Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/Y5Q0BgwzaLxgXLsnS1DsfzZVy-w.roa
File:                     Y5Q0BgwzaLxgXLsnS1DsfzZVy-w.roa (raw, json)
Hash identifier:          /Lyu58O4HVu/0a4fZ59iqLfd3VnT4ZDx8B5b9i/me7Q=
Subject key identifier:   63:94:34:06:0C:33:68:BC:60:5C:BB:27:4B:50:EC:7F:36:55:CB:EC
Certificate issuer:       /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial:       018D8828D9E488B3F322E4A45C4D281C7317
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/Y5Q0BgwzaLxgXLsnS1DsfzZVy-w.roa
Signing time:             Thu 08 Feb 2024 09:59:55 +0000
ROA not before:           Thu 08 Feb 2024 09:59:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58172
IP address blocks:        91.239.101.0/24 maxlen: 24
                          128.127.98.0/24 maxlen: 24
                          128.127.100.0/24 maxlen: 24
                          128.127.102.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 10:28:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:88:28:d9:e4:88:b3:f3:22:e4:a4:5c:4d:28:1c:73:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
        Validity
            Not Before: Feb  8 09:59:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=639434060c3368bc605cbb274b50ec7f3655cbec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:4e:f8:3c:26:c9:00:eb:e8:bd:fb:34:9e:17:
                    2f:37:a7:7a:c5:04:3a:98:73:88:17:e5:83:4d:7a:
                    90:c0:96:ca:5d:2d:2d:97:d4:5a:6d:81:33:85:59:
                    92:62:ed:98:3b:33:04:f4:2a:55:75:59:3a:57:dd:
                    42:08:37:2c:7e:3e:36:21:ba:01:e2:47:27:d5:aa:
                    88:94:7b:dd:82:35:33:a4:1d:b4:02:c9:19:df:cd:
                    e6:d6:29:73:2d:e8:40:26:b1:08:8f:83:38:7c:5a:
                    92:c3:9d:4e:97:d1:b4:50:3b:de:ac:92:89:e8:3c:
                    fa:7a:b7:73:4d:a7:27:0d:f1:d8:a1:74:0c:db:76:
                    3c:68:3a:78:1b:25:d2:25:e5:23:44:70:15:8c:27:
                    11:8c:31:a8:1f:79:f7:dd:5d:f1:6c:af:ae:56:32:
                    33:84:a1:9a:19:1f:6c:6f:51:57:ee:7f:39:fb:a2:
                    36:a9:97:52:f9:7e:8f:85:86:73:a9:33:e3:40:09:
                    c1:b5:7f:0e:b8:60:73:e3:18:37:c9:09:b2:b6:a7:
                    12:b7:14:6e:be:3c:92:28:fa:0e:3c:df:39:37:00:
                    49:80:5b:22:74:13:72:43:b5:0a:77:10:b9:2c:ac:
                    a4:5d:c3:2d:a1:76:7f:4a:c5:00:87:2c:a5:9c:c1:
                    ce:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:94:34:06:0C:33:68:BC:60:5C:BB:27:4B:50:EC:7F:36:55:CB:EC
            X509v3 Authority Key Identifier:
                keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/Y5Q0BgwzaLxgXLsnS1DsfzZVy-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.101.0/24
                  128.127.98.0/24
                  128.127.100.0/24
                  128.127.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:d2:c6:e5:14:5c:a3:f1:ed:36:81:cd:c1:5d:ba:00:ff:86:
         44:4a:26:15:45:37:d0:54:c0:f8:de:73:30:02:05:85:02:1c:
         ba:a7:f9:19:54:0c:7b:2d:c1:54:b8:d9:b0:54:bf:50:43:0c:
         4a:07:af:5d:18:d2:18:40:dc:81:3e:b0:5f:08:5f:fc:3f:bf:
         d8:ca:6c:aa:3d:d4:f5:21:1e:04:9a:f8:7c:4a:75:d7:4e:81:
         b0:29:68:b4:1f:f2:f4:b1:a5:a7:98:06:d4:9d:11:c8:3b:fc:
         50:6e:de:fe:96:d8:e3:11:b5:1a:86:58:91:32:ce:ee:e5:f8:
         c8:f6:26:50:fe:5e:a8:d2:b4:37:e0:83:72:11:53:9a:27:be:
         78:71:5c:e1:1f:42:53:1e:31:16:a3:5c:ae:bc:24:58:20:89:
         c4:e2:a3:1e:2a:8a:ad:b6:54:b4:ad:f4:4e:a4:93:4f:6e:09:
         d5:9a:2b:8b:b6:13:71:67:32:39:98:08:04:ce:7c:c3:26:2f:
         1e:ad:08:ec:5e:0d:7e:e0:e0:6b:48:8c:66:ec:90:ea:6b:bc:
         2b:66:97:6c:ee:ca:42:e8:7a:37:bc:6d:88:77:db:9a:ed:22:
         8f:65:e3:31:a8:7e:95:80:9a:d1:70:0e:f8:17:57:45:7c:5e:
         93:42:41:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2IKNnkiLPzIuSkXE0oHHMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjQwMjA4MDk1OTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzk0MzQwNjBjMzM2OGJjNjA1Y2JiMjc0YjUwZWM3ZjM2NTVjYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm074PCbJAOvovfs0nhcvN6d6xQQ6
mHOIF+WDTXqQwJbKXS0tl9RabYEzhVmSYu2YOzME9CpVdVk6V91CCDcsfj42IboB
4kcn1aqIlHvdgjUzpB20AskZ383m1ilzLehAJrEIj4M4fFqSw51Ol9G0UDverJKJ
6Dz6erdzTacnDfHYoXQM23Y8aDp4GyXSJeUjRHAVjCcRjDGoH3n33V3xbK+uVjIz
hKGaGR9sb1FX7n85+6I2qZdS+X6PhYZzqTPjQAnBtX8OuGBz4xg3yQmytqcStxRu
vjySKPoOPN85NwBJgFsidBNyQ7UKdxC5LKykXcMtoXZ/SsUAhyylnMHOmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGOUNAYMM2i8YFy7J0tQ7H82VcvsMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvWTVRMEJnd3phTHhnWExzblMxRHNmelpWeS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+9lAwQA
gH9iAwQAgH9kAwQAgH9mMA0GCSqGSIb3DQEBCwUAA4IBAQAa0sblFFyj8e02gc3B
XboA/4ZESiYVRTfQVMD43nMwAgWFAhy6p/kZVAx7LcFUuNmwVL9QQwxKB69dGNIY
QNyBPrBfCF/8P7/YymyqPdT1IR4Emvh8SnXXToGwKWi0H/L0saWnmAbUnRHIO/xQ
bt7+ltjjEbUahliRMs7u5fjI9iZQ/l6o0rQ34INyEVOaJ754cVzhH0JTHjEWo1yu
vCRYIInE4qMeKoqttlS0rfROpJNPbgnVmiuLthNxZzI5mAgEznzDJi8erQjsXg1+
4OBrSIxm7JDqa7wrZpds7spC6Ho3vG2Id9ua7SKPZeMxqH6VgJrRcA74F1dFfF6T
QkGz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org