Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/848fd6-eb80-4e1e-8378-3e46ce35d4e7/1/x-_-S_br3-UCwCTqruIz3lAiSGA.roa
File:                     x-_-S_br3-UCwCTqruIz3lAiSGA.roa (raw, json)
Hash identifier:          R/uGqaQzESjQN63a9Da30f+FVmMra86GhYPPyCyrnIg=
Subject key identifier:   C7:EF:FE:4B:F6:EB:DF:E5:02:C0:24:EA:AE:E2:33:DE:50:22:48:60
Certificate issuer:       /CN=0d0dbf9eb836085c19d93f5254221c33948e85e3
Certificate serial:       0185704BC2AF068F8D8D2D270116CF127396
Authority key identifier: 0D:0D:BF:9E:B8:36:08:5C:19:D9:3F:52:54:22:1C:33:94:8E:85:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DQ2_nrg2CFwZ2T9SVCIcM5SOheM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/848fd6-eb80-4e1e-8378-3e46ce35d4e7/1/x-_-S_br3-UCwCTqruIz3lAiSGA.roa
Signing time:             Mon 02 Jan 2023 02:24:51 +0000
ROA not before:           Mon 02 Jan 2023 02:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51817
IP address blocks:        91.220.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:4b:c2:af:06:8f:8d:8d:2d:27:01:16:cf:12:73:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d0dbf9eb836085c19d93f5254221c33948e85e3
        Validity
            Not Before: Jan  2 02:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c7effe4bf6ebdfe502c024eaaee233de50224860
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a6:4c:db:3b:25:d9:25:d4:32:0c:0f:10:0c:
                    fd:c5:fa:b6:60:9b:05:5b:94:71:e8:65:62:86:f2:
                    66:5f:4c:ed:7e:18:a0:78:59:63:9d:ef:b5:fc:a4:
                    bc:9c:25:9a:86:f5:1b:b7:10:cd:81:d7:d3:df:7b:
                    17:4b:cb:97:3a:10:e8:4a:3c:44:de:4b:c0:77:f5:
                    6c:03:02:ed:c7:74:e7:1b:4a:b5:bb:fe:c8:cc:49:
                    24:1e:a3:0f:85:0e:93:9d:08:c6:31:0e:a6:ea:b0:
                    e4:bf:7c:ce:d0:f7:4f:2f:f3:c7:c7:f7:fc:a4:81:
                    6f:00:16:23:a3:b8:c2:6b:15:a5:5e:70:96:f3:9d:
                    96:e5:b6:de:6a:20:8d:5a:32:9a:99:e6:1a:59:76:
                    f7:d2:44:78:d9:ca:f2:de:1b:3f:14:fe:42:7f:3b:
                    d3:71:45:e1:82:19:f1:84:69:92:8b:e2:42:0f:57:
                    4d:7f:65:b1:6d:4c:41:3a:91:eb:c0:a3:35:aa:8f:
                    1c:3e:63:54:46:87:97:76:07:6c:c3:9d:ba:da:c7:
                    e9:8b:f1:d0:7b:cd:15:19:3f:41:e6:59:54:dd:8f:
                    fb:fb:24:09:2e:f0:90:e3:db:94:8f:e9:5b:0c:d5:
                    f1:ee:7c:df:d1:17:32:0d:f0:22:50:3e:bc:5c:c8:
                    41:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:EF:FE:4B:F6:EB:DF:E5:02:C0:24:EA:AE:E2:33:DE:50:22:48:60
            X509v3 Authority Key Identifier:
