Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/313988-6f21-453e-8ef4-e671d94b0a20/1/RMydAHCPa1exqndFU6a-aQSZOkw.roa
File:                     RMydAHCPa1exqndFU6a-aQSZOkw.roa (raw, json)
Hash identifier:          qjPFDvk10Gb+OPbGyFZauoiYXAZpANg4ykYqVFvz4rc=
Subject key identifier:   44:CC:9D:00:70:8F:6B:57:B1:AA:77:45:53:A6:BE:69:04:99:3A:4C
Certificate issuer:       /CN=68e078b5181be5fbe914b412a412096bc8d71549
Certificate serial:       018573CD07B78B17F24BC5B2F2993D2265D1
Authority key identifier: 68:E0:78:B5:18:1B:E5:FB:E9:14:B4:12:A4:12:09:6B:C8:D7:15:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aOB4tRgb5fvpFLQSpBIJa8jXFUk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/313988-6f21-453e-8ef4-e671d94b0a20/1/RMydAHCPa1exqndFU6a-aQSZOkw.roa
Signing time:             Mon 02 Jan 2023 18:44:54 +0000
ROA not before:           Mon 02 Jan 2023 18:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43046
IP address blocks:        91.229.0.0/23 maxlen: 23
                          195.191.160.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:cd:07:b7:8b:17:f2:4b:c5:b2:f2:99:3d:22:65:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68e078b5181be5fbe914b412a412096bc8d71549
        Validity
            Not Before: Jan  2 18:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=44cc9d00708f6b57b1aa774553a6be6904993a4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:5a:11:30:aa:05:a1:e8:7a:6f:38:2b:30:bc:
                    3d:dd:f4:30:71:08:eb:ba:46:3c:61:93:9f:36:fb:
                    8f:12:de:af:72:49:35:00:2c:d0:c6:b3:50:d6:c6:
                    12:be:a2:96:c2:fb:6f:2e:ed:17:b7:7a:e1:2a:85:
                    45:19:df:11:96:8e:63:d4:53:8e:1c:72:c1:90:45:
                    3d:fa:f2:66:18:e4:da:a1:b5:b5:0b:27:d8:7e:8e:
                    eb:87:fd:a4:32:b7:9b:82:a6:37:09:ed:0e:18:c3:
                    5f:43:97:54:3a:81:be:f4:44:34:7a:73:34:0d:09:
                    8f:49:0b:d8:2d:73:be:bb:91:61:d2:40:9a:87:96:
                    0d:66:95:93:ad:5a:0b:35:6f:0b:74:50:df:64:fd:
                    14:1b:76:df:27:31:f7:c2:dd:76:c4:e4:9a:9b:1b:
                    0f:b6:77:e9:47:35:49:4e:ff:a4:f1:3d:b2:84:ce:
                    a8:e4:a8:ea:14:5c:9a:2d:4e:bd:4b:38:e3:48:b1:
                    aa:c0:18:6d:f5:e4:80:53:0d:bd:1b:2d:c9:de:55:
                    e2:83:7c:e2:8b:7b:e1:e9:31:83:ad:de:23:e1:75:
                    99:bd:79:f5:33:e5:2f:8d:0a:e0:47:f1:d6:81:9c:
                    94:d5:c2:d5:bb:de:e7:41:b8:37:35:14:cf:d3:54:
                    df:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:CC:9D:00:70:8F:6B:57:B1:AA:77:45:53:A6:BE:69:04:99:3A:4C
            X509v3 Authority Key Identifier:
                keyid:68:E0:78:B5:18:1B:E5:FB:E9:14:B4:12:A4:12:09:6B:C8:D7:15:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOB4tRgb5fvpFLQSpBIJa8jXFUk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/313988-6f21-453e-8ef4-e671d94b0a20/1/RMydAHCPa1exqndFU6a-aQSZOkw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/313988-6f21-453e-8ef4-e671d94b0a20/1/aOB4tRgb5fvpFLQSpBIJa8jXFUk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.229.0.0/23
