Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/deb874-f90b-42c4-bcd2-47bbf21eac9f/1/h8lIUs109bbvbD1bQ1U1dHrtUbw.roa
File:                     h8lIUs109bbvbD1bQ1U1dHrtUbw.roa (raw, json)
Hash identifier:          aNvFzpnQrQLVNXc7iu42vxCulDoXd5kZHlhBFn2OK0Y=
Subject key identifier:   87:C9:48:52:CD:74:F5:B6:EF:6C:3D:5B:43:55:35:74:7A:ED:51:BC
Certificate issuer:       /CN=ad10cdd0b8b73304c985fde1b10e40182bf13902
Certificate serial:       01856F1D9D65873542D2563481D990FD7875
Authority key identifier: AD:10:CD:D0:B8:B7:33:04:C9:85:FD:E1:B1:0E:40:18:2B:F1:39:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rRDN0Li3MwTJhf3hsQ5AGCvxOQI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/deb874-f90b-42c4-bcd2-47bbf21eac9f/1/h8lIUs109bbvbD1bQ1U1dHrtUbw.roa
Signing time:             Sun 01 Jan 2023 20:54:49 +0000
ROA not before:           Sun 01 Jan 2023 20:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57442
IP address blocks:        91.232.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:9d:65:87:35:42:d2:56:34:81:d9:90:fd:78:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad10cdd0b8b73304c985fde1b10e40182bf13902
        Validity
            Not Before: Jan  1 20:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87c94852cd74f5b6ef6c3d5b435535747aed51bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:73:3c:ab:3f:68:57:1b:45:08:6a:d5:b5:10:
                    15:99:57:da:f2:7a:8e:02:c9:d5:f4:f8:98:cb:ba:
                    9a:c0:fa:13:4c:02:a0:c8:e2:63:15:0c:30:10:df:
                    3b:f9:15:9a:1f:fe:4d:74:17:e4:92:86:91:2d:d6:
                    b3:3d:c6:4c:2c:9e:3a:ef:1c:6d:a6:3f:c9:21:58:
                    54:c4:3e:1e:e1:89:0d:6b:28:62:02:6b:1f:4d:9e:
                    99:4c:25:b5:b2:27:a3:d2:d5:96:69:dd:91:47:a8:
                    1e:c9:4f:76:1a:8c:86:1e:5f:9e:49:bc:d8:fb:b1:
                    c7:00:9a:ee:63:5d:c5:f2:9c:0d:37:fb:ec:df:60:
                    ef:b6:6e:e1:99:1d:6f:d8:f0:34:a2:68:85:05:eb:
                    b9:3b:ad:51:0b:de:80:d7:73:83:41:50:ea:95:db:
                    1e:ed:9b:c2:cd:62:c2:95:44:d0:48:a7:86:be:31:
                    6f:31:72:7c:2b:48:cb:73:19:0a:8a:25:66:22:2b:
                    58:37:00:f0:32:bd:d4:11:d0:c6:2b:06:6e:26:7c:
                    e8:a4:c4:68:ca:e1:57:f8:1b:c8:74:5b:60:9c:22:
                    1f:4b:39:73:50:9d:4d:42:72:62:7f:0f:84:f1:69:
                    fd:f9:0c:5b:26:0a:4a:c6:c5:e7:55:f4:f6:45:f2:
                    cb:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:C9:48:52:CD:74:F5:B6:EF:6C:3D:5B:43:55:35:74:7A:ED:51:BC
            X509v3 Authority Key Identifier:
