Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/VNOX33YpJkid-KPSm6ANeV2QoGw.roa
File:                     VNOX33YpJkid-KPSm6ANeV2QoGw.roa (raw, json)
Hash identifier:          dEsBEA9AvyCw4A/u4vRD/byHXt1RKAwoUEOoCdwXE4o=
Subject key identifier:   54:D3:97:DF:76:29:26:48:9D:F8:A3:D2:9B:A0:0D:79:5D:90:A0:6C
Certificate issuer:       /CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Certificate serial:       018570B9957FE87BEE548111C6A269BDFB08
Authority key identifier: 85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/VNOX33YpJkid-KPSm6ANeV2QoGw.roa
Signing time:             Mon 02 Jan 2023 04:24:48 +0000
ROA not before:           Mon 02 Jan 2023 04:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39864
IP address blocks:        91.232.94.0/24 maxlen: 24
                          91.232.93.0/24 maxlen: 24
                          91.232.92.0/24 maxlen: 24
                          91.232.95.0/24 maxlen: 24
                          91.213.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:b9:95:7f:e8:7b:ee:54:81:11:c6:a2:69:bd:fb:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
        Validity
            Not Before: Jan  2 04:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=54d397df762926489df8a3d29ba00d795d90a06c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:99:7c:35:a9:a3:7e:18:48:9d:f3:73:f4:57:
                    cd:24:bf:ea:8b:bf:56:5e:14:85:4b:2d:a6:08:bc:
                    40:29:27:0c:58:07:f7:9f:b7:73:1e:01:89:13:6e:
                    07:9c:49:ae:0f:9e:80:7e:18:29:67:7f:c8:94:6a:
                    7e:38:9b:03:69:b1:5e:e5:a7:b3:00:35:ec:19:df:
                    04:ce:3c:88:34:ec:25:63:9e:99:f1:14:09:af:8b:
                    fe:06:ae:cc:9f:81:6f:20:6f:6f:ef:9b:50:bb:f7:
                    96:ea:ff:f5:a8:e5:95:85:16:09:a7:3e:cc:e2:36:
                    f1:f2:c7:ab:15:5f:c5:d6:66:57:79:d2:9a:2b:74:
                    76:c8:41:4d:00:12:ac:db:2d:a5:47:d4:50:45:cd:
                    04:f6:72:35:bb:1e:47:4e:b1:f2:67:7a:0a:4c:32:
                    11:2d:56:f5:56:24:ab:0b:3c:4a:12:af:a8:ee:6d:
                    5d:70:91:20:e5:09:25:79:97:86:8a:36:1e:a3:61:
                    26:f7:96:04:ec:eb:9b:3d:20:c7:0a:1f:7a:bb:f4:
                    dc:f3:ab:e0:39:2b:5a:72:8a:50:40:94:f8:5b:fb:
                    f6:5d:97:65:a5:c0:22:39:da:6d:5a:c4:5b:f5:16:
                    ff:f9:d4:d0:62:24:ec:c7:76:2e:b2:ca:d8:ca:48:
                    8e:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:D3:97:DF:76:29:26:48:9D:F8:A3:D2:9B:A0:0D:79:5D:90:A0:6C
            X509v3 Authority Key Identifier:
                keyid:85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/VNOX33YpJkid-KPSm6ANeV2QoGw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.144.0/24
                  91.232.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bd:2a:b2:8d:9e:52:5d:24:b4:a8:0f:8a:75:39:62:f8:3e:12:
         43:44:7c:a1:d5:52:08:eb:a5:9e:92:e8:d7:30:15:86:49:e4:
         3c:62:0d:75:9b:de:55:0a:4a:3f:6a:c2:c0:8d:48:63:4c:3f:
         0a:85:87:e5:2c:41:96:86:7a:8e:9e:00:9d:23:5c:22:70:c6:
         8d:74:9c:7b:6e:b7:4a:78:de:a0:04:82:54:ba:2a:8b:7f:bb:
         f6:07:ca:94:fe:ed:8a:40:28:e6:30:3e:ca:80:36:dc:a3:3a:
         93:ce:3b:84:d3:5b:13:0f:22:cf:6a:f7:fb:23:72:08:39:2c:
         e4:97:a5:73:36:2d:51:6c:ac:fb:a8:51:a0:61:04:f1:b0:d2:
         33:16:a7:e9:44:03:bd:1b:bf:78:40:13:e5:f7:bd:55:1b:7d:
         0a:28:c5:f5:c1:3f:99:2d:c8:4f:6a:21:b0:46:0c:d1:b6:c7:
         e9:48:c5:14:1b:15:47:c3:5f:75:86:e9:aa:db:e9:fe:73:73:
         e4:63:d7:fc:23:01:ea:01:dc:33:03:74:24:6f:ca:ea:c3:45:
         54:29:41:fa:2b:41:f2:c6:7c:51:31:04:d7:0b:8f:73:08:ef:
         77:38:a5:a3:ec:82:e0:ab:53:60:64:71:26:53:cd:03:cc:fc:
         9b:cd:50:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwuZV/6HvuVIERxqJpvfsIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OTE2YmU3ZTYzY2ZkOGM4Yjc3YzA1ODhkMTI2OTRmMTZi
MTRjZGEwHhcNMjMwMTAyMDQyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGQzOTdkZjc2MjkyNjQ4OWRmOGEzZDI5YmEwMGQ3OTVkOTBhMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJl8NamjfhhInfNz9FfNJL/qi79W
XhSFSy2mCLxAKScMWAf3n7dzHgGJE24HnEmuD56AfhgpZ3/IlGp+OJsDabFe5aez
ADXsGd8EzjyINOwlY56Z8RQJr4v+Bq7Mn4FvIG9v75tQu/eW6v/1qOWVhRYJpz7M
4jbx8serFV/F1mZXedKaK3R2yEFNABKs2y2lR9RQRc0E9nI1ux5HTrHyZ3oKTDIR
LVb1ViSrCzxKEq+o7m1dcJEg5QkleZeGijYeo2Em95YE7OubPSDHCh96u/Tc86vg
OStacopQQJT4W/v2XZdlpcAiOdptWsRb9Rb/+dTQYiTsx3YussrYykiOXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFTTl992KSZInfij0pugDXldkKBsMB8GA1UdIwQY
MBaAFIWRa+fmPP2Mi3fAWI0SaU8WsUzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUt
YmNhMjM0ODI5ZjQ4LzEvVk5PWDMzWXBKa2lkLUtQU202QU5lVjJRb0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUtYmNhMjM0ODI5ZjQ4
LzEvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9WQAwQC
W+hcMA0GCSqGSIb3DQEBCwUAA4IBAQC9KrKNnlJdJLSoD4p1OWL4PhJDRHyh1VII
66WekujXMBWGSeQ8Yg11m95VCko/asLAjUhjTD8KhYflLEGWhnqOngCdI1wicMaN
dJx7brdKeN6gBIJUuiqLf7v2B8qU/u2KQCjmMD7KgDbcozqTzjuE01sTDyLPavf7
I3IIOSzkl6VzNi1RbKz7qFGgYQTxsNIzFqfpRAO9G794QBPl971VG30KKMX1wT+Z
LchPaiGwRgzRtsfpSMUUGxVHw191humq2+n+c3PkY9f8IwHqAdwzA3Qkb8rqw0VU
KUH6K0HyxnxRMQTXC49zCO93OKWj7ILgq1NgZHEmU80DzPybzVDe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:55 2024 by rpki-client on console-fra.rpki-client.org