Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/pGTQVO24tOtgrhhFWJqGYTuUuZM.roa
File:                     pGTQVO24tOtgrhhFWJqGYTuUuZM.roa (raw, json)
Hash identifier:          0Oh8EvehdUvsJSQFrZN7GnZHJNOqJl6aFG+5IK62R90=
Subject key identifier:   A4:64:D0:54:ED:B8:B4:EB:60:AE:18:45:58:9A:86:61:3B:94:B9:93
Certificate issuer:       /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial:       0187475FD0B26C571F2C83684AED9DF6D074
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/pGTQVO24tOtgrhhFWJqGYTuUuZM.roa
Signing time:             Mon 03 Apr 2023 13:47:54 +0000
ROA not before:           Mon 03 Apr 2023 13:47:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209372
IP address blocks:        91.232.8.0/22 maxlen: 24
                          91.204.181.0/24 maxlen: 24
                          91.204.182.0/24 maxlen: 24
                          91.204.182.0/23 maxlen: 23
                          91.204.180.0/24 maxlen: 24
                          91.218.176.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:47:5f:d0:b2:6c:57:1f:2c:83:68:4a:ed:9d:f6:d0:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
        Validity
            Not Before: Apr  3 13:47:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a464d054edb8b4eb60ae1845589a86613b94b993
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e1:42:8f:f7:91:6c:67:dd:30:0e:28:17:66:
                    56:b8:80:57:dc:91:3b:08:43:ff:ed:5f:29:3b:a9:
                    4a:1c:7f:e4:71:7c:8c:01:e8:54:de:41:eb:40:9c:
                    79:30:52:d1:97:17:95:e8:67:c8:b5:40:7b:21:35:
                    1a:19:30:a3:2b:ba:65:cb:4c:f9:a1:ed:61:78:db:
                    f1:cb:6f:6d:a0:f9:45:9f:08:8b:57:fc:d9:ec:6a:
                    69:42:4d:3d:f4:6d:94:58:75:c6:3e:a1:c8:0b:2b:
                    b4:57:43:95:a6:81:03:49:f6:04:ab:2d:4e:b6:de:
                    1b:13:d9:ec:97:0c:ac:43:c0:ab:8d:27:ee:ce:bc:
                    da:80:9f:73:be:08:3d:4f:e3:fd:c0:b2:13:98:ad:
                    61:62:2b:54:01:b6:3b:d0:eb:7c:58:73:4f:b4:70:
                    74:bd:0d:4d:ae:92:f2:5c:f7:ce:35:5c:a7:f8:d4:
                    32:0b:ba:11:89:92:99:a3:62:0b:a0:cd:42:0b:36:
                    24:78:c2:46:0a:b3:ab:2b:58:8e:b7:3e:24:37:b7:
                    ff:b9:01:d6:d9:7b:e0:2a:4e:b8:13:a4:a3:98:f0:
                    43:8d:23:d9:59:e1:5e:6e:77:8f:b7:f5:fd:fa:37:
                    35:b2:d2:ed:71:9b:32:16:97:88:f1:bb:bc:6d:47:
                    4c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:64:D0:54:ED:B8:B4:EB:60:AE:18:45:58:9A:86:61:3B:94:B9:93
            X509v3 Authority Key Identifier:
                keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/pGTQVO24tOtgrhhFWJqGYTuUuZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.180.0/22
                  91.218.176.0/22
                  91.232.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:43:12:9f:80:52:4e:0d:bc:3f:b7:20:85:d3:62:d7:49:c4:
         9b:c3:7a:c4:77:55:ad:8c:51:f1:3e:54:25:45:06:18:51:19:
         4b:57:b5:fe:d1:4c:b6:a3:8a:68:51:da:8e:ad:45:26:96:02:
         ec:b7:34:32:2b:a0:69:46:d2:cb:f5:e8:9f:20:c6:d3:30:6d:
         ec:e2:1b:40:21:ad:c9:52:7f:a9:b1:bc:ae:d0:a3:b3:ed:f5:
         85:67:ba:ab:1c:e7:87:cc:cc:b8:bb:26:bc:16:85:dc:ec:ee:
         e7:33:9d:56:8c:f9:53:62:41:5f:ca:81:ca:6e:53:f7:f6:89:
         4d:cc:ba:4c:df:40:9c:c0:b7:b9:e3:f3:e6:af:06:93:46:c2:
         f0:23:a5:13:36:f3:87:66:73:e3:da:77:ee:83:51:6d:0e:fb:
         e5:3e:8b:ac:59:4e:83:14:a5:98:fe:fa:7a:e8:c9:7a:64:38:
         09:7a:5c:1d:d7:1f:f5:62:32:9c:86:df:0c:f8:6f:d8:ba:60:
         87:2a:0b:13:72:3b:c3:7d:d2:8a:1c:88:5d:53:75:47:9d:72:
         e1:25:10:a0:51:2a:ab:9b:18:19:c1:4c:4b:5d:71:51:c3:0f:
         31:76:19:dd:8b:fb:52:62:97:6e:ef:1c:34:23:f6:cf:5b:1d:
         76:31:72:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdHX9CybFcfLINoSu2d9tB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjMwNDAzMTM0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDY0ZDA1NGVkYjhiNGViNjBhZTE4NDU1ODlhODY2MTNiOTRiOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOFCj/eRbGfdMA4oF2ZWuIBX3JE7
CEP/7V8pO6lKHH/kcXyMAehU3kHrQJx5MFLRlxeV6GfItUB7ITUaGTCjK7ply0z5
oe1heNvxy29toPlFnwiLV/zZ7GppQk099G2UWHXGPqHICyu0V0OVpoEDSfYEqy1O
tt4bE9nslwysQ8CrjSfuzrzagJ9zvgg9T+P9wLITmK1hYitUAbY70Ot8WHNPtHB0
vQ1NrpLyXPfONVyn+NQyC7oRiZKZo2ILoM1CCzYkeMJGCrOrK1iOtz4kN7f/uQHW
2XvgKk64E6SjmPBDjSPZWeFebnePt/X9+jc1stLtcZsyFpeI8bu8bUdM0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKRk0FTtuLTrYK4YRViahmE7lLmTMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvcEdUUVZPMjR0T3RncmhoRldKcUdZVHVVdVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8y0AwQC
W9qwAwQCW+gIMA0GCSqGSIb3DQEBCwUAA4IBAQB0QxKfgFJODbw/tyCF02LXScSb
w3rEd1WtjFHxPlQlRQYYURlLV7X+0Uy2o4poUdqOrUUmlgLstzQyK6BpRtLL9eif
IMbTMG3s4htAIa3JUn+psbyu0KOz7fWFZ7qrHOeHzMy4uya8FoXc7O7nM51WjPlT
YkFfyoHKblP39olNzLpM30CcwLe54/PmrwaTRsLwI6UTNvOHZnPj2nfug1FtDvvl
PousWU6DFKWY/vp66Ml6ZDgJelwd1x/1YjKcht8M+G/YumCHKgsTcjvDfdKKHIhd
U3VHnXLhJRCgUSqrmxgZwUxLXXFRww8xdhndi/tSYpdu7xw0I/bPWx12MXKD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org