Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/7e2b0a-a8ed-47b7-9d74-ab975f7d3533/1/Uf9--pILh7tiv5L8k54YZKJqBBI.roa
File:                     Uf9--pILh7tiv5L8k54YZKJqBBI.roa (raw, json)
Hash identifier:          IKbmkwXlebeAvjoUTQUPcbUr9bAeC1x/+JScZZF0TCY=
Subject key identifier:   51:FF:7E:FA:92:0B:87:BB:62:BF:92:FC:93:9E:18:64:A2:6A:04:12
Certificate issuer:       /CN=a006ca06965bee681c3531b426b599a401e1a5a4
Certificate serial:       018AB818C4CBB6807D9133A22F18017B2CB9
Authority key identifier: A0:06:CA:06:96:5B:EE:68:1C:35:31:B4:26:B5:99:A4:01:E1:A5:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oAbKBpZb7mgcNTG0JrWZpAHhpaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/7e2b0a-a8ed-47b7-9d74-ab975f7d3533/1/Uf9--pILh7tiv5L8k54YZKJqBBI.roa
Signing time:             Thu 21 Sep 2023 14:15:45 +0000
ROA not before:           Thu 21 Sep 2023 14:15:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199040
IP address blocks:        91.216.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b8:18:c4:cb:b6:80:7d:91:33:a2:2f:18:01:7b:2c:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a006ca06965bee681c3531b426b599a401e1a5a4
        Validity
            Not Before: Sep 21 14:15:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51ff7efa920b87bb62bf92fc939e1864a26a0412
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:c2:a8:13:65:8e:97:d2:bb:6f:52:25:4e:72:
                    8c:47:c0:08:5f:be:e8:a3:57:da:65:89:2c:3e:2c:
                    a5:f4:6e:9f:a0:10:8e:42:92:b9:4d:c1:0b:94:69:
                    92:a7:c9:5e:f9:2f:f9:07:c3:ae:2e:34:75:e0:c0:
                    94:e6:6b:51:90:45:dd:e1:fe:07:75:74:39:35:89:
                    40:3d:7e:15:90:1c:fb:5a:14:c9:6e:73:33:e7:0d:
                    b1:1d:f9:f4:e0:96:9f:14:b4:c0:c5:ef:f6:4b:40:
                    62:8a:50:72:6a:6c:69:f0:18:15:11:52:95:e2:6a:
                    03:1a:47:0e:a7:a5:cf:d0:ff:db:7d:80:bc:3c:a7:
                    65:f4:29:cf:5c:7b:e5:c2:fa:eb:d0:76:cb:7a:4c:
                    f1:21:0e:d7:80:9c:7c:f5:44:3d:ba:2d:4d:06:b5:
                    c6:77:8c:fc:0f:53:84:3a:88:46:e1:48:82:a2:1b:
                    9f:72:46:3a:24:a4:1f:67:af:53:78:61:5d:54:f4:
                    3c:b1:53:38:c8:5f:3a:73:f7:dc:5a:20:24:c3:f4:
                    f1:e2:fd:8b:25:b7:8e:b1:2d:a3:e5:84:26:84:5d:
                    d4:35:c0:c0:04:87:4e:9c:da:b1:53:ac:e2:fe:32:
                    3a:49:1b:3f:0a:c3:0b:26:72:79:a9:ef:79:55:eb:
                    46:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:FF:7E:FA:92:0B:87:BB:62:BF:92:FC:93:9E:18:64:A2:6A:04:12
            X509v3 Authority Key Identifier:
