Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/ufdNA0hQfZyhhZvIXcXCONhq2ko.roa
File:                     ufdNA0hQfZyhhZvIXcXCONhq2ko.roa (raw, json)
Hash identifier:          jjT20I6sHxbCb5FmqtR/8oGiQWhfZMiQGKJjnQ3Oias=
Subject key identifier:   B9:F7:4D:03:48:50:7D:9C:A1:85:9B:C8:5D:C5:C2:38:D8:6A:DA:4A
Certificate issuer:       /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial:       018CC793EA81B2E9E0241C99ED4DF5EFAE37
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/ufdNA0hQfZyhhZvIXcXCONhq2ko.roa
Signing time:             Tue 02 Jan 2024 00:30:08 +0000
ROA not before:           Tue 02 Jan 2024 00:30:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57712
IP address blocks:        91.184.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 11 Feb 2024 00:38:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:ea:81:b2:e9:e0:24:1c:99:ed:4d:f5:ef:ae:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
        Validity
            Not Before: Jan  2 00:30:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b9f74d0348507d9ca1859bc85dc5c238d86ada4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:1f:de:e9:25:93:3b:b5:94:63:8e:5c:b0:35:
                    1b:9f:5c:a0:49:b4:ae:a7:03:5c:21:21:b1:19:15:
                    4a:2f:2f:6b:9e:97:f4:f9:1f:a0:1c:f0:3e:76:02:
                    4a:3d:82:8a:84:85:a0:40:f5:43:67:9a:fe:a3:39:
                    cc:3b:9a:24:3a:cf:3b:74:85:ae:da:55:3c:70:4c:
                    d7:b1:92:ed:39:9d:d6:79:57:9f:d9:bd:c2:d9:68:
                    64:7e:bd:82:25:36:1b:dc:37:a2:7a:74:fb:7d:c5:
                    07:f6:b4:a8:65:03:b7:e1:7d:ed:1f:63:33:f3:ef:
                    cc:33:33:5c:92:36:c5:dd:1b:ed:04:4e:ab:bb:5f:
                    19:11:02:63:9d:ac:07:b6:f7:cf:8c:6d:d0:d9:a2:
                    38:c3:20:5e:47:cb:33:d7:75:2c:97:3e:cc:30:62:
                    ee:95:b4:51:65:ed:78:5a:0c:85:fe:cb:a4:aa:de:
                    9f:24:08:7a:2b:37:39:3c:d8:16:70:ce:13:25:e6:
                    85:36:34:29:1b:8d:b2:49:4b:63:71:3f:67:03:73:
                    70:2c:4a:40:09:c4:55:2e:20:77:71:f7:cf:b6:7f:
                    ad:ee:95:27:52:63:6b:47:06:e8:20:9c:9b:f3:71:
                    eb:eb:44:6b:a9:02:a7:1c:d3:37:a5:d8:77:6f:78:
                    a5:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F7:4D:03:48:50:7D:9C:A1:85:9B:C8:5D:C5:C2:38:D8:6A:DA:4A
            X509v3 Authority Key Identifier:
                keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/ufdNA0hQfZyhhZvIXcXCONhq2ko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.184.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:9e:9a:f8:e4:fe:2c:9a:ab:bf:29:c6:be:73:d4:99:30:2a:
         74:d2:37:a8:37:07:21:b5:c9:82:a5:39:e7:18:54:9c:1d:2d:
         53:00:4b:85:e8:5e:c3:67:e0:01:85:b2:a4:78:f5:d5:d5:4a:
         d4:04:fb:ee:0e:a7:f0:39:77:95:9c:4d:94:f8:e0:c9:ce:b5:
         f9:30:49:16:a5:e7:07:f2:22:1f:21:d2:97:fc:28:b7:62:06:
         2d:a2:5d:59:d1:93:85:76:58:28:05:f6:72:63:8f:8d:d6:73:
         87:51:17:db:4f:67:69:9b:ed:1b:6e:f2:e9:8d:17:b1:7b:35:
         24:97:c1:59:69:59:ce:14:1e:03:67:5b:6f:62:ca:cf:cc:f5:
         ac:c7:f8:1f:54:18:1c:03:28:b2:bb:f8:2a:d9:ee:b2:65:2a:
         fb:24:d3:2b:b3:5b:9a:f4:8b:67:8b:85:c2:19:75:fe:23:80:
         bd:66:57:d1:47:3f:93:63:5a:41:27:92:e9:e7:54:35:28:4f:
         a2:bf:e9:93:8e:19:33:e1:d9:21:cb:f4:ba:d7:35:a0:79:48:
         d2:55:c2:80:12:63:60:39:1b:b7:9d:87:4c:d7:ac:d8:4e:9d:
         85:38:6f:8d:89:f7:29:b8:73:02:95:a8:42:24:8f:7f:84:ed:
         e4:4c:a3:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk+qBsungJByZ7U317643MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjQwMTAyMDAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWY3NGQwMzQ4NTA3ZDljYTE4NTliYzg1ZGM1YzIzOGQ4NmFkYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR/e6SWTO7WUY45csDUbn1ygSbSu
pwNcISGxGRVKLy9rnpf0+R+gHPA+dgJKPYKKhIWgQPVDZ5r+oznMO5okOs87dIWu
2lU8cEzXsZLtOZ3WeVef2b3C2Whkfr2CJTYb3DeienT7fcUH9rSoZQO34X3tH2Mz
8+/MMzNckjbF3RvtBE6ru18ZEQJjnawHtvfPjG3Q2aI4wyBeR8sz13Uslz7MMGLu
lbRRZe14WgyF/sukqt6fJAh6Kzc5PNgWcM4TJeaFNjQpG42ySUtjcT9nA3NwLEpA
CcRVLiB3cffPtn+t7pUnUmNrRwboIJyb83Hr60RrqQKnHNM3pdh3b3il/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLn3TQNIUH2coYWbyF3FwjjYatpKMB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvdWZkTkEwaFFmWnloaFp2SVhjWENPTmhxMmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7j9MA0G
CSqGSIb3DQEBCwUAA4IBAQCanpr45P4smqu/Kca+c9SZMCp00jeoNwchtcmCpTnn
GFScHS1TAEuF6F7DZ+ABhbKkePXV1UrUBPvuDqfwOXeVnE2U+ODJzrX5MEkWpecH
8iIfIdKX/Ci3YgYtol1Z0ZOFdlgoBfZyY4+N1nOHURfbT2dpm+0bbvLpjRexezUk
l8FZaVnOFB4DZ1tvYsrPzPWsx/gfVBgcAyiyu/gq2e6yZSr7JNMrs1ua9Itni4XC
GXX+I4C9ZlfRRz+TY1pBJ5Lp51Q1KE+iv+mTjhkz4dkhy/S61zWgeUjSVcKAEmNg
ORu3nYdM16zYTp2FOG+NifcpuHMClahCJI9/hO3kTKMT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:25 2024 by rpki-client on console-ams.rpki-client.org