Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/M3TD2VbEseqTnHpCflAcnlteboA.roa
File:                     M3TD2VbEseqTnHpCflAcnlteboA.roa (raw, json)
Hash identifier:          UnGUYSx7km/XVQpoqYWkvALu7JzE5G1AQXzEPd3cdgQ=
Subject key identifier:   33:74:C3:D9:56:C4:B1:EA:93:9C:7A:42:7E:50:1C:9E:5B:5E:6E:80
Certificate issuer:       /CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Certificate serial:       01877364A7FCF22275EA2A24ACA88CECF30A
Authority key identifier: 27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/M3TD2VbEseqTnHpCflAcnlteboA.roa
Signing time:             Wed 12 Apr 2023 02:56:29 +0000
ROA not before:           Wed 12 Apr 2023 02:56:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        91.188.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:73:64:a7:fc:f2:22:75:ea:2a:24:ac:a8:8c:ec:f3:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2793bde946ae936d3cacc136a5f3239edf2431f4
        Validity
            Not Before: Apr 12 02:56:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3374c3d956c4b1ea939c7a427e501c9e5b5e6e80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:de:58:55:8d:4a:26:cc:bc:2f:b6:43:ed:c6:
                    e2:7b:1d:cc:46:90:f0:06:d0:23:70:0c:d4:f5:61:
                    30:ab:01:49:c8:84:b3:1f:a5:b4:75:cb:4b:32:2f:
                    fc:bf:07:e1:14:e9:60:17:45:bb:b1:1e:a0:24:a5:
                    f6:c0:60:93:6e:4e:00:7f:8a:ab:ed:6f:6e:63:a0:
                    e5:19:e0:d1:32:0d:db:27:61:ed:7d:d2:6c:09:58:
                    19:f0:83:1a:24:cc:c8:61:39:48:f1:c3:b2:e1:c2:
                    7a:3c:1d:0d:a8:76:07:b6:69:55:44:40:62:d8:71:
                    99:f2:d2:6f:02:6c:81:10:4f:94:15:ed:3f:1b:a3:
                    44:5d:aa:88:3b:ab:02:57:54:57:1a:da:15:2f:54:
                    e0:e2:07:70:b0:cf:ab:e3:75:7a:c2:bf:b1:f7:45:
                    a2:e0:d7:7a:8f:5b:cc:68:fc:e0:f0:c9:11:79:5b:
                    21:af:6b:83:fb:e7:00:81:45:4c:bb:a4:b0:bb:68:
                    39:c6:f4:0c:5e:08:df:4a:54:c0:48:70:9d:f2:77:
                    4d:91:9e:1b:7a:0f:d8:35:65:91:29:0d:d7:80:56:
                    2b:91:02:20:55:d5:a5:40:71:8b:5f:7c:d9:76:68:
                    c3:a9:0f:c9:7c:be:9f:54:94:01:64:76:02:ec:f6:
                    36:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:74:C3:D9:56:C4:B1:EA:93:9C:7A:42:7E:50:1C:9E:5B:5E:6E:80
            X509v3 Authority Key Identifier:
                keyid:27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/M3TD2VbEseqTnHpCflAcnlteboA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.188.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:da:91:0e:38:b9:d7:cf:80:36:9b:00:2a:58:94:55:20:1e:
         9b:69:44:e1:36:d6:30:ce:02:f1:e2:65:10:f2:7f:6d:08:c4:
         43:dc:b6:26:12:d4:69:13:04:5e:df:5a:1b:70:f3:16:0e:e7:
         f1:b7:c4:bd:85:d2:ec:03:5e:71:32:2a:59:05:ed:7b:20:62:
         c3:76:30:6b:63:4a:8e:63:a2:12:f9:68:10:71:ec:6e:25:5a:
         78:07:31:90:ab:2c:79:03:61:6a:a8:b2:ab:34:d2:44:6a:3c:
         89:2d:d9:23:e5:40:ed:96:89:83:c9:df:59:23:65:b8:15:31:
         c0:77:d0:5b:95:1d:b4:68:01:69:92:ac:76:92:e7:71:5e:a6:
         a8:3a:39:98:b3:54:78:5d:61:e0:20:59:59:e8:20:a9:14:32:
         5f:04:73:44:cd:8d:b1:17:31:45:49:24:38:e0:aa:25:42:58:
         bb:31:72:ff:ee:b9:7a:99:ff:2c:98:d9:97:1d:6e:ce:12:51:
         7c:fd:28:f8:1f:82:cf:b8:e8:40:e0:aa:8d:17:ec:b5:5e:d6:
         04:59:c1:cc:ab:e6:8b:ac:3f:ef:42:ed:e7:b8:9b:58:b7:7e:
         71:7e:fc:a0:90:18:30:b4:1f:98:49:88:4e:f2:06:93:77:d1:
         9a:96:fb:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdzZKf88iJ16iokrKiM7PMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTNiZGU5NDZhZTkzNmQzY2FjYzEzNmE1ZjMyMzllZGYy
NDMxZjQwHhcNMjMwNDEyMDI1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzc0YzNkOTU2YzRiMWVhOTM5YzdhNDI3ZTUwMWM5ZTViNWU2ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN5YVY1KJsy8L7ZD7cbiex3MRpDw
BtAjcAzU9WEwqwFJyISzH6W0dctLMi/8vwfhFOlgF0W7sR6gJKX2wGCTbk4Af4qr
7W9uY6DlGeDRMg3bJ2HtfdJsCVgZ8IMaJMzIYTlI8cOy4cJ6PB0NqHYHtmlVREBi
2HGZ8tJvAmyBEE+UFe0/G6NEXaqIO6sCV1RXGtoVL1Tg4gdwsM+r43V6wr+x90Wi
4Nd6j1vMaPzg8MkReVshr2uD++cAgUVMu6Swu2g5xvQMXgjfSlTASHCd8ndNkZ4b
eg/YNWWRKQ3XgFYrkQIgVdWlQHGLX3zZdmjDqQ/JfL6fVJQBZHYC7PY2HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDN0w9lWxLHqk5x6Qn5QHJ5bXm6AMB8GA1UdIwQY
MBaAFCeTvelGrpNtPKzBNqXzI57fJDH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2Et
OTJjM2JmNzRhOTdiLzEvTTNURDJWYkVzZXFUbkhwQ2ZsQWNubHRlYm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2EtOTJjM2JmNzRhOTdi
LzEvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7z9MA0G
CSqGSIb3DQEBCwUAA4IBAQCX2pEOOLnXz4A2mwAqWJRVIB6baUThNtYwzgLx4mUQ
8n9tCMRD3LYmEtRpEwRe31obcPMWDufxt8S9hdLsA15xMipZBe17IGLDdjBrY0qO
Y6IS+WgQcexuJVp4BzGQqyx5A2FqqLKrNNJEajyJLdkj5UDtlomDyd9ZI2W4FTHA
d9BblR20aAFpkqx2kudxXqaoOjmYs1R4XWHgIFlZ6CCpFDJfBHNEzY2xFzFFSSQ4
4KolQli7MXL/7rl6mf8smNmXHW7OElF8/Sj4H4LPuOhA4KqNF+y1XtYEWcHMq+aL
rD/vQu3nuJtYt35xfvygkBgwtB+YSYhO8gaTd9GalvuD
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:42 2024 by rpki-client on console-ams.rpki-client.org