Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/E6IA7OYJ-rDBsOzQmXHYMMq2LD4.roa
File:                     E6IA7OYJ-rDBsOzQmXHYMMq2LD4.roa (raw, json)
Hash identifier:          j5clTVqVXrp9044RHdB3HjSmBYPocAx8Pjcm1FoPrSc=
Subject key identifier:   13:A2:00:EC:E6:09:FA:B0:C1:B0:EC:D0:99:71:D8:30:CA:B6:2C:3E
Certificate issuer:       /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial:       018A3C8F4EC174102BCA90A4FCC6AFF6A092
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/E6IA7OYJ-rDBsOzQmXHYMMq2LD4.roa
Signing time:             Mon 28 Aug 2023 14:32:19 +0000
ROA not before:           Mon 28 Aug 2023 14:32:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13213
IP address blocks:        91.236.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:3c:8f:4e:c1:74:10:2b:ca:90:a4:fc:c6:af:f6:a0:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
        Validity
            Not Before: Aug 28 14:32:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13a200ece609fab0c1b0ecd09971d830cab62c3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:17:cb:eb:43:5e:b9:77:1a:1c:5a:43:f0:f4:
                    94:d9:78:85:cf:3d:f5:d6:7c:aa:71:a8:8c:61:33:
                    6b:d7:d0:a7:6b:01:b5:f3:88:07:91:8e:0d:96:f8:
                    4b:32:85:d3:13:0c:ea:f9:1e:92:ab:a1:0e:34:d1:
                    31:6d:9c:82:79:e9:34:19:8a:30:91:2e:02:7b:2f:
                    18:66:96:36:aa:6e:43:02:7d:2a:7a:eb:a2:e5:d8:
                    01:0c:3c:5e:98:a1:71:b3:1e:82:43:3f:d1:05:6c:
                    98:e3:c7:25:7c:99:7c:63:40:0f:3a:24:bd:e4:64:
                    1a:f5:15:ab:de:74:8a:42:bf:e2:6b:29:2f:44:c3:
                    7d:da:01:62:c5:66:00:5f:60:99:12:0a:e3:8d:24:
                    0e:c1:96:a1:2c:88:85:81:21:8b:01:a3:57:05:be:
                    e6:57:6c:79:52:36:56:13:ab:b4:58:9d:03:62:3c:
                    f9:41:de:cb:9d:71:34:5c:6b:fe:ba:25:c4:63:4e:
                    69:2c:a3:47:0f:ea:96:15:14:8c:ff:5d:d8:1e:fe:
                    80:d4:14:26:77:64:2c:21:35:06:3c:20:cb:02:07:
                    23:5a:64:ca:64:14:d6:b0:b3:f1:fa:ab:9e:83:d3:
                    6b:98:69:ad:93:b2:47:2b:7c:78:35:51:ae:b5:d8:
                    a9:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:A2:00:EC:E6:09:FA:B0:C1:B0:EC:D0:99:71:D8:30:CA:B6:2C:3E
            X509v3 Authority Key Identifier:
                keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/E6IA7OYJ-rDBsOzQmXHYMMq2LD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.236.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:1e:f9:a7:3c:5a:47:a3:c4:4e:9c:e7:39:56:d4:94:07:92:
         a2:47:ae:bd:ab:43:e8:ba:30:09:78:07:36:67:4d:de:38:e7:
         89:86:07:b0:58:ea:50:c4:15:31:f9:e1:55:8c:74:a6:f9:44:
         24:f3:15:f3:f2:57:26:79:9e:fa:a0:56:c9:97:16:e3:88:5b:
         46:8d:78:83:3b:e4:53:a2:ff:f0:99:e4:b8:f8:48:38:69:4a:
         eb:f0:65:08:67:f0:2a:9f:bb:60:6c:8f:e9:60:9d:21:c1:6b:
         3f:b1:a2:a1:37:89:8f:c8:82:c7:04:58:de:0e:5d:be:90:99:
         b0:9d:0a:41:b7:4f:76:09:f7:46:0d:62:12:d7:44:f7:5d:a3:
         89:18:3b:89:1f:aa:e1:cd:2d:57:9d:ca:0a:f0:25:52:ae:32:
         97:89:4e:25:07:80:90:9e:80:b0:d8:a0:81:56:3e:33:57:6a:
         53:c7:b0:eb:75:67:b3:e5:16:eb:fb:9e:f1:65:76:5f:1d:eb:
         5e:0f:d7:b4:76:47:95:49:38:06:27:1e:e2:84:9a:98:7a:1a:
         33:7f:81:31:82:8f:e0:50:04:2e:f2:51:6a:29:14:83:7f:04:
         d3:f2:90:d2:7b:d7:6a:cb:38:98:d5:24:57:e4:af:58:d2:07:
         58:d5:c0:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo8j07BdBArypCk/Mav9qCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQzMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2EyMDBlY2U2MDlmYWIwYzFiMGVjZDA5OTcxZDgzMGNhYjYyYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihfL60NeuXcaHFpD8PSU2XiFzz31
1nyqcaiMYTNr19CnawG184gHkY4NlvhLMoXTEwzq+R6Sq6EONNExbZyCeek0GYow
kS4Cey8YZpY2qm5DAn0qeuui5dgBDDxemKFxsx6CQz/RBWyY48clfJl8Y0APOiS9
5GQa9RWr3nSKQr/iaykvRMN92gFixWYAX2CZEgrjjSQOwZahLIiFgSGLAaNXBb7m
V2x5UjZWE6u0WJ0DYjz5Qd7LnXE0XGv+uiXEY05pLKNHD+qWFRSM/13YHv6A1BQm
d2QsITUGPCDLAgcjWmTKZBTWsLPx+queg9NrmGmtk7JHK3x4NVGutdipbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBOiAOzmCfqwwbDs0Jlx2DDKtiw+MB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvRTZJQTdPWUotckRCc096UW1YSFlNTXEyTEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+xZMA0G
CSqGSIb3DQEBCwUAA4IBAQAxHvmnPFpHo8ROnOc5VtSUB5KiR669q0PoujAJeAc2
Z03eOOeJhgewWOpQxBUx+eFVjHSm+UQk8xXz8lcmeZ76oFbJlxbjiFtGjXiDO+RT
ov/wmeS4+Eg4aUrr8GUIZ/Aqn7tgbI/pYJ0hwWs/saKhN4mPyILHBFjeDl2+kJmw
nQpBt092CfdGDWIS10T3XaOJGDuJH6rhzS1XncoK8CVSrjKXiU4lB4CQnoCw2KCB
Vj4zV2pTx7DrdWez5Rbr+57xZXZfHeteD9e0dkeVSTgGJx7ihJqYehozf4Exgo/g
UAQu8lFqKRSDfwTT8pDSe9dqyziY1SRX5K9Y0gdY1cAH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org