                  195.191.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:46:ea:af:ef:22:5a:31:4d:55:ff:93:29:ad:65:a4:f8:81:
         09:df:5c:d6:2b:80:b4:06:51:db:da:08:4b:c9:d4:dc:d6:04:
         82:59:2b:a4:1b:0e:a2:19:06:3c:07:e1:04:0e:68:08:1e:fd:
         c7:b7:1e:4f:4f:6e:53:ea:ff:80:e7:6f:04:2d:18:1e:bf:72:
         d4:91:d1:37:4f:6c:f8:db:e9:18:46:3c:26:59:54:03:45:5b:
         a5:90:97:91:95:fb:82:36:5e:fd:d9:25:58:1c:7c:20:29:b6:
         76:64:bd:7f:c8:57:4b:dc:64:60:24:8a:7e:03:42:b2:5d:74:
         37:a6:2c:94:04:9d:5a:7f:48:1c:2b:95:f7:67:63:43:07:09:
         fc:ef:8a:66:80:81:58:2e:5a:c4:a7:87:9d:c1:7a:8a:06:0f:
         30:dc:15:d6:a8:d1:4f:9c:24:b9:94:e3:43:bb:51:20:d0:3b:
         7a:65:e6:04:00:db:27:39:44:22:aa:aa:f7:ae:f6:18:24:74:
         5c:30:a9:4c:bb:4c:ce:c6:56:1f:c3:a3:1e:c6:9d:ca:8d:09:
         0f:ac:49:ff:0e:c3:a7:19:02:7c:7a:12:58:ea:cf:e0:34:33:
         18:28:9b:2c:85:8a:18:b1:33:43:9a:4b:e9:6f:34:3a:f5:e9:
         0a:e2:98:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzzQe3ixfyS8Wy8pk9ImXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTA3OGI1MTgxYmU1ZmJlOTE0YjQxMmE0MTIwOTZiYzhk
NzE1NDkwHhcNMjMwMTAyMTg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGNjOWQwMDcwOGY2YjU3YjFhYTc3NDU1M2E2YmU2OTA0OTkzYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVoRMKoFoeh6bzgrMLw93fQwcQjr
ukY8YZOfNvuPEt6vckk1ACzQxrNQ1sYSvqKWwvtvLu0Xt3rhKoVFGd8Rlo5j1FOO
HHLBkEU9+vJmGOTaobW1CyfYfo7rh/2kMrebgqY3Ce0OGMNfQ5dUOoG+9EQ0enM0
DQmPSQvYLXO+u5Fh0kCah5YNZpWTrVoLNW8LdFDfZP0UG3bfJzH3wt12xOSamxsP
tnfpRzVJTv+k8T2yhM6o5KjqFFyaLU69SzjjSLGqwBht9eSAUw29Gy3J3lXig3zi
i3vh6TGDrd4j4XWZvXn1M+UvjQrgR/HWgZyU1cLVu97nQbg3NRTP01TfcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFETMnQBwj2tXsap3RVOmvmkEmTpMMB8GA1UdIwQY
MBaAFGjgeLUYG+X76RS0EqQSCWvI1xVJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9CNHRSZ2I1ZnZwRkxRU3BCSUphOGpYRlVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8zMTM5ODgtNmYyMS00NTNlLThlZjQt
ZTY3MWQ5NGIwYTIwLzEvUk15ZEFIQ1BhMWV4cW5kRlU2YS1hUVNaT2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8zMTM5ODgtNmYyMS00NTNlLThlZjQtZTY3MWQ5NGIwYTIw
LzEvYU9CNHRSZ2I1ZnZwRkxRU3BCSUphOGpYRlVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+UAAwQB
w7+gMA0GCSqGSIb3DQEBCwUAA4IBAQA6Ruqv7yJaMU1V/5MprWWk+IEJ31zWK4C0
BlHb2ghLydTc1gSCWSukGw6iGQY8B+EEDmgIHv3Htx5PT25T6v+A528ELRgev3LU
kdE3T2z42+kYRjwmWVQDRVulkJeRlfuCNl792SVYHHwgKbZ2ZL1/yFdL3GRgJIp+
A0KyXXQ3piyUBJ1af0gcK5X3Z2NDBwn874pmgIFYLlrEp4edwXqKBg8w3BXWqNFP
nCS5lONDu1Eg0Dt6ZeYEANsnOUQiqqr3rvYYJHRcMKlMu0zOxlYfw6Mexp3KjQkP
rEn/DsOnGQJ8ehJY6s/gNDMYKJsshYoYsTNDmkvpbzQ69ekK4pjH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:45 2024 by rpki-client on console-fra.rpki-client.org