Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/9TZ3PkMGWs8TtKuvL4_L0yOa-y4.roa
File:                     9TZ3PkMGWs8TtKuvL4_L0yOa-y4.roa (raw, json)
Hash identifier:          nrEECPWGze/L8LDfTD1Lj84Kzyk/aangwA95SNcuit8=
Subject key identifier:   F5:36:77:3E:43:06:5A:CF:13:B4:AB:AF:2F:8F:CB:D3:23:9A:FB:2E
Certificate issuer:       /CN=72c3a9a3ad320a8fc61b5f8789f525d07e5be251
Certificate serial:       0185707995C667C6C9A065F903F164560AB9
Authority key identifier: 72:C3:A9:A3:AD:32:0A:8F:C6:1B:5F:87:89:F5:25:D0:7E:5B:E2:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/csOpo60yCo_GG1-HifUl0H5b4lE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/9TZ3PkMGWs8TtKuvL4_L0yOa-y4.roa
Signing time:             Mon 02 Jan 2023 03:14:54 +0000
ROA not before:           Mon 02 Jan 2023 03:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48409
IP address blocks:        91.207.238.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:95:c6:67:c6:c9:a0:65:f9:03:f1:64:56:0a:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72c3a9a3ad320a8fc61b5f8789f525d07e5be251
        Validity
            Not Before: Jan  2 03:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f536773e43065acf13b4abaf2f8fcbd3239afb2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:00:25:36:d8:4e:3a:09:c3:5e:6d:2e:67:88:
                    7e:1d:8d:73:14:43:7f:44:13:66:55:f9:99:03:8a:
                    9c:41:f0:1e:c4:56:70:3b:d0:89:f8:14:09:cf:81:
                    1e:00:39:fe:49:93:5a:fb:85:67:3f:f2:a6:b1:fd:
                    10:cf:a5:79:6b:cf:e1:50:37:56:6c:38:52:87:1a:
                    9c:84:94:28:36:b3:f0:14:4d:4c:eb:9f:7c:d6:cc:
                    4a:53:dc:9d:ff:e1:15:46:e6:05:c2:ab:c9:ed:db:
                    a4:cd:ba:8c:5a:96:69:47:db:33:45:3d:42:51:a4:
                    d8:2c:7d:45:76:b1:4d:a3:43:ce:2a:96:0c:b8:52:
                    04:18:ea:7b:30:6c:27:6c:e3:7f:15:ce:13:9f:d0:
                    d6:97:0a:f1:25:63:59:1b:70:a6:e7:fa:a8:58:ab:
                    14:bb:61:47:97:07:b9:79:33:ef:cc:c8:5c:ea:a1:
                    52:6c:48:d4:99:91:16:65:fa:2f:bd:72:f3:cd:b9:
                    e8:b6:59:96:b4:48:d8:65:21:78:5d:34:bb:ed:4f:
                    04:3a:94:69:4d:9f:3b:b7:f9:05:f8:09:9c:79:6b:
                    2b:95:6d:35:ce:ea:1f:ee:a4:96:53:28:9f:52:18:
                    7e:a0:68:c8:3f:10:63:14:b5:18:f4:56:d1:64:cc:
                    fb:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:36:77:3E:43:06:5A:CF:13:B4:AB:AF:2F:8F:CB:D3:23:9A:FB:2E
            X509v3 Authority Key Identifier:
                keyid:72:C3:A9:A3:AD:32:0A:8F:C6:1B:5F:87:89:F5:25:D0:7E:5B:E2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csOpo60yCo_GG1-HifUl0H5b4lE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/9TZ3PkMGWs8TtKuvL4_L0yOa-y4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/csOpo60yCo_GG1-HifUl0H5b4lE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.207.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:d9:0b:9b:56:22:63:6d:7e:4f:d5:be:76:45:29:4f:0e:2f:
