Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/4JCXBPXh_c_Yr9pr_Ox84yV1f78.roa
File:                     4JCXBPXh_c_Yr9pr_Ox84yV1f78.roa (raw, json)
Hash identifier:          e6F9P8oUF+x+Ssq1i1eeZbGpOge52A3LzUaJT7wU5wk=
Subject key identifier:   E0:90:97:04:F5:E1:FD:CF:D8:AF:DA:6B:FC:EC:7C:E3:25:75:7F:BF
Certificate issuer:       /CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Certificate serial:       01856FA719CAE5550C134BCFAB778F95AFF5
Authority key identifier: 9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/4JCXBPXh_c_Yr9pr_Ox84yV1f78.roa
Signing time:             Sun 01 Jan 2023 23:25:00 +0000
ROA not before:           Sun 01 Jan 2023 23:25:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34773
IP address blocks:        91.233.121.0/24 maxlen: 24
                          2a0a:1b84::/32 maxlen: 32
                          2a0a:1b82::/32 maxlen: 32
                          2a0a:1b80::/32 maxlen: 32
                          2a0a:1b86::/32 maxlen: 32
                          2a0a:1b85::/32 maxlen: 32
                          2a0a:1b83::/32 maxlen: 32
                          2a0a:1b87::/32 maxlen: 32
                          2a0a:1b81::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a7:19:ca:e5:55:0c:13:4b:cf:ab:77:8f:95:af:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
        Validity
            Not Before: Jan  1 23:25:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0909704f5e1fdcfd8afda6bfcec7ce325757fbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:04:0d:84:02:b7:3a:db:f1:dc:d8:68:e5:16:
                    76:d8:ac:d5:ae:bd:04:48:e3:d8:3f:b7:dc:4d:ff:
                    f6:c0:61:f9:c8:4d:96:12:78:19:cf:4a:00:36:5f:
                    f8:48:52:f4:53:0f:9d:f0:4f:e8:24:ad:5a:22:8a:
                    d7:f3:de:7a:ef:7b:b7:34:9b:f0:1c:7b:17:6b:8f:
                    4c:6a:de:98:94:97:14:48:50:aa:98:28:42:be:64:
                    a3:53:fd:61:3a:f4:48:76:05:5b:60:c4:96:58:e8:
                    11:b4:c4:01:ee:2e:77:30:82:54:ee:0e:72:87:b4:
                    84:50:69:3f:9d:b0:28:9b:36:e6:bf:89:6a:39:e5:
                    35:7e:79:d1:1b:53:69:68:9c:3e:b8:dd:53:8e:35:
                    9b:76:51:98:fb:f8:66:b9:20:a4:b3:f3:bf:37:e9:
                    5d:d5:aa:ea:c6:d9:44:e3:c3:00:d0:ce:63:6f:1d:
                    a6:83:d6:9e:5b:18:d8:9b:8b:4c:01:d1:05:e3:0c:
                    20:ee:8b:74:06:fa:a4:3a:a4:4f:9c:ed:ab:d0:5c:
                    33:e5:58:53:09:83:52:54:3d:1d:cb:c8:85:e0:1d:
                    b3:38:74:63:42:ae:07:8e:d3:a8:1b:c0:23:7f:a8:
                    bd:79:cc:35:8c:33:a1:8d:6c:b0:e5:48:a5:ba:cb:
                    c0:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:90:97:04:F5:E1:FD:CF:D8:AF:DA:6B:FC:EC:7C:E3:25:75:7F:BF
