Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/ktWvXhbLLPUkcZDaE5Bfiz7aay0.roa
File:                     ktWvXhbLLPUkcZDaE5Bfiz7aay0.roa (raw, json)
Hash identifier:          0PtGRu9y2LYah02ARHgq36HVJp6TKuA3izTgVIlulA0=
Subject key identifier:   92:D5:AF:5E:16:CB:2C:F5:24:71:90:DA:13:90:5F:8B:3E:DA:6B:2D
Certificate issuer:       /CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Certificate serial:       0190A7E45F9BE57E07296B343AEFAF09CE1D
Authority key identifier: 27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/ktWvXhbLLPUkcZDaE5Bfiz7aay0.roa
Signing time:             Fri 12 Jul 2024 17:01:20 +0000
ROA not before:           Fri 12 Jul 2024 17:01:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9009
IP address blocks:        91.204.78.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Aug 2024 10:11:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:a7:e4:5f:9b:e5:7e:07:29:6b:34:3a:ef:af:09:ce:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a7d1f0d73fe481c2188d28def0e858e715697e
        Validity
            Not Before: Jul 12 17:01:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=92d5af5e16cb2cf5247190da13905f8b3eda6b2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:1e:21:81:94:68:4c:4f:0c:4b:b4:50:d2:40:
                    f8:ff:b9:1f:6b:00:a3:bc:e4:ac:3b:68:19:ef:fc:
                    ea:54:ba:f9:9f:ff:25:d6:38:b5:b8:eb:0e:cd:64:
                    c6:93:4b:ac:d3:61:8e:e1:d0:59:b6:d4:9e:23:f5:
                    90:66:ac:f2:b6:31:f3:ed:92:c7:4d:12:78:a0:77:
                    ce:1f:a4:bf:e9:4d:be:12:47:19:e1:bc:1c:bd:ec:
                    34:24:9a:d6:48:87:6e:fd:95:f2:9d:8e:d4:41:e6:
                    78:2c:e3:cf:e7:0b:19:58:7e:73:74:6f:f9:97:a1:
                    c5:eb:8e:48:3f:96:62:7b:d1:9f:95:0c:48:80:35:
                    43:2b:80:49:c8:0b:1f:44:b2:2e:43:3b:c6:9d:26:
                    10:d1:7d:6d:d4:bb:a5:c0:03:78:77:34:db:33:76:
                    08:89:51:87:fa:b4:49:12:c4:2f:d6:40:6e:74:5f:
                    19:90:55:be:68:1a:b8:61:ac:dd:6c:26:cb:f1:30:
                    2f:2e:68:f3:36:28:80:35:04:22:96:e5:b6:32:d0:
                    7c:8f:7b:5c:4b:bb:e6:85:8c:e6:1c:66:75:2a:29:
                    82:9a:60:ce:e1:a9:48:2f:40:4a:72:6a:5a:68:9b:
                    bd:f7:11:1f:63:22:21:34:fb:f9:c5:07:b7:f1:33:
                    5e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:D5:AF:5E:16:CB:2C:F5:24:71:90:DA:13:90:5F:8B:3E:DA:6B:2D
            X509v3 Authority Key Identifier:
                keyid:27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/ktWvXhbLLPUkcZDaE5Bfiz7aay0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:1c:2c:ed:2a:50:d1:e7:a7:4d:8e:8f:f6:b0:cb:2b:e9:17:
         dc:32:f2:e3:c7:d6:59:f2:4f:cd:d4:56:0d:26:5c:21:7d:c8:
         aa:87:cf:db:18:df:e8:7f:5a:b5:5e:a5:8b:a0:42:63:de:cf:
         ea:a2:02:4a:be:83:cb:a6:c7:d9:17:b5:ea:74:4c:73:63:c5:
         35:db:95:a1:82:04:fa:45:e8:fd:1b:bb:4a:e2:ef:65:dc:09:
         3e:02:4d:94:2a:a1:e7:8c:de:f3:fa:ec:1c:c2:35:1b:3b:36:
         28:14:0b:4c:7d:56:a3:49:c9:28:ff:c9:ad:66:da:f0:7b:27:
         7b:29:ac:e7:f9:74:74:8d:b5:12:66:ce:07:e7:0b:51:ed:13:
         7a:87:6c:45:93:6f:6c:24:fd:31:22:51:17:c8:90:15:3a:ea:
         f3:fb:92:b4:21:17:4c:e0:7e:51:b0:31:3c:08:cb:90:66:ea:
         6c:49:91:98:ec:eb:95:e5:b6:e6:be:05:e6:08:47:b8:ef:78:
         df:9e:37:20:f2:e5:89:aa:aa:d6:09:4b:4a:9f:2c:a1:88:14:
         3a:7f:6a:23:a2:e3:2b:fd:5e:4c:28:98:c0:8b:63:ee:59:9e:
         f1:c8:90:6f:80:be:e7:4f:5d:b8:39:d0:73:6e:e7:5e:38:b1:
         57:1e:15:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCn5F+b5X4HKWs0Ou+vCc4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTdkMWYwZDczZmU0ODFjMjE4OGQyOGRlZjBlODU4ZTcx
NTY5N2UwHhcNMjQwNzEyMTcwMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQ1YWY1ZTE2Y2IyY2Y1MjQ3MTkwZGExMzkwNWY4YjNlZGE2YjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR4hgZRoTE8MS7RQ0kD4/7kfawCj
vOSsO2gZ7/zqVLr5n/8l1ji1uOsOzWTGk0us02GO4dBZttSeI/WQZqzytjHz7ZLH
TRJ4oHfOH6S/6U2+EkcZ4bwcvew0JJrWSIdu/ZXynY7UQeZ4LOPP5wsZWH5zdG/5
l6HF645IP5Zie9GflQxIgDVDK4BJyAsfRLIuQzvGnSYQ0X1t1LulwAN4dzTbM3YI
iVGH+rRJEsQv1kBudF8ZkFW+aBq4YazdbCbL8TAvLmjzNiiANQQiluW2MtB8j3tc
S7vmhYzmHGZ1KimCmmDO4alIL0BKcmpaaJu99xEfYyIhNPv5xQe38TNeBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLVr14Wyyz1JHGQ2hOQX4s+2mstMB8GA1UdIwQY
MBaAFCen0fDXP+SBwhiNKN7w6FjnFWl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEt
ZDZlYWFmYzZiNGY1LzEva3RXdlhoYkxMUFVrY1pEYUU1QmZpejdhYXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEtZDZlYWFmYzZiNGY1
LzEvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8xOMA0G
CSqGSIb3DQEBCwUAA4IBAQALHCztKlDR56dNjo/2sMsr6RfcMvLjx9ZZ8k/N1FYN
Jlwhfciqh8/bGN/of1q1XqWLoEJj3s/qogJKvoPLpsfZF7XqdExzY8U125WhggT6
Rej9G7tK4u9l3Ak+Ak2UKqHnjN7z+uwcwjUbOzYoFAtMfVajScko/8mtZtrweyd7
Kazn+XR0jbUSZs4H5wtR7RN6h2xFk29sJP0xIlEXyJAVOurz+5K0IRdM4H5RsDE8
CMuQZupsSZGY7OuV5bbmvgXmCEe473jfnjcg8uWJqqrWCUtKnyyhiBQ6f2ojouMr
/V5MKJjAi2PuWZ7xyJBvgL7nT124OdBzbudeOLFXHhWn
-----END CERTIFICATE-----
Generated at Fri Aug 16 13:13:21 2024 by rpki-client on console-ams.rpki-client.org