Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a4ee0b-46eb-4e1f-87ab-9049bcadb64b/1/oORUbplUT2O48irgRHmjfduS1jo.roa
File:                     oORUbplUT2O48irgRHmjfduS1jo.roa (raw, json)
Hash identifier:          Gwq7DAjJZ4S9j3kkeH0OnQR37hJS3M1PPPbSgTTalyc=
Subject key identifier:   A0:E4:54:6E:99:54:4F:63:B8:F2:2A:E0:44:79:A3:7D:DB:92:D6:3A
Certificate issuer:       /CN=669edbfae8650adbd6af207b6ea22565439b499c
Certificate serial:       0186C1C450F08100F2AE3042074ACA073195
Authority key identifier: 66:9E:DB:FA:E8:65:0A:DB:D6:AF:20:7B:6E:A2:25:65:43:9B:49:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zp7b-uhlCtvWryB7bqIlZUObSZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/a4ee0b-46eb-4e1f-87ab-9049bcadb64b/1/oORUbplUT2O48irgRHmjfduS1jo.roa
Signing time:             Wed 08 Mar 2023 15:08:33 +0000
ROA not before:           Wed 08 Mar 2023 15:08:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62068
IP address blocks:        91.217.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c1:c4:50:f0:81:00:f2:ae:30:42:07:4a:ca:07:31:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=669edbfae8650adbd6af207b6ea22565439b499c
        Validity
            Not Before: Mar  8 15:08:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0e4546e99544f63b8f22ae04479a37ddb92d63a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:95:36:eb:f0:bc:50:be:c5:fc:ad:44:a5:17:
                    fd:ac:20:b9:dd:93:2d:89:fc:71:1c:96:78:3c:10:
                    06:ef:42:e1:b1:ab:f2:d0:6a:6d:49:cf:4b:cb:a0:
                    c3:23:04:bb:ab:b8:33:fd:9b:29:f2:8b:dc:32:31:
                    13:48:b8:72:4e:7f:bb:b1:4d:cb:cf:a4:05:8c:b8:
                    f4:bd:bd:e4:a7:0b:89:82:67:44:57:03:25:54:d7:
                    d0:d5:d1:3d:05:68:a6:5a:69:33:18:4c:54:e9:1d:
                    91:5d:b5:e7:55:89:42:75:13:fb:80:ee:51:6b:eb:
                    d5:1b:2f:2f:cc:98:c4:8b:a2:59:ae:26:a9:fe:f9:
                    cc:9e:2f:4a:ed:41:8a:80:6b:11:9a:8a:50:c0:b9:
                    e9:22:37:f6:ba:6b:9b:eb:d4:e2:ae:3f:d0:87:72:
                    75:65:8e:91:fd:a1:7f:8a:64:59:55:80:c8:a7:48:
                    35:b9:50:de:d2:98:66:62:f3:f6:e2:51:39:ba:97:
                    cc:81:a8:a6:90:a9:4f:95:4b:63:1e:ef:f7:2d:72:
                    80:84:a3:75:31:69:c7:63:ac:db:7a:dd:37:0c:06:
                    d8:6d:32:9c:b4:4f:67:bc:a2:0d:77:1c:3e:2b:1c:
                    9a:c1:ec:00:40:a5:4f:81:13:4c:c3:d8:f5:df:09:
                    ea:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:E4:54:6E:99:54:4F:63:B8:F2:2A:E0:44:79:A3:7D:DB:92:D6:3A
            X509v3 Authority Key Identifier:
