Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/UcWHiCFohLt4-sWyaaYzFGT8Xd8.roa
File:                     UcWHiCFohLt4-sWyaaYzFGT8Xd8.roa (raw, json)
Hash identifier:          7UQTz6zrh0jiQgzQaUVwErBpYwBGhyXjGhZ3iBDfAoY=
Subject key identifier:   51:C5:87:88:21:68:84:BB:78:FA:C5:B2:69:A6:33:14:64:FC:5D:DF
Certificate issuer:       /CN=f59cb923e4069bfe362e2d96ffab2ff31078317a
Certificate serial:       01856F3934CF66056D45A4AC2BF5D572FF31
Authority key identifier: F5:9C:B9:23:E4:06:9B:FE:36:2E:2D:96:FF:AB:2F:F3:10:78:31:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Zy5I-QGm_42Li2W_6sv8xB4MXo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/UcWHiCFohLt4-sWyaaYzFGT8Xd8.roa
Signing time:             Sun 01 Jan 2023 21:24:58 +0000
ROA not before:           Sun 01 Jan 2023 21:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39632
IP address blocks:        91.208.26.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:34:cf:66:05:6d:45:a4:ac:2b:f5:d5:72:ff:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f59cb923e4069bfe362e2d96ffab2ff31078317a
        Validity
            Not Before: Jan  1 21:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51c58788216884bb78fac5b269a6331464fc5ddf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d9:a8:2e:fa:65:6c:41:18:fc:9e:c8:b2:91:
                    ba:84:25:c6:ec:d8:25:bb:20:08:63:7b:65:f9:cb:
                    ba:5a:b7:dd:27:61:23:72:93:83:28:e7:f6:77:00:
                    cc:95:00:46:d5:0d:30:8b:a2:4a:9a:d0:df:45:c7:
                    43:de:ab:ea:ba:2e:ea:30:5c:d8:aa:47:0a:23:20:
                    85:d6:55:0c:ca:e2:4c:e5:28:33:32:e5:bd:80:ee:
                    af:70:e9:17:7d:23:71:6d:64:9c:97:b4:87:17:bb:
                    ff:7c:16:31:5a:9f:c6:96:0b:e3:1d:c1:f8:b0:f6:
                    aa:a3:ae:2f:94:56:e6:70:78:0c:75:0e:78:e0:b3:
                    44:9f:dd:49:fb:f5:49:3b:76:45:30:3c:f5:98:53:
                    fb:6b:da:af:4e:e3:87:9e:7e:75:f8:23:48:c6:97:
                    1e:4d:e1:e5:9c:e2:42:bf:13:c4:22:bb:0d:9b:03:
                    a3:90:28:6e:b6:84:ef:27:b1:1a:9d:f9:e6:8b:a6:
                    54:4b:1a:cb:49:30:fb:6d:60:f5:13:1b:7b:b5:a5:
                    42:62:ee:e8:b3:7a:c0:80:c3:5f:c8:3d:5b:aa:da:
                    a1:a8:6c:5c:06:4a:4c:70:91:ab:14:c9:fe:3f:fe:
                    8a:d9:70:43:2a:9f:77:37:4c:1a:ad:2b:42:b0:2f:
                    10:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:C5:87:88:21:68:84:BB:78:FA:C5:B2:69:A6:33:14:64:FC:5D:DF
            X509v3 Authority Key Identifier:
