Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/7_UKaGz5CS3mZhmVHByK-5MoHc4.roa
File:                     7_UKaGz5CS3mZhmVHByK-5MoHc4.roa (raw, json)
Hash identifier:          MAXrosCxVv0Y4G+yC7EPcD0nQfemzRExcosp9nv+u0Q=
Subject key identifier:   EF:F5:0A:68:6C:F9:09:2D:E6:66:19:95:1C:1C:8A:FB:93:28:1D:CE
Certificate issuer:       /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial:       018CC3B67E6A5E87C94DC9C4AEA405B0A31D
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/7_UKaGz5CS3mZhmVHByK-5MoHc4.roa
Signing time:             Mon 01 Jan 2024 06:29:26 +0000
ROA not before:           Mon 01 Jan 2024 06:29:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     397423
IP address blocks:        91.239.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Feb 2024 07:05:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:7e:6a:5e:87:c9:4d:c9:c4:ae:a4:05:b0:a3:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
        Validity
            Not Before: Jan  1 06:29:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eff50a686cf9092de66619951c1c8afb93281dce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:74:c0:ca:af:d0:c0:ea:87:a3:22:cb:78:65:
                    14:b4:61:8a:f2:83:92:3b:84:ca:b6:f4:72:cd:3f:
                    f4:3c:ff:dc:7d:57:3e:ff:1a:aa:e5:72:5a:cc:f3:
                    ab:9d:8d:a1:39:64:69:fa:a5:b2:4c:fa:05:e7:a6:
                    9c:1c:8b:3b:22:ab:c7:b1:cd:ec:28:72:82:0c:0d:
                    49:51:05:10:04:bd:86:2e:79:e4:cd:77:45:8e:d8:
                    f3:e5:8c:5d:65:2b:b0:13:b2:4c:eb:81:39:f7:4c:
                    76:d8:d1:cf:a7:52:49:a7:da:51:f0:28:67:61:f5:
                    e5:7f:3a:96:0d:e4:ca:ae:39:78:ff:7c:0a:18:2c:
                    a7:69:48:b3:1b:ea:5a:34:cc:71:e1:28:52:eb:73:
                    e5:4f:4b:fa:b5:24:ff:ef:6c:d9:7e:1c:cd:cb:a2:
                    b6:ed:af:43:2d:58:04:70:8e:36:e8:54:4d:13:04:
                    bf:0d:ce:8a:13:58:68:f4:4e:3b:7a:2b:05:42:ea:
                    19:ce:2e:bf:cf:f1:cc:9d:20:bf:94:50:56:96:57:
                    51:c6:21:2c:56:7a:d5:63:fb:69:1c:6d:e8:9e:ec:
                    12:a9:eb:46:db:75:2a:6e:d4:b1:9c:fe:85:86:0a:
                    53:87:68:78:0c:42:d9:2c:f6:dd:ae:8f:1b:02:cd:
                    33:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:F5:0A:68:6C:F9:09:2D:E6:66:19:95:1C:1C:8A:FB:93:28:1D:CE
            X509v3 Authority Key Identifier:
                keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/7_UKaGz5CS3mZhmVHByK-5MoHc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:d5:e4:67:38:67:a8:37:c8:84:11:7a:cb:a4:44:9a:ec:a8:
         8e:d8:75:1d:ff:be:4f:fa:26:38:58:6b:e1:32:96:e2:4e:88:
         78:d1:d6:d2:7b:49:ca:8f:6e:b3:04:0a:01:e6:db:da:93:b8:
         c9:ba:30:a5:f2:24:64:54:a7:22:30:cb:20:3f:a6:e2:e1:ce:
         53:f0:ea:b8:0b:f0:fb:21:fe:d9:cd:46:b2:e3:bd:f9:27:1f:
         a9:a6:5c:be:98:22:83:db:3a:28:fe:08:9a:db:8a:8c:90:39:
         92:ca:33:b0:c6:28:3e:59:b6:1c:1c:57:53:89:13:ee:54:29:
         03:02:92:54:4b:21:4a:07:b5:bc:e9:b0:3b:27:a1:36:61:1d:
         b5:db:dd:5c:23:c4:a5:59:8c:7a:c0:6f:a9:c5:56:da:e8:03:
         34:c9:c0:28:ce:80:47:ed:78:cd:25:b6:53:a8:b0:db:35:20:
         09:1f:c7:68:63:45:21:a5:94:99:16:89:fc:6c:44:87:41:cb:
         45:b7:7a:38:5c:c0:38:87:70:33:6b:36:9c:b2:22:55:42:85:
         9e:cd:cd:79:00:a3:a3:b6:4c:79:6e:23:dd:8c:2b:c1:71:70:
         1e:37:e5:7d:d2:5b:9a:74:f4:3e:5e:20:fd:77:3c:40:cf:72:
         0a:d4:61:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtn5qXofJTcnErqQFsKMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmY1MGE2ODZjZjkwOTJkZTY2NjE5OTUxYzFjOGFmYjkzMjgxZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHTAyq/QwOqHoyLLeGUUtGGK8oOS
O4TKtvRyzT/0PP/cfVc+/xqq5XJazPOrnY2hOWRp+qWyTPoF56acHIs7IqvHsc3s
KHKCDA1JUQUQBL2GLnnkzXdFjtjz5YxdZSuwE7JM64E590x22NHPp1JJp9pR8Chn
YfXlfzqWDeTKrjl4/3wKGCynaUizG+paNMxx4ShS63PlT0v6tST/72zZfhzNy6K2
7a9DLVgEcI426FRNEwS/Dc6KE1ho9E47eisFQuoZzi6/z/HMnSC/lFBWlldRxiEs
VnrVY/tpHG3onuwSqetG23UqbtSxnP6FhgpTh2h4DELZLPbdro8bAs0zyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/1Cmhs+Qkt5mYZlRwcivuTKB3OMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvN19VS2FHejVDUzNtWmhtVkhCeUstNU1vSGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+8lMA0G
CSqGSIb3DQEBCwUAA4IBAQB51eRnOGeoN8iEEXrLpESa7KiO2HUd/75P+iY4WGvh
MpbiToh40dbSe0nKj26zBAoB5tvak7jJujCl8iRkVKciMMsgP6bi4c5T8Oq4C/D7
If7ZzUay4735Jx+pply+mCKD2zoo/gia24qMkDmSyjOwxig+WbYcHFdTiRPuVCkD
ApJUSyFKB7W86bA7J6E2YR21291cI8SlWYx6wG+pxVba6AM0ycAozoBH7XjNJbZT
qLDbNSAJH8doY0UhpZSZFon8bESHQctFt3o4XMA4h3AzazacsiJVQoWezc15AKOj
tkx5biPdjCvBcXAeN+V90luadPQ+XiD9dzxAz3IK1GEl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:31 2024 by rpki-client on console-fra.rpki-client.org