Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/aPMfZ5Rxana4Jfzss6JOEyf4-RA.roa
File:                     aPMfZ5Rxana4Jfzss6JOEyf4-RA.roa (raw, json)
Hash identifier:          6WCt42Cg+JRV2oMuf9HrpzWuweGgw0lRbgJDsgFD3y0=
Subject key identifier:   68:F3:1F:67:94:71:6A:76:B8:25:FC:EC:B3:A2:4E:13:27:F8:F9:10
Certificate issuer:       /CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Certificate serial:       018BB93D330AA4DC5D62C575BDC48CCE7FF2
Authority key identifier: 27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/aPMfZ5Rxana4Jfzss6JOEyf4-RA.roa
Signing time:             Fri 10 Nov 2023 12:37:57 +0000
ROA not before:           Fri 10 Nov 2023 12:37:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.188.252.0/24 maxlen: 24
                          91.188.253.0/24 maxlen: 24
                          91.188.254.0/24 maxlen: 24
                          91.188.255.0/24 maxlen: 24
                          81.31.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Dec 2023 20:35:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b9:3d:33:0a:a4:dc:5d:62:c5:75:bd:c4:8c:ce:7f:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2793bde946ae936d3cacc136a5f3239edf2431f4
        Validity
            Not Before: Nov 10 12:37:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=68f31f6794716a76b825fcecb3a24e1327f8f910
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:53:1f:b6:89:24:2d:a6:2d:63:09:24:c3:53:
                    4b:19:1e:50:12:b6:a8:da:87:18:5e:1a:65:7a:21:
                    12:fc:d3:c7:93:7d:ce:f1:e7:43:e0:1b:78:51:24:
                    9a:b9:1e:fc:6d:63:68:e1:b7:49:c4:e7:89:e8:4a:
                    52:f2:b9:a2:da:5e:fe:ff:bb:7a:19:e7:8e:7c:dc:
                    ac:66:e0:ec:c7:64:86:b2:2c:18:73:fa:e7:b2:b2:
                    58:51:31:ca:f3:24:2a:54:04:d8:87:44:b7:53:01:
                    9a:3c:24:c9:f8:c7:d5:1b:f9:d8:16:d0:89:cc:3a:
                    c6:44:d8:3f:ee:db:f8:a8:ca:d4:aa:bd:f5:ca:5e:
                    17:41:9e:18:70:ed:64:2a:2a:f2:ae:13:60:b4:bb:
                    10:e0:f7:d1:9c:58:d5:78:c0:75:41:28:60:97:ae:
                    b3:05:13:63:79:af:60:ab:e8:85:25:c7:a3:82:a2:
                    f3:2e:24:96:62:65:a9:fe:15:a6:e4:cd:43:b2:01:
                    70:d0:b0:05:64:89:83:93:7b:25:37:73:e8:85:08:
                    78:77:c3:6d:95:c8:b7:c5:b0:63:bc:b4:b0:bb:09:
                    02:59:00:69:b5:bd:eb:4d:8a:e2:36:c0:cd:5f:dc:
                    7a:f8:e6:9d:2e:37:9e:f1:fe:34:52:93:0b:68:0a:
                    67:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:F3:1F:67:94:71:6A:76:B8:25:FC:EC:B3:A2:4E:13:27:F8:F9:10
            X509v3 Authority Key Identifier:
                keyid:27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/aPMfZ5Rxana4Jfzss6JOEyf4-RA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.198.0/24
                  91.188.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1f:91:1a:a8:e7:a8:61:20:48:2e:5a:48:cb:80:b0:de:3a:bb:
         67:d5:73:78:6b:c1:74:e3:82:35:2c:ae:53:e9:88:34:b7:0a:
         fc:07:e3:9b:c3:ef:8a:23:f0:46:8f:ec:e4:52:23:78:43:05:
         dc:59:8f:b3:cb:36:28:73:25:f5:c2:50:8a:3a:22:15:26:5c:
         f7:35:57:e9:ba:9e:6e:29:d1:31:12:9a:e6:af:3a:78:27:4a:
         af:ab:c2:f0:ae:04:b9:39:6c:64:93:ab:af:29:37:20:45:7a:
         0e:71:14:ed:87:96:a4:d4:d2:48:a0:fd:ea:1c:35:a4:e8:9b:
         67:18:f8:68:07:38:72:bb:7a:a3:31:1d:91:cb:5e:c2:0c:89:
         c4:b1:65:9a:ff:91:14:04:66:26:6f:65:0a:e1:07:94:04:01:
         60:45:91:49:e7:9a:db:8c:ab:23:98:b8:d7:19:02:f0:a6:c5:
         7b:ee:2a:c7:cd:c4:7b:2a:af:63:ca:e5:79:c0:7e:f4:dc:00:
         6b:63:ef:27:65:8b:1b:9e:6e:ca:82:2c:4a:b6:bd:14:ba:a9:
         6b:48:50:05:ae:00:7d:dc:13:66:0c:81:72:47:3c:a5:d9:87:
         a1:14:70:88:3a:7b:d4:98:5f:49:87:01:58:7b:f1:24:f1:ab:
         a1:67:58:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu5PTMKpNxdYsV1vcSMzn/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTNiZGU5NDZhZTkzNmQzY2FjYzEzNmE1ZjMyMzllZGYy
NDMxZjQwHhcNMjMxMTEwMTIzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGYzMWY2Nzk0NzE2YTc2YjgyNWZjZWNiM2EyNGUxMzI3ZjhmOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51MftokkLaYtYwkkw1NLGR5QErao
2ocYXhpleiES/NPHk33O8edD4Bt4USSauR78bWNo4bdJxOeJ6EpS8rmi2l7+/7t6
GeeOfNysZuDsx2SGsiwYc/rnsrJYUTHK8yQqVATYh0S3UwGaPCTJ+MfVG/nYFtCJ
zDrGRNg/7tv4qMrUqr31yl4XQZ4YcO1kKiryrhNgtLsQ4PfRnFjVeMB1QShgl66z
BRNjea9gq+iFJcejgqLzLiSWYmWp/hWm5M1DsgFw0LAFZImDk3slN3PohQh4d8Nt
lci3xbBjvLSwuwkCWQBptb3rTYriNsDNX9x6+OadLjee8f40UpMLaApnpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGjzH2eUcWp2uCX87LOiThMn+PkQMB8GA1UdIwQY
MBaAFCeTvelGrpNtPKzBNqXzI57fJDH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2Et
OTJjM2JmNzRhOTdiLzEvYVBNZlo1UnhhbmE0SmZ6c3M2Sk9FeWY0LVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2EtOTJjM2JmNzRhOTdi
LzEvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUR/GAwQC
W7z8MA0GCSqGSIb3DQEBCwUAA4IBAQAfkRqo56hhIEguWkjLgLDeOrtn1XN4a8F0
44I1LK5T6Yg0twr8B+Obw++KI/BGj+zkUiN4QwXcWY+zyzYocyX1wlCKOiIVJlz3
NVfpup5uKdExEprmrzp4J0qvq8LwrgS5OWxkk6uvKTcgRXoOcRTth5ak1NJIoP3q
HDWk6JtnGPhoBzhyu3qjMR2Ry17CDInEsWWa/5EUBGYmb2UK4QeUBAFgRZFJ55rb
jKsjmLjXGQLwpsV77irHzcR7Kq9jyuV5wH703ABrY+8nZYsbnm7KgixKtr0Uuqlr
SFAFrgB93BNmDIFyRzyl2YehFHCIOnvUmF9JhwFYe/Ek8auhZ1gv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:13 2024 by rpki-client on console-fra.rpki-client.org