                keyid:F5:9C:B9:23:E4:06:9B:FE:36:2E:2D:96:FF:AB:2F:F3:10:78:31:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Zy5I-QGm_42Li2W_6sv8xB4MXo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/UcWHiCFohLt4-sWyaaYzFGT8Xd8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/726298-0279-4b93-a985-a04ad22e33f3/1/9Zy5I-QGm_42Li2W_6sv8xB4MXo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:22:df:e7:38:b4:13:cc:fd:73:30:fe:6a:9c:9f:51:d2:58:
         04:8d:ab:ef:6c:9c:70:6a:ab:43:95:02:9e:8d:dc:69:26:21:
         db:20:a8:a0:a2:67:14:6d:0b:0e:1a:9b:0b:63:fa:e2:e3:b7:
         82:d1:f8:b5:a3:e1:3a:7f:14:99:00:35:01:74:33:2c:32:b7:
         35:21:35:11:52:01:85:24:f4:dd:76:65:0b:07:eb:36:14:09:
         60:39:1c:13:f9:5e:fe:de:22:22:92:31:12:46:c5:55:c2:71:
         23:c8:b9:e8:bb:59:09:ad:f7:61:9a:b0:eb:ec:25:0d:42:18:
         f1:38:d3:88:ec:dc:17:01:57:8a:a4:59:47:46:62:8d:f8:f4:
         cc:c9:dd:0a:9a:c3:3f:5e:d6:bf:33:d2:a9:75:aa:0f:24:83:
         b2:54:f8:4f:11:fd:6c:6c:3a:15:05:2a:e6:0c:24:c8:c4:5d:
         db:fa:e7:15:00:50:80:d5:4f:e2:9a:73:f7:14:b3:41:21:6c:
         66:e5:50:ef:f7:65:d6:07:31:f1:00:fb:0d:8a:ca:eb:78:af:
         27:23:1e:ed:6e:5a:a0:64:99:49:8c:52:a8:bc:da:f8:74:32:
         79:34:91:4b:78:ae:13:7b:4f:0e:a1:b0:51:9b:9c:1a:90:68:
         63:c3:04:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOTTPZgVtRaSsK/XVcv8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OWNiOTIzZTQwNjliZmUzNjJlMmQ5NmZmYWIyZmYzMTA3
ODMxN2EwHhcNMjMwMTAxMjEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWM1ODc4ODIxNjg4NGJiNzhmYWM1YjI2OWE2MzMxNDY0ZmM1ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09moLvplbEEY/J7IspG6hCXG7Ngl
uyAIY3tl+cu6WrfdJ2EjcpODKOf2dwDMlQBG1Q0wi6JKmtDfRcdD3qvqui7qMFzY
qkcKIyCF1lUMyuJM5SgzMuW9gO6vcOkXfSNxbWScl7SHF7v/fBYxWp/GlgvjHcH4
sPaqo64vlFbmcHgMdQ544LNEn91J+/VJO3ZFMDz1mFP7a9qvTuOHnn51+CNIxpce
TeHlnOJCvxPEIrsNmwOjkChutoTvJ7Eanfnmi6ZUSxrLSTD7bWD1Ext7taVCYu7o
s3rAgMNfyD1bqtqhqGxcBkpMcJGrFMn+P/6K2XBDKp93N0warStCsC8QCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFHFh4ghaIS7ePrFsmmmMxRk/F3fMB8GA1UdIwQY
MBaAFPWcuSPkBpv+Ni4tlv+rL/MQeDF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVp5NUktUUdtXzQyTGkyV182c3Y4eEI0TVhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MjYyOTgtMDI3OS00YjkzLWE5ODUt
YTA0YWQyMmUzM2YzLzEvVWNXSGlDRm9oTHQ0LXNXeWFhWXpGR1Q4WGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MjYyOTgtMDI3OS00YjkzLWE5ODUtYTA0YWQyMmUzM2Yz
LzEvOVp5NUktUUdtXzQyTGkyV182c3Y4eEI0TVhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AaMA0G
CSqGSIb3DQEBCwUAA4IBAQCBIt/nOLQTzP1zMP5qnJ9R0lgEjavvbJxwaqtDlQKe
jdxpJiHbIKigomcUbQsOGpsLY/ri47eC0fi1o+E6fxSZADUBdDMsMrc1ITURUgGF
JPTddmULB+s2FAlgORwT+V7+3iIikjESRsVVwnEjyLnou1kJrfdhmrDr7CUNQhjx
ONOI7NwXAVeKpFlHRmKN+PTMyd0KmsM/Xta/M9KpdaoPJIOyVPhPEf1sbDoVBSrm
DCTIxF3b+ucVAFCA1U/imnP3FLNBIWxm5VDv92XWBzHxAPsNisrreK8nIx7tblqg
ZJlJjFKovNr4dDJ5NJFLeK4Te08OobBRm5wakGhjwwTH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org