Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/NKz-ybvsqT8_FfdBeGrHFOhfDcU.roa
File:                     NKz-ybvsqT8_FfdBeGrHFOhfDcU.roa (raw, json)
Hash identifier:          WP5mj56BcnkiMv4FClw6lGvkSl9RO6MyxtNBEH09Nr4=
Subject key identifier:   34:AC:FE:C9:BB:EC:A9:3F:3F:15:F7:41:78:6A:C7:14:E8:5F:0D:C5
Certificate issuer:       /CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Certificate serial:       01877364A79923564C827A55A73DF8E78C53
Authority key identifier: 27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/NKz-ybvsqT8_FfdBeGrHFOhfDcU.roa
Signing time:             Wed 12 Apr 2023 02:56:28 +0000
ROA not before:           Wed 12 Apr 2023 02:56:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     263522
IP address blocks:        91.188.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 05:18:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:73:64:a7:99:23:56:4c:82:7a:55:a7:3d:f8:e7:8c:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2793bde946ae936d3cacc136a5f3239edf2431f4
        Validity
            Not Before: Apr 12 02:56:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34acfec9bbeca93f3f15f741786ac714e85f0dc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:3b:20:4d:b1:da:5e:db:f6:90:bf:13:05:96:
                    9f:39:c7:79:dc:47:b6:05:98:61:38:d0:65:89:b3:
                    5d:0b:c0:c1:d9:55:70:f4:05:c9:4c:76:8a:d0:ae:
                    34:a3:56:4a:5c:47:df:95:16:f4:c7:04:4f:36:4b:
                    aa:cc:8e:33:02:fe:6c:d5:15:d8:c5:ef:08:57:7e:
                    8c:60:2e:f4:f2:a3:ac:fc:6b:86:57:a2:ce:48:5d:
                    90:9c:2e:32:e7:ab:b3:b0:3a:3d:79:03:13:f4:ce:
                    7e:a7:cc:19:4e:97:20:22:2f:22:51:1b:4b:15:ad:
                    69:93:c4:47:a7:f4:72:5a:e4:97:c3:39:96:ba:03:
                    35:24:67:34:bc:30:e9:b7:0a:c4:de:dc:94:7c:5c:
                    69:07:9e:05:13:f8:8a:67:d7:c2:b6:1f:da:5f:3c:
                    d1:6c:40:1b:0a:2e:78:a9:01:75:f7:42:bb:c3:fe:
                    5b:43:09:34:ae:27:21:b3:89:71:ea:e7:b7:f3:a4:
                    11:65:f1:fa:f9:d3:dc:07:44:d8:5f:82:55:23:34:
                    ac:29:10:e0:ab:82:6e:1d:97:b7:11:57:19:98:08:
                    12:cf:f7:5b:63:9c:1a:a1:2a:96:9c:33:e0:fe:4c:
                    97:9e:18:19:ac:f2:d8:a3:4c:9a:76:c3:dc:30:05:
                    73:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:AC:FE:C9:BB:EC:A9:3F:3F:15:F7:41:78:6A:C7:14:E8:5F:0D:C5
            X509v3 Authority Key Identifier:
                keyid:27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/NKz-ybvsqT8_FfdBeGrHFOhfDcU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.188.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:fc:35:f3:0f:59:d8:2b:7b:fa:90:8f:7c:ab:0e:47:89:7a:
         30:5c:ea:97:19:66:80:2a:ff:08:bc:7b:58:3a:bc:fd:37:78:
         0d:fb:1b:33:1c:df:8d:f4:d3:4d:f2:a6:91:ed:59:7d:66:00:
         13:0c:91:b1:de:b5:7c:d3:45:e2:ad:bd:33:80:06:23:12:26:
         79:ab:05:f6:6a:ba:97:6b:2e:36:68:25:1c:b2:86:57:c6:05:
         60:5f:c1:c8:b6:50:40:e1:2f:f8:58:67:9e:45:5e:a0:f9:b5:
         4b:bc:b4:1c:1c:a2:8a:66:ca:b3:26:73:bb:37:e1:b8:d1:20:
         5b:30:ab:17:09:92:21:de:86:9d:aa:56:e9:17:be:9b:bd:00:
         70:55:6e:20:cd:c6:ed:61:06:61:17:e1:6d:4e:85:3f:16:ee:
         58:9c:ea:3a:2d:04:7b:09:ec:11:3c:48:74:13:b1:04:eb:00:
         03:c4:6f:60:6e:d8:20:30:d7:62:c5:62:26:e4:34:1c:fb:32:
         38:55:df:9b:6a:f6:7d:d6:f7:6c:62:5d:35:8b:9f:c1:38:cd:
         ad:b5:fa:fc:52:ef:eb:14:fb:4d:f1:82:49:43:3c:98:4a:13:
         b8:d2:99:eb:df:72:e4:8d:42:05:4f:8e:c1:31:16:5d:7b:39:
         47:a5:68:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdzZKeZI1ZMgnpVpz3454xTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTNiZGU5NDZhZTkzNmQzY2FjYzEzNmE1ZjMyMzllZGYy
NDMxZjQwHhcNMjMwNDEyMDI1NjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGFjZmVjOWJiZWNhOTNmM2YxNWY3NDE3ODZhYzcxNGU4NWYwZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszsgTbHaXtv2kL8TBZafOcd53Ee2
BZhhONBlibNdC8DB2VVw9AXJTHaK0K40o1ZKXEfflRb0xwRPNkuqzI4zAv5s1RXY
xe8IV36MYC708qOs/GuGV6LOSF2QnC4y56uzsDo9eQMT9M5+p8wZTpcgIi8iURtL
Fa1pk8RHp/RyWuSXwzmWugM1JGc0vDDptwrE3tyUfFxpB54FE/iKZ9fCth/aXzzR
bEAbCi54qQF190K7w/5bQwk0richs4lx6ue386QRZfH6+dPcB0TYX4JVIzSsKRDg
q4JuHZe3EVcZmAgSz/dbY5waoSqWnDPg/kyXnhgZrPLYo0yadsPcMAVznwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSs/sm77Kk/PxX3QXhqxxToXw3FMB8GA1UdIwQY
MBaAFCeTvelGrpNtPKzBNqXzI57fJDH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2Et
OTJjM2JmNzRhOTdiLzEvTkt6LXlidnNxVDhfRmZkQmVHckhGT2hmRGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2EtOTJjM2JmNzRhOTdi
LzEvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7z8MA0G
CSqGSIb3DQEBCwUAA4IBAQCP/DXzD1nYK3v6kI98qw5HiXowXOqXGWaAKv8IvHtY
Orz9N3gN+xszHN+N9NNN8qaR7Vl9ZgATDJGx3rV800Xirb0zgAYjEiZ5qwX2arqX
ay42aCUcsoZXxgVgX8HItlBA4S/4WGeeRV6g+bVLvLQcHKKKZsqzJnO7N+G40SBb
MKsXCZIh3oadqlbpF76bvQBwVW4gzcbtYQZhF+FtToU/Fu5YnOo6LQR7CewRPEh0
E7EE6wADxG9gbtggMNdixWIm5DQc+zI4Vd+bavZ91vdsYl01i5/BOM2ttfr8Uu/r
FPtN8YJJQzyYShO40pnr33LkjUIFT47BMRZdezlHpWgL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:37 2024 by rpki-client on console-ams.rpki-client.org