Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/425cc1-5014-4979-84eb-025540aff15d/1/_saVu1exXqyoR52L6BvSlXyfuDg.roa
File:                     _saVu1exXqyoR52L6BvSlXyfuDg.roa (raw, json)
Hash identifier:          yvcFYPqaXIfcKW3mhC/KiHXPqAplo0J9Jn64m0PUsoY=
Subject key identifier:   FE:C6:95:BB:57:B1:5E:AC:A8:47:9D:8B:E8:1B:D2:95:7C:9F:B8:38
Certificate issuer:       /CN=5e3a62f1347c1742e5b6e3740244d398b53a513c
Certificate serial:       01856DD4197DD5110F0D29D1F40D870F9891
Authority key identifier: 5E:3A:62:F1:34:7C:17:42:E5:B6:E3:74:02:44:D3:98:B5:3A:51:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xjpi8TR8F0LltuN0AkTTmLU6UTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/425cc1-5014-4979-84eb-025540aff15d/1/_saVu1exXqyoR52L6BvSlXyfuDg.roa
Signing time:             Sun 01 Jan 2023 14:54:54 +0000
ROA not before:           Sun 01 Jan 2023 14:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31463
IP address blocks:        91.232.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:19:7d:d5:11:0f:0d:29:d1:f4:0d:87:0f:98:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e3a62f1347c1742e5b6e3740244d398b53a513c
        Validity
            Not Before: Jan  1 14:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fec695bb57b15eaca8479d8be81bd2957c9fb838
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:3b:67:65:9c:5d:e9:30:5e:a4:2d:02:a5:1a:
                    eb:82:2c:6a:9f:e4:99:78:7b:55:25:85:47:f3:14:
                    f0:9a:18:5c:e9:4e:4a:c7:49:8f:e1:4f:79:ac:c2:
                    e1:27:40:26:90:0d:b0:64:a5:dc:e2:15:09:38:e3:
                    a2:4f:ff:5d:71:8e:4c:65:ed:29:bc:04:05:1a:11:
                    0b:98:89:ed:26:f0:e3:b1:20:5e:c7:da:9a:d0:cf:
                    f1:02:95:4f:48:96:25:5d:28:18:04:b9:d3:08:fe:
                    cb:cc:03:6a:8a:49:cc:89:ba:19:a5:95:b1:b5:35:
                    39:5a:d1:ae:19:f0:77:48:63:90:7d:d7:f2:14:9e:
                    02:02:9c:f4:6e:bc:42:fc:9c:69:c4:9e:b8:da:a5:
                    3e:63:d7:2f:86:44:e2:52:4e:16:5c:1d:5a:70:ca:
                    db:4c:c4:7c:53:7b:51:ff:fb:76:3b:96:73:00:9c:
                    98:ec:cc:fb:e4:51:09:84:b6:1b:3f:15:86:20:b7:
                    03:ab:46:89:15:d0:47:4b:88:77:cd:c0:ae:f1:f2:
                    dd:00:cb:e0:b7:e4:81:27:60:41:19:1e:9f:f1:63:
                    0a:67:12:e6:c1:a8:cc:2e:1e:d9:51:a9:a5:62:34:
                    d0:af:8e:4e:13:57:49:a9:4c:21:2e:e8:06:ee:c3:
                    92:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C6:95:BB:57:B1:5E:AC:A8:47:9D:8B:E8:1B:D2:95:7C:9F:B8:38
            X509v3 Authority Key Identifier:
                keyid:5E:3A:62:F1:34:7C:17:42:E5:B6:E3:74:02:44:D3:98:B5:3A:51:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xjpi8TR8F0LltuN0AkTTmLU6UTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/425cc1-5014-4979-84eb-025540aff15d/1/_saVu1exXqyoR52L6BvSlXyfuDg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/425cc1-5014-4979-84eb-025540aff15d/1/Xjpi8TR8F0LltuN0AkTTmLU6UTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:95:1a:9f:9f:be:e7:7b:e9:e1:a1:8a:59:6d:96:87:a7:8e:
         84:bf:7b:dc:bc:52:67:49:3e:4d:0a:e3:15:df:19:00:14:33:
         f5:ec:c1:dd:1d:6e:0d:a3:07:bb:55:83:dc:b7:cd:b8:88:bd:
         23:8d:59:89:16:89:d2:b9:74:22:a3:14:6b:f4:bc:3e:bf:da:
         74:09:51:0f:34:ce:9f:8f:3a:37:d2:ab:90:31:4c:bc:7b:80:
         64:45:25:51:fc:3f:bb:62:3d:28:28:fd:b2:51:99:93:f9:e5:
         79:fc:b3:2b:f3:b7:e4:db:02:cb:a3:4d:eb:e8:81:43:0a:aa:
         6e:81:81:5a:22:4e:e8:e5:ce:8c:73:8c:8b:4c:40:b5:9d:80:
         c5:65:3a:28:f5:73:a0:66:c9:dc:41:06:4f:5b:21:22:11:31:
         eb:3a:dc:f8:c1:e0:63:09:40:d0:2e:71:23:a0:89:38:03:01:
         6b:e5:ef:21:8f:b5:07:35:bf:ff:5d:c9:ac:b6:ff:ed:ec:57:
         90:a3:f6:50:c7:10:c5:94:35:ed:0f:f0:f8:42:ea:7c:ec:27:
         5c:40:35:68:3e:ae:df:84:18:73:88:af:ca:fc:ff:10:b6:05:
         92:b3:46:91:4b:e8:57:4c:fe:77:93:33:45:de:18:9a:ed:f0:
         ed:ed:23:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1Bl91REPDSnR9A2HD5iRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlM2E2MmYxMzQ3YzE3NDJlNWI2ZTM3NDAyNDRkMzk4YjUz
YTUxM2MwHhcNMjMwMTAxMTQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWM2OTViYjU3YjE1ZWFjYTg0NzlkOGJlODFiZDI5NTdjOWZiODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TtnZZxd6TBepC0CpRrrgixqn+SZ
eHtVJYVH8xTwmhhc6U5Kx0mP4U95rMLhJ0AmkA2wZKXc4hUJOOOiT/9dcY5MZe0p
vAQFGhELmIntJvDjsSBex9qa0M/xApVPSJYlXSgYBLnTCP7LzANqiknMiboZpZWx
tTU5WtGuGfB3SGOQfdfyFJ4CApz0brxC/JxpxJ642qU+Y9cvhkTiUk4WXB1acMrb
TMR8U3tR//t2O5ZzAJyY7Mz75FEJhLYbPxWGILcDq0aJFdBHS4h3zcCu8fLdAMvg
t+SBJ2BBGR6f8WMKZxLmwajMLh7ZUamlYjTQr45OE1dJqUwhLugG7sOS4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP7GlbtXsV6sqEedi+gb0pV8n7g4MB8GA1UdIwQY
MBaAFF46YvE0fBdC5bbjdAJE05i1OlE8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGpwaThUUjhGMExsdHVOMEFrVFRtTFU2VVR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80MjVjYzEtNTAxNC00OTc5LTg0ZWIt
MDI1NTQwYWZmMTVkLzEvX3NhVnUxZXhYcXlvUjUyTDZCdlNsWHlmdURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80MjVjYzEtNTAxNC00OTc5LTg0ZWItMDI1NTQwYWZmMTVk
LzEvWGpwaThUUjhGMExsdHVOMEFrVFRtTFU2VVR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hoMA0G
CSqGSIb3DQEBCwUAA4IBAQCFlRqfn77ne+nhoYpZbZaHp46Ev3vcvFJnST5NCuMV
3xkAFDP17MHdHW4Nowe7VYPct824iL0jjVmJFonSuXQioxRr9Lw+v9p0CVEPNM6f
jzo30quQMUy8e4BkRSVR/D+7Yj0oKP2yUZmT+eV5/LMr87fk2wLLo03r6IFDCqpu
gYFaIk7o5c6Mc4yLTEC1nYDFZToo9XOgZsncQQZPWyEiETHrOtz4weBjCUDQLnEj
oIk4AwFr5e8hj7UHNb//Xcmstv/t7FeQo/ZQxxDFlDXtD/D4Qup87CdcQDVoPq7f
hBhziK/K/P8QtgWSs0aRS+hXTP53kzNF3hia7fDt7SNw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:58 2024 by rpki-client on console-ams.rpki-client.org