Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/3k7FOsfmKGzWdjXxKO38UOZ7RP4.roa
File:                     3k7FOsfmKGzWdjXxKO38UOZ7RP4.roa (raw, json)
Hash identifier:          8OB3vBdxHzYfKZKAZwNtoqGNykf+LmsYqCVEvyxuhDo=
Subject key identifier:   DE:4E:C5:3A:C7:E6:28:6C:D6:76:35:F1:28:ED:FC:50:E6:7B:44:FE
Certificate issuer:       /CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Certificate serial:       01877364A71D2C32B9B3E6340747DCD1BF5E
Authority key identifier: 27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/3k7FOsfmKGzWdjXxKO38UOZ7RP4.roa
Signing time:             Wed 12 Apr 2023 02:56:28 +0000
ROA not before:           Wed 12 Apr 2023 02:56:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        91.188.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:73:64:a7:1d:2c:32:b9:b3:e6:34:07:47:dc:d1:bf:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2793bde946ae936d3cacc136a5f3239edf2431f4
        Validity
            Not Before: Apr 12 02:56:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=de4ec53ac7e6286cd67635f128edfc50e67b44fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c5:5b:0c:e7:33:97:8a:56:5f:f1:13:88:89:
                    61:b0:00:e0:b0:45:c7:be:a1:b9:96:e3:e5:ed:19:
                    96:86:de:7e:88:ed:72:15:49:cd:9f:8b:3a:8b:04:
                    56:60:30:c3:da:01:1e:94:63:52:a6:fc:9a:f1:0a:
                    1a:fa:1e:0b:52:e7:c9:12:70:9b:6f:d3:ee:e2:9b:
                    48:e7:32:21:82:fb:61:91:de:bd:68:d5:cc:07:cb:
                    6f:4f:a1:92:18:b9:02:ad:05:a7:98:80:ab:49:47:
                    10:f5:c8:94:99:93:00:4c:ce:3d:a5:3d:f5:df:2d:
                    7f:52:c3:c9:4b:e7:5f:e0:1e:2b:44:ff:b1:41:af:
                    57:eb:e4:8b:da:8e:17:27:58:55:93:24:6c:ef:ab:
                    d7:14:97:ce:59:19:d1:cc:08:35:ad:a0:92:4a:73:
                    dc:03:f1:11:2b:bd:74:e4:27:b9:59:76:2f:8d:8b:
                    13:60:f2:e5:1e:82:6c:82:c6:68:97:1c:77:a3:c8:
                    24:44:b5:ff:81:57:2d:6c:ac:12:fd:4b:46:27:c3:
                    a2:7b:26:fe:f2:17:04:c6:2b:22:38:f5:b8:e1:10:
                    97:1b:6a:97:5f:1e:42:f4:b4:f1:9f:54:e9:20:b3:
                    5c:a5:55:da:ad:ee:31:e7:99:5e:d2:49:4a:2e:20:
                    c2:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:4E:C5:3A:C7:E6:28:6C:D6:76:35:F1:28:ED:FC:50:E6:7B:44:FE
            X509v3 Authority Key Identifier:
                keyid:27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/3k7FOsfmKGzWdjXxKO38UOZ7RP4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.188.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:9b:d6:8a:53:e6:74:a8:12:e6:03:38:6b:6c:78:9b:c0:e9:
         1e:00:4d:73:e8:aa:fc:ab:5a:1a:be:85:5f:a4:79:06:cf:07:
         68:92:2b:5a:3b:0f:11:de:c8:85:04:43:c2:ea:de:b1:50:51:
         a6:27:33:b0:0f:29:7e:5c:81:9f:93:a4:14:32:19:64:92:6a:
         99:48:55:be:a2:17:b9:83:a0:3e:67:31:be:05:46:29:47:aa:
         51:be:d8:96:68:94:ae:f5:5f:ab:68:8c:52:b1:44:0e:a2:73:
         9e:b1:2b:d1:2d:60:3e:2f:2a:2c:b3:b5:02:67:2e:72:b2:76:
         ed:17:64:30:fc:39:fe:29:c0:49:41:2c:30:ec:1a:f1:3d:db:
         a3:30:32:22:a5:c0:8e:90:34:fe:3f:12:1e:1f:c2:66:7f:ec:
         85:e3:54:8d:85:de:4b:3e:09:78:4e:3f:27:79:dc:a3:bf:62:
         81:0b:44:5d:0c:14:59:4a:ca:26:f8:b9:76:ba:4f:cf:84:be:
         c0:02:51:be:ef:f2:c6:f0:f9:eb:d1:c7:70:e1:c9:95:79:83:
         42:7b:d7:8a:da:a0:11:00:d9:5a:86:11:25:31:f6:f4:f5:36:
         e8:cb:7b:ad:aa:c1:9d:0d:9b:54:bb:68:25:14:10:d6:d0:d8:
         5a:93:9b:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdzZKcdLDK5s+Y0B0fc0b9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTNiZGU5NDZhZTkzNmQzY2FjYzEzNmE1ZjMyMzllZGYy
NDMxZjQwHhcNMjMwNDEyMDI1NjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTRlYzUzYWM3ZTYyODZjZDY3NjM1ZjEyOGVkZmM1MGU2N2I0NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMVbDOczl4pWX/ETiIlhsADgsEXH
vqG5luPl7RmWht5+iO1yFUnNn4s6iwRWYDDD2gEelGNSpvya8Qoa+h4LUufJEnCb
b9Pu4ptI5zIhgvthkd69aNXMB8tvT6GSGLkCrQWnmICrSUcQ9ciUmZMATM49pT31
3y1/UsPJS+df4B4rRP+xQa9X6+SL2o4XJ1hVkyRs76vXFJfOWRnRzAg1raCSSnPc
A/ERK7105Ce5WXYvjYsTYPLlHoJsgsZolxx3o8gkRLX/gVctbKwS/UtGJ8Oieyb+
8hcExisiOPW44RCXG2qXXx5C9LTxn1TpILNcpVXare4x55le0klKLiDCRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5OxTrH5ihs1nY18Sjt/FDme0T+MB8GA1UdIwQY
MBaAFCeTvelGrpNtPKzBNqXzI57fJDH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2Et
OTJjM2JmNzRhOTdiLzEvM2s3Rk9zZm1LR3pXZGpYeEtPMzhVT1o3UlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2EtOTJjM2JmNzRhOTdi
LzEvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7z/MA0G
CSqGSIb3DQEBCwUAA4IBAQBCm9aKU+Z0qBLmAzhrbHibwOkeAE1z6Kr8q1oavoVf
pHkGzwdokitaOw8R3siFBEPC6t6xUFGmJzOwDyl+XIGfk6QUMhlkkmqZSFW+ohe5
g6A+ZzG+BUYpR6pRvtiWaJSu9V+raIxSsUQOonOesSvRLWA+Lyoss7UCZy5ysnbt
F2Qw/Dn+KcBJQSww7BrxPdujMDIipcCOkDT+PxIeH8Jmf+yF41SNhd5LPgl4Tj8n
edyjv2KBC0RdDBRZSsom+Ll2uk/PhL7AAlG+7/LG8Pnr0cdw4cmVeYNCe9eK2qAR
ANlahhElMfb09Tboy3utqsGdDZtUu2glFBDW0Nhak5sb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:37 2024 by rpki-client on console-ams.rpki-client.org