Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/8e7aad-3515-4e1d-8462-8f76bf76cf46/1/lYf6Vzp-FHi_yfuHn3sxM3NnlPg.roa
File:                     lYf6Vzp-FHi_yfuHn3sxM3NnlPg.roa (raw, json)
Hash identifier:          0jsBiuKwpExz9IkzmF+TWMFwRjiP+6oCJ9A1BIZgUFk=
Subject key identifier:   95:87:FA:57:3A:7E:14:78:BF:C9:FB:87:9F:7B:31:33:73:67:94:F8
Certificate issuer:       /CN=d1911510a09979e54e7a14918c0b828b8237f876
Certificate serial:       01856FC25040C4C82B98F834973783517ED0
Authority key identifier: D1:91:15:10:A0:99:79:E5:4E:7A:14:91:8C:0B:82:8B:82:37:F8:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ZEVEKCZeeVOehSRjAuCi4I3-HY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/8e7aad-3515-4e1d-8462-8f76bf76cf46/1/lYf6Vzp-FHi_yfuHn3sxM3NnlPg.roa
Signing time:             Sun 01 Jan 2023 23:54:43 +0000
ROA not before:           Sun 01 Jan 2023 23:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198245
IP address blocks:        91.232.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:50:40:c4:c8:2b:98:f8:34:97:37:83:51:7e:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1911510a09979e54e7a14918c0b828b8237f876
        Validity
            Not Before: Jan  1 23:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9587fa573a7e1478bfc9fb879f7b3133736794f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:51:9e:9a:d3:13:70:d1:27:b3:c5:d0:4e:43:
                    cf:d7:7d:64:51:c2:c5:95:58:91:be:c9:5d:20:76:
                    d0:d3:31:82:96:54:7f:2f:27:45:7b:9b:99:70:d7:
                    0f:90:57:84:8b:9a:7b:5a:48:26:8e:98:e3:d2:79:
                    8a:69:98:37:06:0b:68:47:60:d7:d9:56:e9:89:42:
                    7f:70:1e:9d:5e:07:6d:6a:76:db:99:66:11:ae:e5:
                    04:80:a8:10:da:22:7e:01:3a:17:6f:61:aa:6e:ae:
                    ed:21:14:e4:9b:f6:5f:61:3d:29:ba:73:72:1e:b1:
                    ca:30:a8:ac:75:6b:2c:82:06:61:0c:0b:16:93:5d:
                    62:6c:ec:6e:51:ab:c8:f0:0d:05:21:fa:ba:91:41:
                    94:e3:9b:52:88:ae:a7:86:4f:e3:7b:a2:49:4f:0a:
                    79:51:1d:a9:f3:72:a7:12:b6:ab:b6:4c:0b:c1:af:
                    6a:fd:4d:f0:e0:cb:b9:60:30:ec:e5:cd:fd:0d:e6:
                    6f:76:a7:dd:9a:6f:4b:9d:fb:c9:be:51:bc:27:83:
                    91:80:94:7d:77:69:89:c8:3c:c4:9a:57:0a:79:d9:
                    05:71:e0:e2:59:50:53:ef:9e:d2:86:8b:07:6b:54:
                    00:77:9f:2d:bf:7e:00:77:e4:4a:ee:b6:8a:dd:69:
                    ff:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:87:FA:57:3A:7E:14:78:BF:C9:FB:87:9F:7B:31:33:73:67:94:F8
            X509v3 Authority Key Identifier:
