Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/71f0c3-27df-46b8-895a-36583c165dc9/1/6bwbwmiVk_h7zZ3nGcDVWAINjhw.roa
File:                     6bwbwmiVk_h7zZ3nGcDVWAINjhw.roa (raw, json)
Hash identifier:          PzomcQUe2byL7OlpmKihaROs1I3a+MKuzI6zdNOptcQ=
Subject key identifier:   E9:BC:1B:C2:68:95:93:F8:7B:CD:9D:E7:19:C0:D5:58:02:0D:8E:1C
Certificate issuer:       /CN=0e280e5bf0970c733cc34bc1be7926759ac31ded
Certificate serial:       0185710BEA245D4FA6CE5B87D7BCCB5D54BF
Authority key identifier: 0E:28:0E:5B:F0:97:0C:73:3C:C3:4B:C1:BE:79:26:75:9A:C3:1D:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DigOW_CXDHM8w0vBvnkmdZrDHe0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/71f0c3-27df-46b8-895a-36583c165dc9/1/6bwbwmiVk_h7zZ3nGcDVWAINjhw.roa
Signing time:             Mon 02 Jan 2023 05:54:44 +0000
ROA not before:           Mon 02 Jan 2023 05:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197916
IP address blocks:        91.228.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0b:ea:24:5d:4f:a6:ce:5b:87:d7:bc:cb:5d:54:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e280e5bf0970c733cc34bc1be7926759ac31ded
        Validity
            Not Before: Jan  2 05:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e9bc1bc2689593f87bcd9de719c0d558020d8e1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:46:42:a0:a4:2e:19:2a:11:16:ab:0b:6e:65:
                    b8:b2:f3:0f:44:9f:bc:e2:6b:12:1d:49:fd:30:e8:
                    11:2a:ee:a5:ee:47:e7:09:69:f0:a5:3e:5e:f7:54:
                    c2:3f:96:41:4f:de:f9:0b:57:1b:d9:51:d3:3c:29:
                    32:6d:7d:a6:97:e6:60:1f:d1:bb:79:75:7c:70:f0:
                    4e:48:78:c6:7b:fa:92:d7:26:b3:ab:42:3d:ac:db:
                    84:14:10:4d:07:fa:01:36:4e:d3:f8:0e:74:6f:e2:
                    a9:f9:2a:0b:9d:0a:5c:77:bd:2d:a0:fe:37:1b:b8:
                    71:f2:5c:13:92:b7:1e:06:c0:b6:2e:cc:41:af:cd:
                    05:8a:02:63:89:a7:6d:ae:86:9e:2d:02:a0:08:c4:
                    b0:25:d3:f6:29:a8:63:91:d9:f5:b1:8f:6a:3b:0b:
                    45:f2:ca:77:dc:19:8a:f9:23:47:11:72:45:f9:0d:
                    3b:89:11:70:17:fd:07:e7:bf:50:d3:b8:5f:c0:cb:
                    6e:48:20:ef:e4:31:db:b1:51:27:91:08:c0:a0:c3:
                    d3:4c:8e:ea:1d:4f:0c:43:7e:d0:e5:c1:04:cd:d5:
                    e8:b1:06:9d:f7:89:ba:d0:fa:31:e5:6d:16:32:0c:
                    ef:dd:27:a6:17:74:25:52:00:17:3d:3c:ed:d0:76:
                    04:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:BC:1B:C2:68:95:93:F8:7B:CD:9D:E7:19:C0:D5:58:02:0D:8E:1C
            X509v3 Authority Key Identifier:
