Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fF5v2arTq3t06Bx_kid4HD_P540.roa
File:                     fF5v2arTq3t06Bx_kid4HD_P540.roa (raw, json)
Hash identifier:          ZgPVFLu7xTJFdu6AHH5H/ftVARAbE7J0zCF3qbeHhFA=
Subject key identifier:   7C:5E:6F:D9:AA:D3:AB:7B:74:E8:1C:7F:92:27:78:1C:3F:CF:E7:8D
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       01856CE655B43B12C5F4A3E4604D82AB76B5
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fF5v2arTq3t06Bx_kid4HD_P540.roa
Signing time:             Sun 01 Jan 2023 10:35:12 +0000
ROA not before:           Sun 01 Jan 2023 10:35:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34753
IP address blocks:        213.91.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:55:b4:3b:12:c5:f4:a3:e4:60:4d:82:ab:76:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 10:35:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c5e6fd9aad3ab7b74e81c7f9227781c3fcfe78d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:05:db:91:9f:df:2b:e7:fe:02:0f:21:36:07:
                    c9:ff:11:39:88:8d:78:49:84:c3:fb:48:0d:ea:d9:
                    8c:58:2b:c7:ea:74:8c:10:2b:6c:db:54:98:f6:0c:
                    37:6d:75:18:93:bc:ae:73:17:2d:45:d6:68:62:2c:
                    b9:3d:0d:3c:6e:4f:f1:eb:8a:d9:75:c1:1d:b1:0f:
                    11:2a:84:d2:3a:85:dd:6e:8c:e8:0f:ee:03:bd:d3:
                    34:83:80:13:44:3f:63:f1:96:ad:8e:af:a2:39:b3:
                    12:ba:fc:27:d1:24:73:05:2c:63:7c:2a:ca:0e:09:
                    bc:47:fb:35:47:b5:04:64:9f:0c:7b:d5:64:f8:f7:
                    d2:32:4d:90:b2:18:77:a2:98:88:31:f3:ad:b6:4f:
                    07:bc:c6:8f:dd:c1:52:8b:75:92:e0:8d:5f:2b:01:
                    03:4a:98:34:55:26:dd:0a:ca:92:bb:6b:c4:c6:6b:
                    47:50:e8:b2:44:af:0d:f6:ce:78:91:d2:95:a6:99:
                    c7:cd:68:71:9e:15:84:8c:07:bb:ca:a9:07:4f:3d:
                    2b:59:3c:d5:57:61:2c:62:f8:4b:88:01:62:94:b3:
                    d1:75:2e:cf:e8:54:ca:57:27:48:c3:b9:0d:ad:b7:
                    5e:74:11:cc:c5:b9:75:b6:11:09:9d:71:d8:ad:2e:
                    a0:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:5E:6F:D9:AA:D3:AB:7B:74:E8:1C:7F:92:27:78:1C:3F:CF:E7:8D
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fF5v2arTq3t06Bx_kid4HD_P540.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.91.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:37:81:d4:14:81:74:f1:b4:55:a9:fa:79:67:1c:17:c3:19:
         13:aa:1b:32:d1:2f:b6:59:08:21:1d:59:7a:85:8f:60:eb:f2:
         e3:e7:6e:ea:f6:90:07:6f:59:d3:3a:b5:d1:f1:78:76:d8:e0:
         62:fe:4b:27:b3:15:52:a2:b5:01:97:a4:c8:df:13:cb:01:47:
         72:c4:2c:31:2a:22:bd:6f:ac:34:81:90:c8:f4:da:fc:a1:21:
         6b:8d:71:95:15:9b:4c:39:46:45:8a:71:99:28:8c:b1:b0:23:
         3e:fd:76:ae:c4:5f:f7:95:1d:28:84:b1:cd:c2:07:cf:aa:26:
         cc:50:71:4a:5e:82:a8:44:f5:a5:e5:3a:5c:15:b4:bf:72:40:
         50:47:0e:72:b8:43:c2:c4:e9:71:39:c2:06:16:27:44:ee:60:
         41:dd:97:2e:c7:7e:61:39:74:0a:1c:a8:de:c8:0d:76:b7:e8:
         6f:78:8e:3a:77:04:d0:d7:b3:b5:62:1a:77:48:f3:2a:6f:02:
         05:0c:63:07:a5:a5:5f:d3:64:ee:ab:f5:0d:01:ea:99:25:33:
         e0:d4:8a:85:f3:b9:46:2e:83:68:22:ae:ed:2d:1f:c4:3c:1f:
         e3:58:09:e7:3e:63:32:4f:40:cd:98:ab:52:2e:93:2a:55:2e:
         18:ec:ac:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5lW0OxLF9KPkYE2Cq3a1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVlNmZkOWFhZDNhYjdiNzRlODFjN2Y5MjI3NzgxYzNmY2ZlNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgXbkZ/fK+f+Ag8hNgfJ/xE5iI14
SYTD+0gN6tmMWCvH6nSMECts21SY9gw3bXUYk7yucxctRdZoYiy5PQ08bk/x64rZ
dcEdsQ8RKoTSOoXdbozoD+4DvdM0g4ATRD9j8Zatjq+iObMSuvwn0SRzBSxjfCrK
Dgm8R/s1R7UEZJ8Me9Vk+PfSMk2Qshh3opiIMfOttk8HvMaP3cFSi3WS4I1fKwED
Spg0VSbdCsqSu2vExmtHUOiyRK8N9s54kdKVppnHzWhxnhWEjAe7yqkHTz0rWTzV
V2EsYvhLiAFilLPRdS7P6FTKVydIw7kNrbdedBHMxbl1thEJnXHYrS6g/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxeb9mq06t7dOgcf5IneBw/z+eNMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvZkY1djJhclRxM3QwNkJ4X2tpZDRIRF9QNTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1VupMA0G
CSqGSIb3DQEBCwUAA4IBAQAjN4HUFIF08bRVqfp5ZxwXwxkTqhsy0S+2WQghHVl6
hY9g6/Lj527q9pAHb1nTOrXR8Xh22OBi/ksnsxVSorUBl6TI3xPLAUdyxCwxKiK9
b6w0gZDI9Nr8oSFrjXGVFZtMOUZFinGZKIyxsCM+/XauxF/3lR0ohLHNwgfPqibM
UHFKXoKoRPWl5TpcFbS/ckBQRw5yuEPCxOlxOcIGFidE7mBB3Zcux35hOXQKHKje
yA12t+hveI46dwTQ17O1Yhp3SPMqbwIFDGMHpaVf02Tuq/UNAeqZJTPg1IqF87lG
LoNoIq7tLR/EPB/jWAnnPmMyT0DNmKtSLpMqVS4Y7Kww
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org