            X509v3 Authority Key Identifier:
                keyid:9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/4JCXBPXh_c_Yr9pr_Ox84yV1f78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.233.121.0/24
                IPv6:
                  2a0a:1b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         8e:a7:ec:5e:00:bd:17:7f:e4:d5:37:60:c3:59:34:ef:6b:58:
         a3:db:c4:e0:59:dd:2d:5d:c0:85:ec:c5:31:3f:ba:40:38:dd:
         31:48:57:a6:94:fb:22:24:50:0f:86:19:3b:20:a3:51:00:0b:
         43:00:b0:b3:81:7f:78:66:a2:33:ee:9d:91:6b:d8:dc:02:b3:
         e7:e3:68:27:25:ce:6e:cf:c7:42:25:dc:e5:c5:2c:ee:e4:31:
         65:eb:01:8f:6e:c3:ee:6a:d7:b3:e3:f8:63:2f:52:0f:9f:2e:
         be:50:4f:d0:d3:49:5f:37:dc:96:39:cc:74:4b:17:80:79:e2:
         ce:ba:bc:f8:1c:1f:50:a5:65:72:13:58:d5:ab:4b:b2:9f:8f:
         2f:1f:70:11:87:a2:a3:10:1f:37:4c:55:46:eb:9e:a9:f4:c1:
         f1:95:e0:5a:88:44:94:45:d1:4d:65:f8:d3:94:e8:c8:6e:3f:
         24:c1:59:03:4c:00:94:18:97:43:5a:d8:4d:a7:83:ee:15:34:
         77:12:89:d6:5b:e4:a1:bd:d1:3f:b6:6a:6c:fe:5b:03:e5:5b:
         6a:04:e8:0a:90:23:a2:fe:b2:2c:d8:41:84:52:fe:96:8c:d1:
         15:96:df:d4:30:65:c0:3e:77:ed:25:cd:a1:94:bc:28:9b:01:
         3e:ad:c7:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpxnK5VUME0vPq3ePla/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWFlZDk5MTNmODg4MGFmNzU1N2VlZjNlZjAyZDZlMGZm
M2ZkNDkwHhcNMjMwMTAxMjMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDkwOTcwNGY1ZTFmZGNmZDhhZmRhNmJmY2VjN2NlMzI1NzU3ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AQNhAK3Otvx3Nho5RZ22KzVrr0E
SOPYP7fcTf/2wGH5yE2WEngZz0oANl/4SFL0Uw+d8E/oJK1aIorX895673u3NJvw
HHsXa49Mat6YlJcUSFCqmChCvmSjU/1hOvRIdgVbYMSWWOgRtMQB7i53MIJU7g5y
h7SEUGk/nbAomzbmv4lqOeU1fnnRG1NpaJw+uN1TjjWbdlGY+/hmuSCks/O/N+ld
1arqxtlE48MA0M5jbx2mg9aeWxjYm4tMAdEF4wwg7ot0BvqkOqRPnO2r0Fwz5VhT
CYNSVD0dy8iF4B2zOHRjQq4HjtOoG8Ajf6i9ecw1jDOhjWyw5UilusvAawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOCQlwT14f3P2K/aa/zsfOMldX+/MB8GA1UdIwQY
MBaAFJwa7ZkT+IgK91V+7z7wLW4P8/1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2Et
NWU2MjRhMzAzOGNmLzEvNEpDWEJQWGhfY19Zcjlwcl9PeDg0eVYxZjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2EtNWU2MjRhMzAzOGNm
LzEvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+l5MA0E
AgACMAcDBQMqChuAMA0GCSqGSIb3DQEBCwUAA4IBAQCOp+xeAL0Xf+TVN2DDWTTv
a1ij28TgWd0tXcCF7MUxP7pAON0xSFemlPsiJFAPhhk7IKNRAAtDALCzgX94ZqIz
7p2Ra9jcArPn42gnJc5uz8dCJdzlxSzu5DFl6wGPbsPuatez4/hjL1IPny6+UE/Q
00lfN9yWOcx0SxeAeeLOurz4HB9QpWVyE1jVq0uyn48vH3ARh6KjEB83TFVG656p
9MHxleBaiESURdFNZfjTlOjIbj8kwVkDTACUGJdDWthNp4PuFTR3EonWW+ShvdE/
tmps/lsD5VtqBOgKkCOi/rIs2EGEUv6WjNEVlt/UMGXAPnftJc2hlLwomwE+rces
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:06 2024 by rpki-client on console-fra.rpki-client.org