:3c:20:b5:85:32:80:e3:fe:71:cf:c8:23:85:
                    1a:e7:88:03:d3:23:bd:42:5c:55:8b:32:51:47:d1:
                    01:cb:e2:fe:84:4d:4c:65:27:df:e6:61:83:a2:78:
                    c4:9f:2c:c0:18:ed:72:67:16:04:e2:85:92:fb:b3:
                    40:2c:ec:50:8c:58:83:a2:2c:34:c8:cd:ad:b7:36:
                    47:d0:3e:67:ff:d4:5f:4e:6a:bd:08:b0:7c:7c:60:
                    05:44:84:7b:a6:99:3e:72:37:66:3e:06:1e:bc:d7:
                    1e:5a:03:2c:ca:43:3e:be:32:35:12:05:a2:14:1e:
                    ba:96:c5:1d:21:c5:de:55:aa:40:e6:bf:f4:e6:33:
                    1b:91:80:47:4a:1e:2e:fb:27:4a:ad:f9:35:08:b0:
                    b9:6f:c1:63:ee:eb:d7:ca:ec:b1:4d:2f:ae:9c:e1:
                    32:32:d5:94:8a:c4:d4:94:aa:0d:cc:ea:cf:81:2a:
                    6a:1e:69:3c:d1:19:b6:6f:00:f6:ad:fe:77:5a:17:
                    14:58:64:9b:0b:da:b6:68:b1:71:fd:ff:34:38:ac:
                    dd:27:27:48:13:15:a5:c0:5a:21:44:64:84:de:44:
                    de:67:05:b4:3b:fc:db:e9:63:de:cf:d6:3a:10:87:
                    bb:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:E7:AA:00:14:4F:16:62:3E:05:A3:38:D8:6D:A3:21:0A:C9:5A:9E
            X509v3 Authority Key Identifier:
                keyid:03:8A:F8:67:95:41:7A:35:84:D6:16:37:52:09:A7:2E:FE:E2:46:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4r4Z5VBejWE1hY3UgmnLv7iRis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/K-eqABRPFmI-BaM42G2jIQrJWp4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/A4r4Z5VBejWE1hY3UgmnLv7iRis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.142.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:4d:30:5b:8b:04:8c:a6:02:6b:3f:61:83:87:ce:97:0c:b4:
         44:9d:98:38:38:68:31:d5:4f:80:a5:87:89:f2:05:8e:bf:6c:
         fd:08:b6:55:47:f1:51:be:34:31:f8:95:dd:63:46:37:36:8c:
         32:77:00:5c:b5:c0:c3:e7:23:43:a7:fd:9e:ff:6a:50:3d:74:
         0a:44:a4:69:8b:f1:45:fc:24:04:e1:5e:33:0c:9b:12:cc:91:
         db:75:9c:b4:c3:05:bd:1f:a1:e9:1f:38:2e:20:25:0c:cc:88:
         08:dc:b5:f2:18:9a:b7:43:56:36:1d:e1:30:73:e4:22:dc:a8:
         ab:40:fe:d6:8a:bd:c0:78:4c:6f:50:89:0e:41:ed:a5:dc:d8:
         7b:b4:4f:cb:81:a8:ac:fe:4f:b5:e7:44:b8:d2:44:e1:9e:be:
         d3:46:ea:7c:85:07:0f:f0:18:b6:33:75:2d:77:a2:1e:02:a4:
         2d:43:6d:4b:5e:93:63:ea:73:36:13:42:7c:4f:57:4c:97:ba:
         9b:fb:01:37:d8:27:5f:0c:f5:2a:09:f3:06:cc:7b:65:d0:0e:
         e4:c3:a3:da:a7:04:ba:35:6a:4e:ac:15:3b:70:25:de:99:bd:
         fc:38:33:11:ab:db:72:b0:f2:36:52:f8:2b:86:66:9a:9d:30:
         e2:0f:b2:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzQ43ndFsED236JgbHIvfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOGFmODY3OTU0MTdhMzU4NGQ2MTYzNzUyMDlhNzJlZmVl
MjQ2MmIwHhcNMjMwMTAyMTYxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmU3YWEwMDE0NGYxNjYyM2UwNWEzMzhkODZkYTMyMTBhYzk1YTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeOMpTUS7FNcRyBHQSg+SDwgtYUy
gOP+cc/II4Ua54gD0yO9QlxVizJRR9EBy+L+hE1MZSff5mGDonjEnyzAGO1yZxYE
4oWS+7NALOxQjFiDoiw0yM2ttzZH0D5n/9RfTmq9CLB8fGAFRIR7ppk+cjdmPgYe
vNceWgMsykM+vjI1EgWiFB66lsUdIcXeVapA5r/05jMbkYBHSh4u+ydKrfk1CLC5
b8Fj7uvXyuyxTS+unOEyMtWUisTUlKoNzOrPgSpqHmk80Rm2bwD2rf53WhcUWGSb
C9q2aLFx/f80OKzdJydIExWlwFohRGSE3kTeZwW0O/zb6WPez9Y6EIe73wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvnqgAUTxZiPgWjONhtoyEKyVqeMB8GA1UdIwQY
MBaAFAOK+GeVQXo1hNYWN1IJpy7+4kYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTRyNFo1VkJlaldFMWhZM1VnbW5MdjdpUmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81N2U0MTktNDJmNC00ZDhjLWI2YjQt
NDMxZjI3YTYyZWQ4LzEvSy1lcUFCUlBGbUktQmFNNDJHMmpJUXJKV3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81N2U0MTktNDJmNC00ZDhjLWI2YjQtNDMxZjI3YTYyZWQ4
LzEvQTRyNFo1VkJlaldFMWhZM1VnbW5MdjdpUmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW46AMA0G
CSqGSIb3DQEBCwUAA4IBAQATTTBbiwSMpgJrP2GDh86XDLREnZg4OGgx1U+ApYeJ
8gWOv2z9CLZVR/FRvjQx+JXdY0Y3NowydwBctcDD5yNDp/2e/2pQPXQKRKRpi/FF
/CQE4V4zDJsSzJHbdZy0wwW9H6HpHzguICUMzIgI3LXyGJq3Q1Y2HeEwc+Qi3Kir
QP7Wir3AeExvUIkOQe2l3Nh7tE/Lgais/k+150S40kThnr7TRup8hQcP8Bi2M3Ut
d6IeAqQtQ21LXpNj6nM2E0J8T1dMl7qb+wE32CdfDPUqCfMGzHtl0A7kw6PapwS6
NWpOrBU7cCXemb38ODMRq9tysPI2UvgrhmaanTDiD7Iy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org