                keyid:D1:91:15:10:A0:99:79:E5:4E:7A:14:91:8C:0B:82:8B:82:37:F8:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ZEVEKCZeeVOehSRjAuCi4I3-HY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8e7aad-3515-4e1d-8462-8f76bf76cf46/1/lYf6Vzp-FHi_yfuHn3sxM3NnlPg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8e7aad-3515-4e1d-8462-8f76bf76cf46/1/0ZEVEKCZeeVOehSRjAuCi4I3-HY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:b3:42:e3:29:31:04:b3:2d:bc:82:3b:0b:16:3c:47:c8:7a:
         e9:e4:1f:1e:14:c4:ca:e9:b6:71:1a:fd:52:a9:53:43:9c:66:
         58:a4:0b:25:2f:1a:22:66:96:bb:a2:0d:fe:58:36:3a:a0:db:
         99:f0:2f:05:f8:69:20:09:4c:98:fa:ee:e5:2b:85:c3:da:ce:
         ae:17:81:0d:65:fb:0f:49:f6:7b:59:c5:e0:bb:9e:d4:d7:48:
         07:12:2f:26:0c:d0:83:74:62:81:fb:8f:d6:ef:97:52:c0:54:
         e7:83:ee:6a:c8:9f:fd:a5:f3:b6:c2:41:8f:62:54:7f:50:18:
         96:09:33:cb:81:a7:e7:86:d7:af:b1:ad:8d:49:92:a2:e7:9d:
         2d:83:16:72:18:a8:df:0d:97:82:e6:6d:5d:68:86:32:97:e8:
         a1:db:39:13:e6:0b:d1:78:fe:1d:10:4b:1b:c8:8e:fd:3d:38:
         2a:1e:2d:96:66:a7:33:ab:32:7e:58:91:f0:45:6c:d7:5a:db:
         5f:10:41:39:80:dc:ad:b4:ac:d5:0e:c5:e6:de:18:d4:42:eb:
         48:f7:a9:86:57:0b:38:72:59:21:c5:b5:91:dc:69:0f:35:12:
         e7:d9:c0:58:a6:83:f0:4b:80:2a:c5:fb:80:fc:97:21:88:ad:
         6a:4e:4d:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwlBAxMgrmPg0lzeDUX7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOTExNTEwYTA5OTc5ZTU0ZTdhMTQ5MThjMGI4MjhiODIz
N2Y4NzYwHhcNMjMwMTAxMjM1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg3ZmE1NzNhN2UxNDc4YmZjOWZiODc5ZjdiMzEzMzczNjc5NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVGemtMTcNEns8XQTkPP131kUcLF
lViRvsldIHbQ0zGCllR/LydFe5uZcNcPkFeEi5p7Wkgmjpjj0nmKaZg3BgtoR2DX
2VbpiUJ/cB6dXgdtanbbmWYRruUEgKgQ2iJ+AToXb2Gqbq7tIRTkm/ZfYT0punNy
HrHKMKisdWssggZhDAsWk11ibOxuUavI8A0FIfq6kUGU45tSiK6nhk/je6JJTwp5
UR2p83KnErartkwLwa9q/U3w4Mu5YDDs5c39DeZvdqfdmm9LnfvJvlG8J4ORgJR9
d2mJyDzEmlcKedkFceDiWVBT757ShosHa1QAd58tv34Ad+RK7raK3Wn/kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWH+lc6fhR4v8n7h597MTNzZ5T4MB8GA1UdIwQY
MBaAFNGRFRCgmXnlTnoUkYwLgouCN/h2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFpFVkVLQ1plZVZPZWhTUmpBdUNpNEkzLUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84ZTdhYWQtMzUxNS00ZTFkLTg0NjIt
OGY3NmJmNzZjZjQ2LzEvbFlmNlZ6cC1GSGlfeWZ1SG4zc3hNM05ubFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84ZTdhYWQtMzUxNS00ZTFkLTg0NjItOGY3NmJmNzZjZjQ2
LzEvMFpFVkVLQ1plZVZPZWhTUmpBdUNpNEkzLUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+jqMA0G
CSqGSIb3DQEBCwUAA4IBAQCXs0LjKTEEsy28gjsLFjxHyHrp5B8eFMTK6bZxGv1S
qVNDnGZYpAslLxoiZpa7og3+WDY6oNuZ8C8F+GkgCUyY+u7lK4XD2s6uF4ENZfsP
SfZ7WcXgu57U10gHEi8mDNCDdGKB+4/W75dSwFTng+5qyJ/9pfO2wkGPYlR/UBiW
CTPLgafnhtevsa2NSZKi550tgxZyGKjfDZeC5m1daIYyl+ih2zkT5gvReP4dEEsb
yI79PTgqHi2WZqczqzJ+WJHwRWzXWttfEEE5gNyttKzVDsXm3hjUQutI96mGVws4
clkhxbWR3GkPNRLn2cBYpoPwS4AqxfuA/JchiK1qTk1C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:20 2024 by rpki-client on console-fra.rpki-client.org