Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/pbClZIgqgz1Ui1QSGkE7bVZSVxA.roa
File:                     pbClZIgqgz1Ui1QSGkE7bVZSVxA.roa (raw, json)
Hash identifier:          rP7HyBa0iuXOKBYYz7qVq64KV809+SGC9wL8KC4H/cQ=
Subject key identifier:   A5:B0:A5:64:88:2A:83:3D:54:8B:54:12:1A:41:3B:6D:56:52:57:10
Certificate issuer:       /CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Certificate serial:       0185718C435929C5E687DDE5E9E47EB41985
Authority key identifier: DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/pbClZIgqgz1Ui1QSGkE7bVZSVxA.roa
Signing time:             Mon 02 Jan 2023 08:14:55 +0000
ROA not before:           Mon 02 Jan 2023 08:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        91.236.66.0/24 maxlen: 24
                          91.236.67.0/24 maxlen: 24
                          2a10:a700:100::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:8c:43:59:29:c5:e6:87:dd:e5:e9:e4:7e:b4:19:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
        Validity
            Not Before: Jan  2 08:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a5b0a564882a833d548b54121a413b6d56525710
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:58:53:bb:21:0c:60:68:4c:79:07:55:96:e1:
                    8b:24:aa:9f:7c:55:83:5a:57:7f:1b:7d:00:6d:05:
                    5e:37:c7:45:63:92:e0:ba:9a:37:1c:ff:87:17:e6:
                    91:f4:5f:99:78:d3:6f:91:d7:d2:38:a8:2a:f5:6f:
                    9b:b9:63:fa:71:fb:6e:de:d0:2a:25:40:db:2c:e2:
                    4b:f8:68:86:6f:01:82:40:a9:af:62:7b:85:26:fc:
                    16:f9:ce:6c:8b:61:e9:1a:0e:7b:c3:8f:c0:4c:19:
                    15:fb:2b:2e:90:f5:14:64:57:8a:ee:9c:1d:e1:24:
                    f5:81:e0:75:d1:be:d3:2d:e4:68:5f:92:a9:e6:f5:
                    0a:23:07:c2:c4:57:27:3d:18:fa:51:3c:45:fc:28:
                    3e:92:4f:4c:34:14:1f:e6:3d:a7:bc:8b:2a:b5:0a:
                    d7:09:20:af:11:02:e8:52:f6:6a:80:d7:2a:4c:e5:
                    a7:18:fa:dd:35:24:4a:55:a5:27:08:9a:d0:c1:de:
                    89:f6:80:52:be:d0:82:d1:d7:7a:05:13:b7:d3:f0:
                    1c:27:8a:88:1d:d1:d3:f3:08:d6:a6:79:bb:3b:16:
                    ac:03:41:0d:2e:f9:02:62:6e:cb:ca:4c:20:f5:36:
                    8f:77:fa:b8:3f:7d:3c:46:e1:dd:cc:3c:22:46:4f:
                    5f:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:B0:A5:64:88:2A:83:3D:54:8B:54:12:1A:41:3B:6D:56:52:57:10
            X509v3 Authority Key Identifier:
                keyid:DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/pbClZIgqgz1Ui1QSGkE7bVZSVxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.236.66.0/23
                IPv6:
                  2a10:a700:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         94:7c:43:31:cb:06:5b:15:91:c8:92:57:9e:aa:0d:74:30:de:
         2d:d7:cf:4a:6f:ce:28:d4:9c:d1:85:56:55:1d:65:4c:a5:8e:
         b2:fd:a5:9c:c6:68:1a:a2:fb:b9:b4:d1:f4:78:ec:7e:ce:eb:
         f4:5d:4c:84:11:6b:72:99:c7:e8:50:58:a6:81:8b:e5:34:92:
         32:02:31:61:f2:03:6a:ac:3c:fc:da:88:d4:af:b4:38:e4:c8:
         70:b9:29:1f:94:a8:51:fa:9a:7a:b9:44:79:c9:aa:c3:25:05:
         65:15:45:75:f2:6a:81:86:0b:3f:59:c3:3b:a7:03:71:ec:17:
         10:66:7d:7c:b7:fe:ad:57:8e:03:b9:83:22:af:fa:ef:4b:99:
         f1:8f:ac:5e:a6:26:8a:e1:f3:48:82:11:7c:54:55:0d:1e:73:
         be:e2:60:59:95:82:4e:33:b8:3d:07:74:34:c0:70:68:ea:33:
         1e:50:ad:70:6f:33:49:4e:38:0b:10:5a:f4:39:b7:4c:5a:ca:
         98:c9:66:88:db:a0:9d:44:20:2f:3a:c2:6c:7f:fa:bc:28:e1:
         7a:76:34:d5:92:2e:29:77:80:93:b5:dd:70:5f:f3:31:2e:52:
         7c:d0:53:ed:5e:a5:a2:78:7a:9e:3b:c6:d0:63:58:0d:69:21:
         41:66:8d:f2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxjENZKcXmh93l6eR+tBmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZmFlN2Q0ZTY5ZDQyZTRmNGM5NWQ5OWY0ODJiOWE5NDRk
YmVmYzgwHhcNMjMwMTAyMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWIwYTU2NDg4MmE4MzNkNTQ4YjU0MTIxYTQxM2I2ZDU2NTI1NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVhTuyEMYGhMeQdVluGLJKqffFWD
Wld/G30AbQVeN8dFY5Lgupo3HP+HF+aR9F+ZeNNvkdfSOKgq9W+buWP6cftu3tAq
JUDbLOJL+GiGbwGCQKmvYnuFJvwW+c5si2HpGg57w4/ATBkV+ysukPUUZFeK7pwd
4ST1geB10b7TLeRoX5Kp5vUKIwfCxFcnPRj6UTxF/Cg+kk9MNBQf5j2nvIsqtQrX
CSCvEQLoUvZqgNcqTOWnGPrdNSRKVaUnCJrQwd6J9oBSvtCC0dd6BRO30/AcJ4qI
HdHT8wjWpnm7OxasA0ENLvkCYm7Lykwg9TaPd/q4P308RuHdzDwiRk9frQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKWwpWSIKoM9VItUEhpBO21WUlcQMB8GA1UdIwQY
MBaAFNz659TmnULk9MldmfSCualE2+/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYt
MzcyNzNkZjM5MDFjLzEvcGJDbFpJZ3FnejFVaTFRU0drRTdiVlpTVnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYtMzcyNzNkZjM5MDFj
LzEvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBW+xCMA4E
AgACMAgDBgAqEKcAATANBgkqhkiG9w0BAQsFAAOCAQEAlHxDMcsGWxWRyJJXnqoN
dDDeLdfPSm/OKNSc0YVWVR1lTKWOsv2lnMZoGqL7ubTR9Hjsfs7r9F1MhBFrcpnH
6FBYpoGL5TSSMgIxYfIDaqw8/NqI1K+0OOTIcLkpH5SoUfqaerlEecmqwyUFZRVF
dfJqgYYLP1nDO6cDcewXEGZ9fLf+rVeOA7mDIq/670uZ8Y+sXqYmiuHzSIIRfFRV
DR5zvuJgWZWCTjO4PQd0NMBwaOozHlCtcG8zSU44CxBa9Dm3TFrKmMlmiNugnUQg
LzrCbH/6vCjhenY01ZIuKXeAk7XdcF/zMS5SfNBT7V6lonh6njvG0GNYDWkhQWaN
8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:43 2024 by rpki-client on console-ams.rpki-client.org