         fd:35:b8:b6:24:af:b7:82:be:26:a1:f0:06:9f:66:33:8f:93:
         fa:2b:9b:9b:ba:76:4c:0a:d5:db:57:d3:39:09:27:4d:5f:81:
         82:1c:85:ce:d2:ac:ce:f9:08:41:b3:76:29:a0:cb:6d:13:59:
         39:2f:82:e0:66:4c:9c:b0:0e:85:e5:4d:b7:9d:0f:7f:1e:fc:
         41:10:de:61:76:11:08:1a:a3:d2:e7:13:1f:f3:fe:22:8d:ac:
         d7:e2:5d:7f:2a:ec:0e:97:ed:8a:bc:cb:db:c3:6a:f8:30:dc:
         01:86:3f:18:d6:ee:06:f3:3f:e5:8d:f5:dd:2b:ed:c4:96:ac:
         38:d2:3c:22:84:05:93:65:0e:f5:3e:24:b9:e6:e0:bf:c9:2c:
         11:5c:25:95:b3:a6:41:a3:e2:a2:32:54:a0:45:af:41:e4:3d:
         29:17:5e:44:29:f1:11:8b:3f:d3:1d:80:77:5d:18:c7:1d:00:
         4b:36:8f:0e:3f:1c:93:f0:e7:21:71:ab:c4:c5:57:6a:ea:f7:
         5b:47:1a:fb:6b:c5:7c:ac:87:0e:68:0e:b6:94:4b:47:64:48:
         e6:3f:81:65:f8:5e:51:62:33:92:6a:14:f4:43:8e:cc:f7:a3:
         8a:33:96:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweZXGZ8bJoGX5A/FkVgq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzNhOWEzYWQzMjBhOGZjNjFiNWY4Nzg5ZjUyNWQwN2U1
YmUyNTEwHhcNMjMwMTAyMDMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTM2NzczZTQzMDY1YWNmMTNiNGFiYWYyZjhmY2JkMzIzOWFmYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQAlNthOOgnDXm0uZ4h+HY1zFEN/
RBNmVfmZA4qcQfAexFZwO9CJ+BQJz4EeADn+SZNa+4VnP/Kmsf0Qz6V5a8/hUDdW
bDhShxqchJQoNrPwFE1M65981sxKU9yd/+EVRuYFwqvJ7dukzbqMWpZpR9szRT1C
UaTYLH1FdrFNo0POKpYMuFIEGOp7MGwnbON/Fc4Tn9DWlwrxJWNZG3Cm5/qoWKsU
u2FHlwe5eTPvzMhc6qFSbEjUmZEWZfovvXLzzbnotlmWtEjYZSF4XTS77U8EOpRp
TZ87t/kF+AmceWsrlW01zuof7qSWUyifUhh+oGjIPxBjFLUY9FbRZMz7dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPU2dz5DBlrPE7Srry+Py9MjmvsuMB8GA1UdIwQY
MBaAFHLDqaOtMgqPxhtfh4n1JdB+W+JRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NPcG82MHlDb19HRzEtSGlmVWwwSDViNGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lZmE0ZDctOTlhNy00YzE4LTgwZmQt
ZDI5ZjQ1Zjc5M2M3LzEvOVRaM1BrTUdXczhUdEt1dkw0X0wweU9hLXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lZmE0ZDctOTlhNy00YzE4LTgwZmQtZDI5ZjQ1Zjc5M2M3
LzEvY3NPcG82MHlDb19HRzEtSGlmVWwwSDViNGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8/uMA0G
CSqGSIb3DQEBCwUAA4IBAQCN2QubViJjbX5P1b52RSlPDi/9Nbi2JK+3gr4mofAG
n2Yzj5P6K5ubunZMCtXbV9M5CSdNX4GCHIXO0qzO+QhBs3YpoMttE1k5L4LgZkyc
sA6F5U23nQ9/HvxBEN5hdhEIGqPS5xMf8/4ijazX4l1/KuwOl+2KvMvbw2r4MNwB
hj8Y1u4G8z/ljfXdK+3Elqw40jwihAWTZQ71PiS55uC/ySwRXCWVs6ZBo+KiMlSg
Ra9B5D0pF15EKfERiz/THYB3XRjHHQBLNo8OPxyT8OchcavExVdq6vdbRxr7a8V8
rIcOaA62lEtHZEjmP4Fl+F5RYjOSahT0Q47M96OKM5Y7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:57 2024 by rpki-client on console-fra.rpki-client.org