Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/RP62wvfSazwI-XR8cBPPBWVm1uk.roa
File:                     RP62wvfSazwI-XR8cBPPBWVm1uk.roa (raw, json)
Hash identifier:          c9ci4jEI4ecvM5e7ttcCtlsqZHyF4ZT+BKQk+TuHbhc=
Subject key identifier:   44:FE:B6:C2:F7:D2:6B:3C:08:F9:74:7C:70:13:CF:05:65:66:D6:E9
Certificate issuer:       /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial:       01880B181C6ADE3E8EF20124F46D95FFA42C
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/RP62wvfSazwI-XR8cBPPBWVm1uk.roa
Signing time:             Thu 11 May 2023 13:55:09 +0000
ROA not before:           Thu 11 May 2023 13:55:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398343
IP address blocks:        91.149.221.0/24 maxlen: 24
                          91.149.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 06:39:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0b:18:1c:6a:de:3e:8e:f2:01:24:f4:6d:95:ff:a4:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
        Validity
            Not Before: May 11 13:55:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=44feb6c2f7d26b3c08f9747c7013cf056566d6e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d0:05:ad:a9:88:d6:bd:b3:7e:9f:dd:8e:19:
                    5e:47:5d:1e:1a:b2:e0:cc:06:6e:dc:00:97:34:0b:
                    72:0d:b5:cb:44:9f:8d:a6:88:aa:6e:7a:d0:ec:41:
                    ed:e0:67:f8:e9:b7:d1:b4:dd:d1:42:7b:8d:8c:ea:
                    da:c7:98:56:c3:7b:20:3c:35:ed:ae:52:11:7b:eb:
                    ea:aa:50:82:2d:2e:d0:dc:d4:04:9a:c7:9f:2a:b1:
                    41:c3:27:51:76:9e:86:60:09:e8:45:7e:5c:65:91:
                    23:62:c1:3d:11:67:eb:22:03:04:25:e8:c5:56:15:
                    5a:31:83:2a:fe:a3:ca:d5:b9:4e:17:7c:9f:40:e5:
                    81:09:e8:cb:93:61:60:53:de:0d:7b:f5:d8:22:61:
                    e0:08:39:a2:42:01:66:69:6a:fb:46:1f:97:3f:08:
                    e1:a3:bc:83:c3:49:ff:f0:36:ea:04:3d:87:65:02:
                    c8:fc:56:45:85:7d:51:58:a1:d5:e3:06:5b:ae:d9:
                    b6:4f:b0:89:18:72:a0:ee:7d:ac:0f:68:6d:d8:03:
                    84:e9:41:66:4d:91:21:73:ff:68:eb:68:4d:8d:1d:
                    97:d3:49:92:bd:00:a0:f5:86:32:c6:bc:a5:10:61:
                    7a:d8:59:0e:f3:1c:1d:5d:00:0b:ab:9c:34:55:bc:
                    df:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:FE:B6:C2:F7:D2:6B:3C:08:F9:74:7C:70:13:CF:05:65:66:D6:E9
            X509v3 Authority Key Identifier:
                keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/RP62wvfSazwI-XR8cBPPBWVm1uk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.149.221.0/24
                  91.149.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:de:44:cf:6e:b2:5e:d7:b8:5a:c8:62:19:f9:df:53:66:7e:
         cb:8c:ff:ec:1e:22:23:3d:e5:49:2a:f8:67:c6:35:41:1d:ae:
         3d:a3:16:ef:df:da:4d:11:ec:9a:cd:ef:82:e1:75:17:6a:51:
         f4:d1:3e:3d:3c:e6:f3:3c:5a:cf:c2:57:35:c0:83:75:8c:83:
         49:ed:67:71:0a:84:0c:5c:56:8b:95:28:05:23:84:20:99:d8:
         9d:21:8e:a0:09:d3:56:2f:be:a1:31:cd:8d:a6:89:03:a2:26:
         48:3f:99:f5:38:1c:8e:42:47:10:d1:39:d2:23:d0:61:9a:2f:
         86:7d:60:98:c5:1d:ab:c0:41:2d:25:96:9b:05:0e:54:f5:2a:
         2e:e1:9b:9b:b0:e4:5b:2f:d3:1a:d0:56:5f:a7:ea:26:89:f9:
         a9:46:c0:9a:cb:c0:55:78:b5:5c:3d:f6:d1:60:7b:bf:55:e1:
         55:7f:f7:bf:9c:ac:83:03:e7:62:97:23:af:80:1a:07:eb:99:
         91:27:6e:47:9e:2f:c5:23:7e:99:cf:55:16:a1:de:31:88:60:
         16:4e:03:de:7b:ac:8e:ee:80:27:47:a3:3c:a6:d1:65:af:65:
         fe:b8:e4:f1:6f:dc:ea:34:b3:69:0d:9a:3b:30:9b:c3:28:fe:
         bc:db:ed:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgLGBxq3j6O8gEk9G2V/6QsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwNTExMTM1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGZlYjZjMmY3ZDI2YjNjMDhmOTc0N2M3MDEzY2YwNTY1NjZkNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltAFramI1r2zfp/djhleR10eGrLg
zAZu3ACXNAtyDbXLRJ+NpoiqbnrQ7EHt4Gf46bfRtN3RQnuNjOrax5hWw3sgPDXt
rlIRe+vqqlCCLS7Q3NQEmsefKrFBwydRdp6GYAnoRX5cZZEjYsE9EWfrIgMEJejF
VhVaMYMq/qPK1blOF3yfQOWBCejLk2FgU94Ne/XYImHgCDmiQgFmaWr7Rh+XPwjh
o7yDw0n/8DbqBD2HZQLI/FZFhX1RWKHV4wZbrtm2T7CJGHKg7n2sD2ht2AOE6UFm
TZEhc/9o62hNjR2X00mSvQCg9YYyxrylEGF62FkO8xwdXQALq5w0VbzfJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFET+tsL30ms8CPl0fHATzwVlZtbpMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvUlA2Mnd2ZlNhendJLVhSOGNCUFBCV1ZtMXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5XdAwQA
W5XrMA0GCSqGSIb3DQEBCwUAA4IBAQBe3kTPbrJe17hayGIZ+d9TZn7LjP/sHiIj
PeVJKvhnxjVBHa49oxbv39pNEeyaze+C4XUXalH00T49PObzPFrPwlc1wIN1jINJ
7WdxCoQMXFaLlSgFI4QgmdidIY6gCdNWL76hMc2NpokDoiZIP5n1OByOQkcQ0TnS
I9Bhmi+GfWCYxR2rwEEtJZabBQ5U9Sou4ZubsORbL9Ma0FZfp+omifmpRsCay8BV
eLVcPfbRYHu/VeFVf/e/nKyDA+dilyOvgBoH65mRJ25Hni/FI36Zz1UWod4xiGAW
TgPee6yO7oAnR6M8ptFlr2X+uOTxb9zqNLNpDZo7MJvDKP682+20
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org