Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/aTbjJy2Eu8UmlcP4gBew34qEFDQ.roa
File:                     aTbjJy2Eu8UmlcP4gBew34qEFDQ.roa (raw, json)
Hash identifier:          quj+MRFvDqIK0H6ZidHu/y+vV+8ubNkG6uDlztdYAEM=
Subject key identifier:   69:36:E3:27:2D:84:BB:C5:26:95:C3:F8:80:17:B0:DF:8A:84:14:34
Certificate issuer:       /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial:       01857042AB40FCB62641AE0C057281155763
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/aTbjJy2Eu8UmlcP4gBew34qEFDQ.roa
Signing time:             Mon 02 Jan 2023 02:14:55 +0000
ROA not before:           Mon 02 Jan 2023 02:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57967
IP address blocks:        91.237.90.0/24 maxlen: 24
                          2001:67c:2794::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:ab:40:fc:b6:26:41:ae:0c:05:72:81:15:57:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
        Validity
            Not Before: Jan  2 02:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6936e3272d84bbc52695c3f88017b0df8a841434
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9c:11:d7:34:69:f6:f0:03:76:c8:fa:53:96:
                    7b:df:60:bd:fb:c7:90:35:03:b5:9c:49:b6:14:7f:
                    ec:2e:e9:21:ef:86:69:11:94:39:bc:14:95:80:dc:
                    5d:ba:67:33:79:d1:2f:51:4a:eb:2a:99:ed:2b:e5:
                    83:cd:96:60:00:da:b4:08:83:3f:ef:df:b9:b6:be:
                    78:96:04:d3:33:a8:b9:c8:17:2a:e8:8f:34:62:3b:
                    f9:ee:79:85:bf:bb:2e:a0:95:f5:65:31:e3:c3:3b:
                    c0:a8:be:34:37:17:4e:fa:e6:bc:b9:b2:51:13:46:
                    9c:53:c2:7f:35:4b:8e:f9:fe:af:4b:23:ff:66:35:
                    1d:19:56:a4:3a:4e:e2:f5:18:c9:b8:6b:df:ce:0c:
                    e7:89:9c:43:13:9a:f2:38:ee:a2:67:f7:8e:83:a9:
                    a6:28:3b:6e:61:59:67:6c:ff:60:a4:2d:c5:ab:f9:
                    f5:c1:4d:c8:5f:bb:4b:f7:ea:23:3e:81:62:72:f6:
                    9c:db:ec:91:84:21:d9:96:a1:cf:a8:2a:70:be:bd:
                    02:4b:93:0a:77:12:ab:00:87:3b:80:e8:24:bc:cd:
                    a6:7d:e5:9c:a8:d0:cb:a4:dd:54:c1:b3:51:a3:22:
                    48:82:40:98:5f:80:8e:f3:75:c8:7a:8a:5e:a3:4f:
                    71:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:36:E3:27:2D:84:BB:C5:26:95:C3:F8:80:17:B0:DF:8A:84:14:34
            X509v3 Authority Key Identifier:
                keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/aTbjJy2Eu8UmlcP4gBew34qEFDQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.90.0/24
                IPv6:
                  2001:67c:2794::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:4f:ae:12:ab:4e:e9:59:f7:3f:24:ae:6b:b8:aa:1f:c5:c1:
         91:9b:e6:55:61:85:7b:32:a7:6e:8e:c8:7e:fd:b3:86:17:1e:
         40:74:64:5d:f9:c6:eb:bf:f6:28:cd:9b:6f:4f:7a:af:b0:44:
         00:f0:96:4e:6f:87:a1:62:1c:ed:2f:dc:40:98:d0:79:2c:79:
         cb:a1:aa:23:e3:0c:a9:ac:df:fd:3a:16:09:42:20:da:c3:c2:
         d4:8c:b3:be:ea:4a:e7:24:bf:92:ce:f7:b7:a5:05:10:52:45:
         4e:76:3c:a4:c7:4f:c7:fd:6c:6b:02:2e:9b:2d:3e:c4:67:ba:
         c6:45:17:a9:fb:bc:6d:ca:7f:e0:14:0e:cc:ce:ba:9c:4e:ce:
         b0:d5:44:86:c2:3a:8a:5a:66:c4:f7:d7:a3:bc:a8:2c:87:70:
         d2:46:c1:10:10:a9:a6:2c:18:f1:22:bc:90:b4:03:a8:ac:ea:
         ce:1a:01:90:9a:03:dd:e7:3e:0a:20:68:10:b5:83:f6:d9:f0:
         64:0f:09:a7:68:3f:70:e0:47:59:7c:1b:f9:b3:2c:ad:36:57:
         dd:7b:6b:d2:48:88:8b:11:3d:c7:78:1e:42:d7:f3:21:20:dc:
         28:9a:5d:b3:8b:98:04:0d:57:ce:6d:3d:68:16:f3:5f:e2:ef:
         8b:0d:45:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwQqtA/LYmQa4MBXKBFVdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM2ZTMyNzJkODRiYmM1MjY5NWMzZjg4MDE3YjBkZjhhODQxNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZwR1zRp9vADdsj6U5Z732C9+8eQ
NQO1nEm2FH/sLukh74ZpEZQ5vBSVgNxdumczedEvUUrrKpntK+WDzZZgANq0CIM/
79+5tr54lgTTM6i5yBcq6I80Yjv57nmFv7suoJX1ZTHjwzvAqL40NxdO+ua8ubJR
E0acU8J/NUuO+f6vSyP/ZjUdGVakOk7i9RjJuGvfzgzniZxDE5ryOO6iZ/eOg6mm
KDtuYVlnbP9gpC3Fq/n1wU3IX7tL9+ojPoFicvac2+yRhCHZlqHPqCpwvr0CS5MK
dxKrAIc7gOgkvM2mfeWcqNDLpN1UwbNRoyJIgkCYX4CO83XIeopeo09xawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGk24ycthLvFJpXD+IAXsN+KhBQ0MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvYVRiakp5MkV1OFVtbGNQNGdCZXczNHFFRkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+1aMA8E
AgACMAkDBwAgAQZ8J5QwDQYJKoZIhvcNAQELBQADggEBAENPrhKrTulZ9z8krmu4
qh/FwZGb5lVhhXsyp26OyH79s4YXHkB0ZF35xuu/9ijNm29Peq+wRADwlk5vh6Fi
HO0v3ECY0HksecuhqiPjDKms3/06FglCINrDwtSMs77qSuckv5LO97elBRBSRU52
PKTHT8f9bGsCLpstPsRnusZFF6n7vG3Kf+AUDszOupxOzrDVRIbCOopaZsT316O8
qCyHcNJGwRAQqaYsGPEivJC0A6is6s4aAZCaA93nPgogaBC1g/bZ8GQPCadoP3Dg
R1l8G/mzLK02V917a9JIiIsRPcd4HkLX8yEg3CiaXbOLmAQNV85tPWgW81/i74sN
RSg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:21 2024 by rpki-client on console-fra.rpki-client.org