Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/4RCGU2dahcOF8-z8v_VWWCEMV8E.roa
File:                     4RCGU2dahcOF8-z8v_VWWCEMV8E.roa (raw, json)
Hash identifier:          XjRRD7eMieI1ZMe6q9jh4Kurwx8Ysb7bDcZz1EWRLyc=
Subject key identifier:   E1:10:86:53:67:5A:85:C3:85:F3:EC:FC:BF:F5:56:58:21:0C:57:C1
Certificate issuer:       /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial:       01906D500307321907ABA2742A0D992F6DFE
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/4RCGU2dahcOF8-z8v_VWWCEMV8E.roa
Signing time:             Mon 01 Jul 2024 08:01:18 +0000
ROA not before:           Mon 01 Jul 2024 08:01:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     10753
IP address blocks:        91.209.58.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 30 Dec 2024 11:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:6d:50:03:07:32:19:07:ab:a2:74:2a:0d:99:2f:6d:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
        Validity
            Not Before: Jul  1 08:01:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e1108653675a85c385f3ecfcbff55658210c57c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:2a:fc:91:0f:95:af:b7:4d:9f:d7:74:b1:ed:
                    55:f5:74:8c:f2:bd:94:20:b6:f9:e5:9d:37:37:29:
                    5a:04:7f:63:eb:0f:a7:53:8c:bf:5e:a8:bf:18:7a:
                    ce:a5:e2:94:ed:38:2b:ff:fb:20:3a:10:6d:16:a4:
                    f2:54:25:7a:d1:df:9e:9d:1c:9d:10:ae:d8:01:7a:
                    ac:2e:cc:5d:75:eb:c6:2a:8f:42:37:57:8e:97:6b:
                    2b:9f:4d:6d:a4:42:ba:61:9d:e3:25:3e:3d:10:1d:
                    63:95:a0:52:7f:4b:ae:5d:95:c7:32:7c:d3:69:12:
                    37:e7:8c:35:ed:4a:5f:9b:f3:8b:00:6a:69:81:b6:
                    f8:bd:5c:0a:b8:27:c9:5e:0c:bf:42:e1:a3:54:1f:
                    a8:f6:ba:37:0c:fe:e2:aa:0e:b8:84:56:11:d7:51:
                    94:c3:a1:53:f9:13:97:f2:77:d4:06:4d:33:28:77:
                    6c:ae:e0:ef:cb:05:23:b4:78:3a:c0:0b:b6:0a:de:
                    4b:a3:ad:52:dc:46:06:d7:18:20:e4:10:f7:33:ef:
                    29:08:21:bd:81:8e:90:ac:f7:32:b3:3c:1a:96:fb:
                    46:bc:e4:37:43:18:c8:71:d5:e1:20:e1:c7:67:13:
                    cd:c8:85:f9:07:b0:1b:f4:e7:68:e5:ec:b2:a4:b3:
                    32:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:10:86:53:67:5A:85:C3:85:F3:EC:FC:BF:F5:56:58:21:0C:57:C1
            X509v3 Authority Key Identifier:
                keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/4RCGU2dahcOF8-z8v_VWWCEMV8E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:8d:ae:d9:ba:d4:62:68:5b:97:28:ca:c3:a7:bc:46:9d:e7:
         70:c1:9d:3c:c3:83:37:b6:49:87:7c:85:37:fb:75:6b:54:a6:
         27:d2:96:16:88:2b:55:9e:5e:2c:0a:68:29:4c:96:20:3c:09:
         7f:19:62:18:a0:68:f4:d1:60:e4:09:4e:bc:1f:7d:50:2d:97:
         4b:44:20:cc:7e:8c:0a:07:8f:17:d6:76:c4:ea:b9:61:a6:6f:
         a7:28:ec:d8:de:60:ae:9f:1d:2c:7f:d1:14:94:fd:c0:57:ea:
         69:da:71:39:a5:a3:11:9d:90:40:0c:e9:92:1b:bd:1d:28:aa:
         90:a3:45:73:12:b7:aa:83:ac:bb:4b:25:36:b5:af:25:eb:52:
         e3:79:d4:2d:b4:4c:de:4d:4a:68:7a:a1:a0:bc:e9:e3:08:39:
         66:85:08:88:89:b7:0f:26:c1:8d:62:dd:1d:4b:3e:c9:42:c8:
         09:76:99:15:a9:18:c5:67:ed:ca:83:23:37:fa:dc:5d:b0:79:
         ae:14:3c:fd:5a:f3:62:48:9d:d6:17:a2:f7:83:a8:c9:6e:8c:
         a0:91:e3:0d:b4:f5:18:1d:fa:a0:5e:dd:db:fd:4e:9e:53:27:
         3f:43:6b:a6:91:e8:7e:c8:ed:eb:87:b7:49:98:00:77:5d:af:
         e8:c1:01:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBtUAMHMhkHq6J0Kg2ZL23+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjQwNzAxMDgwMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTEwODY1MzY3NWE4NWMzODVmM2VjZmNiZmY1NTY1ODIxMGM1N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySr8kQ+Vr7dNn9d0se1V9XSM8r2U
ILb55Z03NylaBH9j6w+nU4y/Xqi/GHrOpeKU7Tgr//sgOhBtFqTyVCV60d+enRyd
EK7YAXqsLsxddevGKo9CN1eOl2srn01tpEK6YZ3jJT49EB1jlaBSf0uuXZXHMnzT
aRI354w17Upfm/OLAGppgbb4vVwKuCfJXgy/QuGjVB+o9ro3DP7iqg64hFYR11GU
w6FT+ROX8nfUBk0zKHdsruDvywUjtHg6wAu2Ct5Lo61S3EYG1xgg5BD3M+8pCCG9
gY6QrPcyszwalvtGvOQ3QxjIcdXhIOHHZxPNyIX5B7Ab9Odo5eyypLMyywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEQhlNnWoXDhfPs/L/1VlghDFfBMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvNFJDR1UyZGFoY09GOC16OHZfVldXQ0VNVjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9E6MA0G
CSqGSIb3DQEBCwUAA4IBAQCrja7ZutRiaFuXKMrDp7xGnedwwZ08w4M3tkmHfIU3
+3VrVKYn0pYWiCtVnl4sCmgpTJYgPAl/GWIYoGj00WDkCU68H31QLZdLRCDMfowK
B48X1nbE6rlhpm+nKOzY3mCunx0sf9EUlP3AV+pp2nE5paMRnZBADOmSG70dKKqQ
o0VzEreqg6y7SyU2ta8l61LjedQttEzeTUpoeqGgvOnjCDlmhQiIibcPJsGNYt0d
Sz7JQsgJdpkVqRjFZ+3KgyM3+txdsHmuFDz9WvNiSJ3WF6L3g6jJboygkeMNtPUY
HfqgXt3b/U6eUyc/Q2umkeh+yO3rh7dJmAB3Xa/owQHr
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:24 2025 by rpki-client