                keyid:66:9E:DB:FA:E8:65:0A:DB:D6:AF:20:7B:6E:A2:25:65:43:9B:49:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zp7b-uhlCtvWryB7bqIlZUObSZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a4ee0b-46eb-4e1f-87ab-9049bcadb64b/1/oORUbplUT2O48irgRHmjfduS1jo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a4ee0b-46eb-4e1f-87ab-9049bcadb64b/1/Zp7b-uhlCtvWryB7bqIlZUObSZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:03:d4:4b:c8:3b:37:dc:b5:6d:8f:7b:65:2b:16:75:b0:28:
         f2:94:73:b7:bf:28:8d:d0:b7:93:df:2f:4b:73:32:95:48:af:
         48:01:d7:46:9c:27:5f:8b:d5:68:75:ef:b4:ce:34:08:b1:31:
         5f:1b:a6:97:65:a5:0d:a3:8a:19:a4:21:ac:36:da:c7:18:91:
         ca:2c:8a:e7:e5:1a:a1:63:f8:86:da:69:87:21:b6:8e:7b:07:
         55:88:52:c9:55:a7:30:b5:99:49:d1:33:44:c0:7f:0f:15:27:
         78:d4:3e:d0:2c:68:74:04:63:80:09:a1:ff:a9:55:9e:dd:41:
         a2:aa:3b:02:ef:66:d1:21:1f:20:4d:6f:13:5b:38:f6:bf:0b:
         6d:0d:0c:47:e9:46:e9:b1:c7:b1:d7:5a:81:d1:f9:c8:ac:50:
         b0:3d:ed:aa:74:1b:fe:91:6d:48:4c:7a:34:f9:e2:62:98:d7:
         06:39:2d:67:18:5e:7b:4b:93:50:19:a9:18:60:bb:cb:15:b6:
         0e:0f:3b:72:1e:c3:b6:b3:4b:4d:b4:39:0d:7d:12:74:94:b7:
         39:28:ce:9c:3c:9c:16:94:87:7c:da:36:2e:ec:9f:e0:90:32:
         f4:26:16:5a:eb:c5:4e:91:01:ee:45:c9:3d:ae:a4:09:b9:13:
         17:05:94:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbBxFDwgQDyrjBCB0rKBzGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OWVkYmZhZTg2NTBhZGJkNmFmMjA3YjZlYTIyNTY1NDM5
YjQ5OWMwHhcNMjMwMzA4MTUwODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGU0NTQ2ZTk5NTQ0ZjYzYjhmMjJhZTA0NDc5YTM3ZGRiOTJkNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15U26/C8UL7F/K1EpRf9rCC53ZMt
ifxxHJZ4PBAG70Lhsavy0GptSc9Ly6DDIwS7q7gz/Zsp8ovcMjETSLhyTn+7sU3L
z6QFjLj0vb3kpwuJgmdEVwMlVNfQ1dE9BWimWmkzGExU6R2RXbXnVYlCdRP7gO5R
a+vVGy8vzJjEi6JZriap/vnMni9K7UGKgGsRmopQwLnpIjf2umub69Tirj/Qh3J1
ZY6R/aF/imRZVYDIp0g1uVDe0phmYvP24lE5upfMgaimkKlPlUtjHu/3LXKAhKN1
MWnHY6zbet03DAbYbTKctE9nvKINdxw+KxyawewAQKVPgRNMw9j13wnq5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDkVG6ZVE9juPIq4ER5o33bktY6MB8GA1UdIwQY
MBaAFGae2/roZQrb1q8ge26iJWVDm0mcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnA3Yi11aGxDdHZXcnlCN2JxSWxaVU9iU1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNGVlMGItNDZlYi00ZTFmLTg3YWIt
OTA0OWJjYWRiNjRiLzEvb09SVWJwbFVUMk80OGlyZ1JIbWpmZHVTMWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNGVlMGItNDZlYi00ZTFmLTg3YWItOTA0OWJjYWRiNjRi
LzEvWnA3Yi11aGxDdHZXcnlCN2JxSWxaVU9iU1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nIMA0G
CSqGSIb3DQEBCwUAA4IBAQCGA9RLyDs33LVtj3tlKxZ1sCjylHO3vyiN0LeT3y9L
czKVSK9IAddGnCdfi9Vode+0zjQIsTFfG6aXZaUNo4oZpCGsNtrHGJHKLIrn5Rqh
Y/iG2mmHIbaOewdViFLJVacwtZlJ0TNEwH8PFSd41D7QLGh0BGOACaH/qVWe3UGi
qjsC72bRIR8gTW8TWzj2vwttDQxH6Ubpscex11qB0fnIrFCwPe2qdBv+kW1ITHo0
+eJimNcGOS1nGF57S5NQGakYYLvLFbYODztyHsO2s0tNtDkNfRJ0lLc5KM6cPJwW
lId82jYu7J/gkDL0JhZa68VOkQHuRck9rqQJuRMXBZRG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:10 2024 by rpki-client on console-ams.rpki-client.org