Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/U9ToHxk0FcZFv8Qn9rs5IbP2iNw.roa
File:                     U9ToHxk0FcZFv8Qn9rs5IbP2iNw.roa (raw, json)
Hash identifier:          5bzRjwhAiSdNJNU19T5frCQqMz+/byz9fOonjHNL84g=
Subject key identifier:   53:D4:E8:1F:19:34:15:C6:45:BF:C4:27:F6:BB:39:21:B3:F6:88:DC
Certificate issuer:       /CN=480b4e6530f58db338e41d434e5c248eb8b49eb5
Certificate serial:       018A5CB955720F465055E4FBAC92B0B0C9BA
Authority key identifier: 48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/U9ToHxk0FcZFv8Qn9rs5IbP2iNw.roa
Signing time:             Sun 03 Sep 2023 20:26:04 +0000
ROA not before:           Sun 03 Sep 2023 20:26:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3266
IP address blocks:        91.211.177.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:5c:b9:55:72:0f:46:50:55:e4:fb:ac:92:b0:b0:c9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=480b4e6530f58db338e41d434e5c248eb8b49eb5
        Validity
            Not Before: Sep  3 20:26:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53d4e81f193415c645bfc427f6bb3921b3f688dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:62:79:02:a1:61:b3:fd:52:e1:ac:35:d3:ec:
                    74:1f:7c:2c:96:bb:56:8d:ed:1a:a1:a2:45:06:5c:
                    1e:33:41:0a:42:09:cc:9e:2b:38:2a:b6:1d:3e:34:
                    53:ac:f2:be:25:c9:0b:0a:fd:c7:da:49:d7:2c:30:
                    b7:0a:cb:6b:49:62:37:d1:01:61:13:ee:3e:af:50:
                    fc:d6:e3:b0:50:a6:bb:37:f4:eb:e9:38:46:a2:c3:
                    27:b7:c4:03:72:de:08:c5:6d:0c:33:27:e8:d7:62:
                    b3:01:de:fc:d0:13:89:8f:06:d3:ed:11:d3:cd:ae:
                    7a:36:37:c2:75:47:de:7b:91:f6:fa:7d:e8:c3:24:
                    c1:8d:c2:35:d9:65:00:35:61:d5:64:5d:6f:1f:e5:
                    4d:45:c5:88:38:95:e7:fd:31:80:75:c6:bd:a6:ed:
                    e2:c7:be:bf:0c:40:17:48:fe:08:34:7d:8e:2b:37:
                    2e:79:95:6e:1e:f8:91:ae:6c:01:02:00:5a:08:b6:
                    68:15:8d:95:40:6a:76:7a:6d:19:5b:22:2d:75:2b:
                    86:f2:23:54:e0:44:4e:f7:f9:68:76:50:d6:86:03:
                    25:5c:13:b6:a7:93:b2:ee:9e:78:0f:17:3e:81:2d:
                    4f:6e:e5:0e:bd:e5:5f:60:b9:e4:10:b3:29:8a:0e:
                    38:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:D4:E8:1F:19:34:15:C6:45:BF:C4:27:F6:BB:39:21:B3:F6:88:DC
            X509v3 Authority Key Identifier:
                keyid:48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/U9ToHxk0FcZFv8Qn9rs5IbP2iNw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/SAtOZTD1jbM45B1DTlwkjri0nrU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.211.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:00:a8:e1:03:b3:62:c8:d5:ec:11:97:27:44:4d:36:a1:17:
         49:da:6a:51:75:ac:4a:2a:c6:5d:71:e2:ca:14:d8:68:42:45:
         32:20:5d:e9:1c:41:8a:fc:ec:89:b0:51:5e:68:05:61:05:5d:
         b0:07:e5:d9:47:7c:8a:6f:bb:5d:03:a9:41:73:8f:57:2d:1a:
         c3:55:9b:17:9e:9c:81:f0:17:53:36:bd:44:f4:5f:d6:40:09:
         cf:a8:14:2e:90:b0:96:ba:b5:e3:b7:a9:ce:07:01:e7:87:90:
         e3:c4:bb:fb:a3:05:5a:df:72:fa:cc:b6:4b:4e:07:89:6f:03:
         09:6a:2b:82:e9:b9:e1:de:8d:0d:eb:c8:11:c5:bc:82:e0:e5:
         32:db:9c:8a:ec:32:f3:ab:d0:fc:0c:94:c7:44:0f:8c:e9:a8:
         de:c5:a8:2f:0f:bf:b5:8d:af:7d:e1:dc:8a:16:6e:ef:94:52:
         ad:04:b4:9b:8f:25:4b:b3:c0:2f:88:d2:4f:be:bf:f4:87:99:
         64:93:a1:3d:b8:1b:cc:b8:30:6e:a6:81:f2:bd:f1:b0:a1:bb:
         45:e3:db:7b:fa:da:5d:aa:89:45:b3:c4:0f:7d:80:41:2d:73:
         f4:cf:7c:24:0a:11:55:04:cb:70:0a:b5:dd:8f:3b:fb:fa:98:
         20:90:58:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpcuVVyD0ZQVeT7rJKwsMm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MGI0ZTY1MzBmNThkYjMzOGU0MWQ0MzRlNWMyNDhlYjhi
NDllYjUwHhcNMjMwOTAzMjAyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Q0ZTgxZjE5MzQxNWM2NDViZmM0MjdmNmJiMzkyMWIzZjY4OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmJ5AqFhs/1S4aw10+x0H3wslrtW
je0aoaJFBlweM0EKQgnMnis4KrYdPjRTrPK+JckLCv3H2knXLDC3CstrSWI30QFh
E+4+r1D81uOwUKa7N/Tr6ThGosMnt8QDct4IxW0MMyfo12KzAd780BOJjwbT7RHT
za56NjfCdUfee5H2+n3owyTBjcI12WUANWHVZF1vH+VNRcWIOJXn/TGAdca9pu3i
x76/DEAXSP4INH2OKzcueZVuHviRrmwBAgBaCLZoFY2VQGp2em0ZWyItdSuG8iNU
4ERO9/lodlDWhgMlXBO2p5Oy7p54Dxc+gS1PbuUOveVfYLnkELMpig44PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPU6B8ZNBXGRb/EJ/a7OSGz9ojcMB8GA1UdIwQY
MBaAFEgLTmUw9Y2zOOQdQ05cJI64tJ61MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQt
NWE0ZGY4OTZmYzNlLzEvVTlUb0h4azBGY1pGdjhRbjlyczVJYlAyaU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQtNWE0ZGY4OTZmYzNl
LzEvU0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9OxMA0G
CSqGSIb3DQEBCwUAA4IBAQA6AKjhA7NiyNXsEZcnRE02oRdJ2mpRdaxKKsZdceLK
FNhoQkUyIF3pHEGK/OyJsFFeaAVhBV2wB+XZR3yKb7tdA6lBc49XLRrDVZsXnpyB
8BdTNr1E9F/WQAnPqBQukLCWurXjt6nOBwHnh5DjxLv7owVa33L6zLZLTgeJbwMJ
aiuC6bnh3o0N68gRxbyC4OUy25yK7DLzq9D8DJTHRA+M6ajexagvD7+1ja994dyK
Fm7vlFKtBLSbjyVLs8AviNJPvr/0h5lkk6E9uBvMuDBupoHyvfGwobtF49t7+tpd
qolFs8QPfYBBLXP0z3wkChFVBMtwCrXdjzv7+pggkFh0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:01 2024 by rpki-client on console-fra.rpki-client.org