                keyid:A0:06:CA:06:96:5B:EE:68:1C:35:31:B4:26:B5:99:A4:01:E1:A5:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oAbKBpZb7mgcNTG0JrWZpAHhpaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/7e2b0a-a8ed-47b7-9d74-ab975f7d3533/1/Uf9--pILh7tiv5L8k54YZKJqBBI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/7e2b0a-a8ed-47b7-9d74-ab975f7d3533/1/oAbKBpZb7mgcNTG0JrWZpAHhpaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:dc:9b:15:00:8d:6f:1b:80:67:dc:bd:da:a0:9c:63:7e:44:
         26:11:77:9e:8d:6a:0f:2b:01:5a:03:ca:d7:55:88:e3:a0:a2:
         78:5f:3a:54:7c:33:5f:a0:3a:37:bc:93:0f:da:d6:91:5f:8a:
         26:d0:ca:98:2b:78:fc:24:66:3c:fc:20:c7:ce:56:5c:d3:00:
         2d:74:89:2c:67:d0:cb:08:e0:de:59:99:eb:0d:1f:ce:05:39:
         2c:81:aa:25:a4:f5:b9:57:aa:8c:cb:ad:84:70:2a:90:fc:06:
         9b:f1:83:28:50:42:ef:0f:b8:68:cd:74:8d:78:25:96:c9:1e:
         15:36:da:3c:ce:27:c2:be:48:e6:24:ca:b7:2c:25:7a:10:f0:
         07:2f:21:15:72:b2:e0:cf:33:8d:e5:4f:0b:81:44:25:44:25:
         af:b6:ff:16:d5:8d:12:cf:ed:98:c2:93:cb:3b:8f:ab:e3:8e:
         00:d4:c8:b8:91:bb:4e:fb:06:ee:45:b9:e5:96:ac:2e:3b:a6:
         bf:f6:35:18:7b:23:10:84:0e:4e:9b:07:a9:1a:00:df:64:70:
         be:c0:8f:a3:50:80:33:27:f0:d6:7f:04:30:64:d2:67:86:a0:
         54:95:64:c0:d6:19:cf:18:b3:71:f8:2d:2f:a1:c2:f4:06:be:
         11:de:9b:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq4GMTLtoB9kTOiLxgBeyy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMDZjYTA2OTY1YmVlNjgxYzM1MzFiNDI2YjU5OWE0MDFl
MWE1YTQwHhcNMjMwOTIxMTQxNTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZmN2VmYTkyMGI4N2JiNjJiZjkyZmM5MzllMTg2NGEyNmEwNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcKoE2WOl9K7b1IlTnKMR8AIX77o
o1faZYksPiyl9G6foBCOQpK5TcELlGmSp8le+S/5B8OuLjR14MCU5mtRkEXd4f4H
dXQ5NYlAPX4VkBz7WhTJbnMz5w2xHfn04JafFLTAxe/2S0BiilByamxp8BgVEVKV
4moDGkcOp6XP0P/bfYC8PKdl9CnPXHvlwvrr0HbLekzxIQ7XgJx89UQ9ui1NBrXG
d4z8D1OEOohG4UiCohufckY6JKQfZ69TeGFdVPQ8sVM4yF86c/fcWiAkw/Tx4v2L
JbeOsS2j5YQmhF3UNcDABIdOnNqxU6zi/jI6SRs/CsMLJnJ5qe95VetG0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFH/fvqSC4e7Yr+S/JOeGGSiagQSMB8GA1UdIwQY
MBaAFKAGygaWW+5oHDUxtCa1maQB4aWkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0FiS0JwWmI3bWdjTlRHMEpyV1pwQUhocGFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi83ZTJiMGEtYThlZC00N2I3LTlkNzQt
YWI5NzVmN2QzNTMzLzEvVWY5LS1wSUxoN3RpdjVMOGs1NFlaS0pxQkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi83ZTJiMGEtYThlZC00N2I3LTlkNzQtYWI5NzVmN2QzNTMz
LzEvb0FiS0JwWmI3bWdjTlRHMEpyV1pwQUhocGFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9gwMA0G
CSqGSIb3DQEBCwUAA4IBAQAP3JsVAI1vG4Bn3L3aoJxjfkQmEXeejWoPKwFaA8rX
VYjjoKJ4XzpUfDNfoDo3vJMP2taRX4om0MqYK3j8JGY8/CDHzlZc0wAtdIksZ9DL
CODeWZnrDR/OBTksgaolpPW5V6qMy62EcCqQ/Aab8YMoUELvD7hozXSNeCWWyR4V
Nto8zifCvkjmJMq3LCV6EPAHLyEVcrLgzzON5U8LgUQlRCWvtv8W1Y0Sz+2YwpPL
O4+r444A1Mi4kbtO+wbuRbnllqwuO6a/9jUYeyMQhA5OmwepGgDfZHC+wI+jUIAz
J/DWfwQwZNJnhqBUlWTA1hnPGLNx+C0vocL0Br4R3puB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:29 2024 by rpki-client on console-fra.rpki-client.org