                keyid:0E:28:0E:5B:F0:97:0C:73:3C:C3:4B:C1:BE:79:26:75:9A:C3:1D:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DigOW_CXDHM8w0vBvnkmdZrDHe0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/71f0c3-27df-46b8-895a-36583c165dc9/1/6bwbwmiVk_h7zZ3nGcDVWAINjhw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/71f0c3-27df-46b8-895a-36583c165dc9/1/DigOW_CXDHM8w0vBvnkmdZrDHe0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:d2:f8:ff:41:ae:25:77:91:92:57:c7:79:44:d5:4a:c7:c2:
         54:86:a1:b2:c3:1e:b2:df:11:da:d3:9f:d0:e2:f9:50:62:9c:
         18:ba:90:22:a9:87:7e:51:d3:f6:4c:6c:76:43:4d:8b:07:05:
         88:a4:89:a7:a3:9a:5c:c7:12:cd:49:21:d8:e3:0c:42:01:24:
         0b:8a:1a:7e:f7:8f:65:75:1b:35:dc:ff:83:f7:96:7e:24:8e:
         ab:b1:0c:90:d8:6c:18:2d:1c:b9:44:c3:7e:9a:50:1a:68:ab:
         76:4b:be:33:f1:32:89:0c:47:58:94:d8:6d:5d:52:f9:72:01:
         c9:0b:2f:a6:2b:b4:53:3a:a9:00:d9:55:fe:0b:ad:63:d4:c1:
         a9:d7:82:d9:3b:19:41:61:8e:46:dc:77:07:f9:37:82:4b:ec:
         dd:75:50:24:db:48:b2:af:cf:cb:78:16:4f:47:d1:72:ad:83:
         3e:e6:9d:b3:bb:ca:6c:b5:f9:41:94:c0:10:f2:0c:8d:a8:77:
         da:3a:b6:d8:55:e9:86:f3:52:c6:ce:c7:35:2f:41:35:78:0a:
         89:a0:13:34:c2:bc:8a:22:be:d4:d3:36:97:6e:26:1a:7b:d9:
         19:d0:9c:b1:d3:0c:8f:4d:21:55:f6:4b:79:dc:bc:9a:70:a5:
         2c:70:64:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxC+okXU+mzluH17zLXVS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjgwZTViZjA5NzBjNzMzY2MzNGJjMWJlNzkyNjc1OWFj
MzFkZWQwHhcNMjMwMTAyMDU1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWJjMWJjMjY4OTU5M2Y4N2JjZDlkZTcxOWMwZDU1ODAyMGQ4ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUZCoKQuGSoRFqsLbmW4svMPRJ+8
4msSHUn9MOgRKu6l7kfnCWnwpT5e91TCP5ZBT975C1cb2VHTPCkybX2ml+ZgH9G7
eXV8cPBOSHjGe/qS1yazq0I9rNuEFBBNB/oBNk7T+A50b+Kp+SoLnQpcd70toP43
G7hx8lwTkrceBsC2LsxBr80FigJjiadtroaeLQKgCMSwJdP2Kahjkdn1sY9qOwtF
8sp33BmK+SNHEXJF+Q07iRFwF/0H579Q07hfwMtuSCDv5DHbsVEnkQjAoMPTTI7q
HU8MQ37Q5cEEzdXosQad94m60Pox5W0WMgzv3SemF3QlUgAXPTzt0HYESwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOm8G8JolZP4e82d5xnA1VgCDY4cMB8GA1UdIwQY
MBaAFA4oDlvwlwxzPMNLwb55JnWawx3tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlnT1dfQ1hESE04dzB2QnZua21kWnJESGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83MWYwYzMtMjdkZi00NmI4LTg5NWEt
MzY1ODNjMTY1ZGM5LzEvNmJ3YndtaVZrX2g3elozbkdjRFZXQUlOamh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83MWYwYzMtMjdkZi00NmI4LTg5NWEtMzY1ODNjMTY1ZGM5
LzEvRGlnT1dfQ1hESE04dzB2QnZua21kWnJESGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+SpMA0G
CSqGSIb3DQEBCwUAA4IBAQAq0vj/Qa4ld5GSV8d5RNVKx8JUhqGywx6y3xHa05/Q
4vlQYpwYupAiqYd+UdP2TGx2Q02LBwWIpImno5pcxxLNSSHY4wxCASQLihp+949l
dRs13P+D95Z+JI6rsQyQ2GwYLRy5RMN+mlAaaKt2S74z8TKJDEdYlNhtXVL5cgHJ
Cy+mK7RTOqkA2VX+C61j1MGp14LZOxlBYY5G3HcH+TeCS+zddVAk20iyr8/LeBZP
R9FyrYM+5p2zu8pstflBlMAQ8gyNqHfaOrbYVemG81LGzsc1L0E1eAqJoBM0wryK
Ir7U0zaXbiYae9kZ0Jyx0wyPTSFV9kt53LyacKUscGSF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:55 2024 by rpki-client on console-fra.rpki-client.org