                keyid:AD:10:CD:D0:B8:B7:33:04:C9:85:FD:E1:B1:0E:40:18:2B:F1:39:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRDN0Li3MwTJhf3hsQ5AGCvxOQI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/deb874-f90b-42c4-bcd2-47bbf21eac9f/1/h8lIUs109bbvbD1bQ1U1dHrtUbw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/deb874-f90b-42c4-bcd2-47bbf21eac9f/1/rRDN0Li3MwTJhf3hsQ5AGCvxOQI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:fe:98:ee:3f:45:4b:18:a2:67:c9:fb:76:2f:92:d8:2d:27:
         4e:8a:ac:3f:59:05:18:e2:60:2d:80:c8:75:91:86:fa:32:34:
         5a:19:bc:ed:67:b3:87:99:64:f0:5b:01:ba:8a:78:31:87:d5:
         41:5a:e0:18:47:82:a5:94:7a:e9:3b:6e:c8:ac:68:4f:24:f8:
         99:3a:22:4f:d6:8c:e5:9f:40:28:8b:78:f3:a8:b3:90:23:08:
         39:91:e5:7a:9c:c6:79:9b:1c:a7:2d:77:e3:ea:a8:17:1d:cf:
         61:15:81:79:4b:a6:3c:b4:7d:23:e5:e4:77:d6:06:34:99:69:
         9d:0d:fd:c2:99:59:39:de:ac:82:df:fd:69:8a:b4:93:3a:c6:
         46:e8:b1:8a:9c:31:4f:b0:26:b3:24:f4:dc:69:80:26:15:4b:
         94:9b:18:7b:6b:97:e0:06:83:fa:3e:6a:7a:fd:08:39:fe:d2:
         3e:66:b9:2c:a0:df:6a:13:99:c4:25:b1:25:f8:dc:09:77:ba:
         c0:03:e7:0e:80:11:83:7a:70:25:26:1a:a5:67:aa:87:c8:58:
         c0:44:0e:3f:7c:93:cd:0a:56:48:f9:79:86:6d:6f:70:d7:d8:
         ef:17:ad:59:26:d1:97:c8:4a:2d:fd:2f:e1:8b:41:f5:bd:38:
         a0:90:e0:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHZ1lhzVC0lY0gdmQ/Xh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTBjZGQwYjhiNzMzMDRjOTg1ZmRlMWIxMGU0MDE4MmJm
MTM5MDIwHhcNMjMwMTAxMjA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M5NDg1MmNkNzRmNWI2ZWY2YzNkNWI0MzU1MzU3NDdhZWQ1MWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnM8qz9oVxtFCGrVtRAVmVfa8nqO
AsnV9PiYy7qawPoTTAKgyOJjFQwwEN87+RWaH/5NdBfkkoaRLdazPcZMLJ467xxt
pj/JIVhUxD4e4YkNayhiAmsfTZ6ZTCW1siej0tWWad2RR6geyU92GoyGHl+eSbzY
+7HHAJruY13F8pwNN/vs32Dvtm7hmR1v2PA0omiFBeu5O61RC96A13ODQVDqldse
7ZvCzWLClUTQSKeGvjFvMXJ8K0jLcxkKiiVmIitYNwDwMr3UEdDGKwZuJnzopMRo
yuFX+BvIdFtgnCIfSzlzUJ1NQnJifw+E8Wn9+QxbJgpKxsXnVfT2RfLLeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfJSFLNdPW272w9W0NVNXR67VG8MB8GA1UdIwQY
MBaAFK0QzdC4tzMEyYX94bEOQBgr8TkCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJETjBMaTNNd1RKaGYzaHNRNUFHQ3Z4T1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9kZWI4NzQtZjkwYi00MmM0LWJjZDIt
NDdiYmYyMWVhYzlmLzEvaDhsSVVzMTA5YmJ2YkQxYlExVTFkSHJ0VWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9kZWI4NzQtZjkwYi00MmM0LWJjZDItNDdiYmYyMWVhYzlm
LzEvclJETjBMaTNNd1RKaGYzaHNRNUFHQ3Z4T1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+gVMA0G
CSqGSIb3DQEBCwUAA4IBAQAC/pjuP0VLGKJnyft2L5LYLSdOiqw/WQUY4mAtgMh1
kYb6MjRaGbztZ7OHmWTwWwG6ingxh9VBWuAYR4KllHrpO27IrGhPJPiZOiJP1ozl
n0Aoi3jzqLOQIwg5keV6nMZ5mxynLXfj6qgXHc9hFYF5S6Y8tH0j5eR31gY0mWmd
Df3CmVk53qyC3/1pirSTOsZG6LGKnDFPsCazJPTcaYAmFUuUmxh7a5fgBoP6Pmp6
/Qg5/tI+ZrksoN9qE5nEJbEl+NwJd7rAA+cOgBGDenAlJhqlZ6qHyFjARA4/fJPN
ClZI+XmGbW9w19jvF61ZJtGXyEot/S/hi0H1vTigkOB/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org