                keyid:0D:0D:BF:9E:B8:36:08:5C:19:D9:3F:52:54:22:1C:33:94:8E:85:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQ2_nrg2CFwZ2T9SVCIcM5SOheM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/848fd6-eb80-4e1e-8378-3e46ce35d4e7/1/x-_-S_br3-UCwCTqruIz3lAiSGA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/848fd6-eb80-4e1e-8378-3e46ce35d4e7/1/DQ2_nrg2CFwZ2T9SVCIcM5SOheM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:b3:74:09:d5:13:fa:fc:43:de:6e:7a:70:a0:2f:22:bf:5a:
         cb:e1:28:51:87:21:ed:0b:58:80:4c:67:f3:3e:d0:46:81:e2:
         e9:ae:be:58:a4:88:ee:a4:10:7e:a2:d9:ac:ab:94:7c:16:29:
         b7:ff:2d:06:6f:88:9e:c2:36:dc:1d:8f:e7:16:5f:26:66:2e:
         b3:c0:51:89:d6:d6:3b:0d:d3:05:8b:b5:a5:76:02:fd:e4:fb:
         44:12:e2:68:a8:73:7a:70:c8:c2:9d:ad:70:c7:dc:bb:4b:ff:
         0e:47:3e:1d:2e:64:85:8c:26:f1:c1:66:d6:10:6b:9c:56:bd:
         16:92:62:7c:28:fb:66:b2:f4:3a:8b:6c:ae:62:13:b6:f0:0f:
         eb:ba:36:8b:20:b6:82:1d:fa:ef:9a:b4:a5:fd:2a:8a:7e:d1:
         87:ea:fc:cd:f8:6b:8b:0d:d7:38:c7:a4:0f:65:3f:a1:82:85:
         88:a8:83:f5:e1:6a:da:eb:f9:54:59:b4:c6:30:4b:db:0c:88:
         4a:1c:eb:b4:79:8a:4a:c1:b4:37:38:3a:93:11:50:c0:d4:21:
         7c:2b:e6:ca:7b:7a:0d:2a:ed:d8:bc:ba:17:84:14:57:bb:05:
         71:a9:d6:0a:c1:42:24:98:a9:78:89:cd:66:05:5e:bb:2b:01:
         19:9f:99:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS8KvBo+NjS0nARbPEnOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMGRiZjllYjgzNjA4NWMxOWQ5M2Y1MjU0MjIxYzMzOTQ4
ZTg1ZTMwHhcNMjMwMTAyMDIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2VmZmU0YmY2ZWJkZmU1MDJjMDI0ZWFhZWUyMzNkZTUwMjI0ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqZM2zsl2SXUMgwPEAz9xfq2YJsF
W5Rx6GVihvJmX0ztfhigeFljne+1/KS8nCWahvUbtxDNgdfT33sXS8uXOhDoSjxE
3kvAd/VsAwLtx3TnG0q1u/7IzEkkHqMPhQ6TnQjGMQ6m6rDkv3zO0PdPL/PHx/f8
pIFvABYjo7jCaxWlXnCW852W5bbeaiCNWjKameYaWXb30kR42cry3hs/FP5CfzvT
cUXhghnxhGmSi+JCD1dNf2WxbUxBOpHrwKM1qo8cPmNURoeXdgdsw5262sfpi/HQ
e80VGT9B5llU3Y/7+yQJLvCQ49uUj+lbDNXx7nzf0RcyDfAiUD68XMhB5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfv/kv269/lAsAk6q7iM95QIkhgMB8GA1UdIwQY
MBaAFA0Nv564NghcGdk/UlQiHDOUjoXjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFEyX25yZzJDRndaMlQ5U1ZDSWNNNVNPaGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84NDhmZDYtZWI4MC00ZTFlLTgzNzgt
M2U0NmNlMzVkNGU3LzEveC1fLVNfYnIzLVVDd0NUcXJ1SXozbEFpU0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84NDhmZDYtZWI4MC00ZTFlLTgzNzgtM2U0NmNlMzVkNGU3
LzEvRFEyX25yZzJDRndaMlQ5U1ZDSWNNNVNPaGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xkMA0G
CSqGSIb3DQEBCwUAA4IBAQAFs3QJ1RP6/EPebnpwoC8iv1rL4ShRhyHtC1iATGfz
PtBGgeLprr5YpIjupBB+otmsq5R8Fim3/y0Gb4iewjbcHY/nFl8mZi6zwFGJ1tY7
DdMFi7WldgL95PtEEuJoqHN6cMjCna1wx9y7S/8ORz4dLmSFjCbxwWbWEGucVr0W
kmJ8KPtmsvQ6i2yuYhO28A/rujaLILaCHfrvmrSl/SqKftGH6vzN+GuLDdc4x6QP
ZT+hgoWIqIP14Wra6/lUWbTGMEvbDIhKHOu0eYpKwbQ3ODqTEVDA1CF8K+bKe3oN
Ku3YvLoXhBRXuwVxqdYKwUIkmKl4ic1mBV67KwEZn5l7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:03 2024 by rpki-client on console-ams.rpki-client.org