Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/zO_BoFR9WWJWBNGL4Inu7r3aves.roa
File:                     zO_BoFR9WWJWBNGL4Inu7r3aves.roa (raw, json)
Hash identifier:          xIUSpgQkDcsHReEArI9CMwMCIyNJNfw6Uk+HG+ABgNg=
Subject key identifier:   CC:EF:C1:A0:54:7D:59:62:56:04:D1:8B:E0:89:EE:EE:BD:DA:BD:EB
Certificate issuer:       /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial:       018AAD449EF86800429C2C9CD9B5FDAB8F41
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/zO_BoFR9WWJWBNGL4Inu7r3aves.roa
Signing time:             Tue 19 Sep 2023 11:47:50 +0000
ROA not before:           Tue 19 Sep 2023 11:47:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58172
IP address blocks:        91.239.101.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ad:44:9e:f8:68:00:42:9c:2c:9c:d9:b5:fd:ab:8f:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
        Validity
            Not Before: Sep 19 11:47:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ccefc1a0547d59625604d18be089eeeebddabdeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:2f:e4:23:78:80:8e:e8:b7:0d:ee:fa:86:30:
                    e9:cb:89:fb:b3:82:19:5b:77:e9:b4:77:54:18:79:
                    57:d8:48:9d:ce:df:ec:1e:54:00:2b:5b:aa:a1:e9:
                    5d:89:10:dd:76:fd:b8:36:3e:ff:b2:98:0b:b4:38:
                    86:df:57:e0:56:b1:cc:ca:9b:1d:ad:e6:dd:2e:1e:
                    22:96:d8:19:8a:3c:dd:f8:a7:9d:60:93:d7:31:3f:
                    bd:45:73:72:a8:ee:e5:19:d7:b2:4f:80:01:d1:fa:
                    92:68:4f:76:76:f1:87:77:cf:0b:e5:a6:ff:aa:02:
                    50:f3:c7:c0:0b:73:b8:21:23:86:ac:95:72:76:d7:
                    3c:5d:5e:94:64:51:a1:36:a0:6e:dc:f4:3e:a2:91:
                    0d:80:7d:7d:ac:62:d8:f8:5c:35:0f:4c:d2:4f:c6:
                    a9:24:9d:6b:68:bc:ef:37:ba:47:ca:8f:83:88:23:
                    09:fe:82:3c:d8:25:6c:29:55:3f:f0:e1:dc:0c:dd:
                    02:81:d2:6b:c4:d4:cd:a0:b1:b6:1d:f5:8a:a2:ab:
                    e1:72:a2:78:5b:2e:a3:db:8f:98:09:c1:6b:3c:a9:
                    7f:a4:0f:a3:aa:21:06:b4:5a:64:bf:ce:39:30:91:
                    a4:b3:56:72:db:c9:c3:0e:b0:e3:12:00:9d:e0:22:
                    77:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:EF:C1:A0:54:7D:59:62:56:04:D1:8B:E0:89:EE:EE:BD:DA:BD:EB
            X509v3 Authority Key Identifier:
                keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/zO_BoFR9WWJWBNGL4Inu7r3aves.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:b1:77:3c:17:1a:ce:13:22:99:a6:78:a8:93:57:98:1b:07:
         94:86:42:c3:b7:96:5d:48:16:1e:07:c4:8f:3a:64:f3:77:d3:
         36:55:a0:d2:4a:1c:1e:58:76:43:38:2d:81:7d:81:04:24:df:
         ee:e6:f4:d5:68:aa:d1:0a:f2:9a:01:09:2f:b7:83:7a:12:b9:
         21:b3:ab:30:68:e0:b5:07:5b:39:20:bf:cf:2a:3b:5b:ad:82:
         29:50:7f:c1:75:df:89:3f:70:8b:ea:03:09:15:83:22:6c:56:
         b8:64:97:7a:9d:17:e1:f0:e7:b3:21:14:f0:51:6b:25:2f:4c:
         5c:f0:75:f9:bd:a8:57:67:dc:f5:0e:7e:52:33:74:91:44:78:
         9d:b2:ed:ae:e7:c8:a8:dd:c8:31:ea:40:ed:87:c9:eb:26:b1:
         10:96:93:f4:71:b1:09:80:36:fa:af:c0:a0:51:82:fc:d1:0e:
         cc:31:03:b1:8b:65:e5:a0:58:5c:ce:07:2a:2c:ef:05:2c:9c:
         46:09:1f:45:01:db:5e:69:c2:44:bc:53:1f:0b:65:d2:b5:5e:
         53:ae:8e:10:fa:0b:68:20:20:94:37:5c:36:eb:16:6c:86:ba:
         84:1a:aa:63:90:a7:b4:4e:c5:47:b7:86:ab:00:93:c6:9f:2e:
         a8:af:fe:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqtRJ74aABCnCyc2bX9q49BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjMwOTE5MTE0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2VmYzFhMDU0N2Q1OTYyNTYwNGQxOGJlMDg5ZWVlZWJkZGFiZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi/kI3iAjui3De76hjDpy4n7s4IZ
W3fptHdUGHlX2Eidzt/sHlQAK1uqoeldiRDddv24Nj7/spgLtDiG31fgVrHMypsd
rebdLh4iltgZijzd+KedYJPXMT+9RXNyqO7lGdeyT4AB0fqSaE92dvGHd88L5ab/
qgJQ88fAC3O4ISOGrJVydtc8XV6UZFGhNqBu3PQ+opENgH19rGLY+Fw1D0zST8ap
JJ1raLzvN7pHyo+DiCMJ/oI82CVsKVU/8OHcDN0CgdJrxNTNoLG2HfWKoqvhcqJ4
Wy6j24+YCcFrPKl/pA+jqiEGtFpkv845MJGks1Zy28nDDrDjEgCd4CJ3uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMzvwaBUfVliVgTRi+CJ7u692r3rMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvek9fQm9GUjlXV0pXQk5HTDRJbnU3cjNhdmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+9lMA0G
CSqGSIb3DQEBCwUAA4IBAQBXsXc8FxrOEyKZpniok1eYGweUhkLDt5ZdSBYeB8SP
OmTzd9M2VaDSShweWHZDOC2BfYEEJN/u5vTVaKrRCvKaAQkvt4N6Erkhs6swaOC1
B1s5IL/PKjtbrYIpUH/Bdd+JP3CL6gMJFYMibFa4ZJd6nRfh8OezIRTwUWslL0xc
8HX5vahXZ9z1Dn5SM3SRRHidsu2u58io3cgx6kDth8nrJrEQlpP0cbEJgDb6r8Cg
UYL80Q7MMQOxi2XloFhczgcqLO8FLJxGCR9FAdteacJEvFMfC2XStV5Tro4Q+gto
ICCUN1w26xZshrqEGqpjkKe0TsVHt4arAJPGny6or/4i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org