Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/546dd9-aa48-445e-be60-0907ad34cb9f/1/gRaoM-iOgWoFd7gqMljPDUj8kuI.roa
File:                     gRaoM-iOgWoFd7gqMljPDUj8kuI.roa (raw, json)
Hash identifier:          W1+Q+4oZBCBpRxFOxk5ny9xxa0KsTssARAY6cn0xb7E=
Subject key identifier:   81:16:A8:33:E8:8E:81:6A:05:77:B8:2A:32:58:CF:0D:48:FC:92:E2
Certificate issuer:       /CN=d33e131008def705a417f0d40d148a36f25a1a39
Certificate serial:       018571A7BAF520012DDA6F2CC9206EE3AF75
Authority key identifier: D3:3E:13:10:08:DE:F7:05:A4:17:F0:D4:0D:14:8A:36:F2:5A:1A:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0z4TEAje9wWkF_DUDRSKNvJaGjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/546dd9-aa48-445e-be60-0907ad34cb9f/1/gRaoM-iOgWoFd7gqMljPDUj8kuI.roa
Signing time:             Mon 02 Jan 2023 08:44:55 +0000
ROA not before:           Mon 02 Jan 2023 08:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197326
IP address blocks:        91.220.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:ba:f5:20:01:2d:da:6f:2c:c9:20:6e:e3:af:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d33e131008def705a417f0d40d148a36f25a1a39
        Validity
            Not Before: Jan  2 08:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8116a833e88e816a0577b82a3258cf0d48fc92e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:27:4b:4a:f5:b1:69:18:ee:2b:a5:31:5e:2b:
                    7c:ee:85:38:fe:9d:d1:4b:db:31:b5:32:04:04:8b:
                    a2:c8:96:78:8b:52:cf:c7:4a:3e:90:4a:12:0d:32:
                    bf:05:5a:c4:e5:a4:53:f1:a4:fe:e2:a7:f9:c3:35:
                    c8:f3:f3:3f:18:15:76:d1:5e:e3:64:a1:50:59:4d:
                    0a:3e:69:5b:55:44:25:0c:d7:1d:02:3b:d9:54:29:
                    78:04:e8:af:13:17:75:4c:f2:69:89:4f:68:59:b0:
                    79:12:b2:47:b8:24:43:ad:34:02:f8:f9:d3:45:60:
                    93:37:06:82:12:5c:f1:55:c2:f7:c9:bb:10:76:ff:
                    c0:00:8e:6c:5e:bf:04:8b:99:23:1f:a6:34:a1:36:
                    16:c3:da:3c:e6:16:cc:2f:5d:5d:f8:f3:f9:11:50:
                    90:30:d6:8f:f4:5b:2b:e0:9d:0e:1b:79:a6:4e:73:
                    b8:46:80:ca:d8:34:e0:38:c2:2a:2f:d9:6e:01:f9:
                    0e:48:ee:cc:af:c2:28:22:72:9d:1a:07:b1:ff:ca:
                    12:89:20:31:af:7e:68:18:f3:3d:72:37:11:73:97:
                    ec:9b:da:eb:f6:c0:2a:5e:c7:6c:da:96:7e:25:20:
                    18:ba:b9:e1:31:e9:1c:71:09:72:7b:d4:9e:3f:90:
                    f6:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:16:A8:33:E8:8E:81:6A:05:77:B8:2A:32:58:CF:0D:48:FC:92:E2
            X509v3 Authority Key Identifier:
                keyid:D3:3E:13:10:08:DE:F7:05:A4:17:F0:D4:0D:14:8A:36:F2:5A:1A:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0z4TEAje9wWkF_DUDRSKNvJaGjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/546dd9-aa48-445e-be60-0907ad34cb9f/1/gRaoM-iOgWoFd7gqMljPDUj8kuI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/546dd9-aa48-445e-be60-0907ad34cb9f/1/0z4TEAje9wWkF_DUDRSKNvJaGjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:4e:04:aa:a8:31:71:31:69:87:e9:6e:d0:be:a6:2e:50:b9:
         45:36:ee:e3:4f:1b:43:e8:42:83:70:a5:a4:8d:3e:e2:63:ef:
         a9:fb:d7:a5:a9:18:f6:7f:73:6a:be:7c:9a:8b:4c:71:44:18:
         a4:5e:99:64:cf:57:4e:42:1c:f4:46:ec:33:04:e1:12:81:47:
         df:81:d5:51:5f:0d:77:e8:3b:96:a7:eb:fe:d6:b5:b5:68:85:
         be:40:e2:a6:b3:fa:1d:3c:30:58:70:df:8a:e5:85:aa:4f:21:
         b3:32:02:40:cd:a1:a8:c2:e4:55:93:f5:45:1d:c0:a5:03:19:
         40:f7:ed:02:9c:4c:4c:02:7e:db:09:9e:b6:fd:15:94:05:dd:
         26:af:17:e7:61:15:9d:c7:84:d2:97:8b:c2:0f:dc:79:93:cf:
         62:bb:1d:39:ae:cb:35:c6:1d:dd:bb:de:30:25:1b:43:0d:98:
         30:16:c8:5f:5b:d5:5c:98:09:aa:8a:32:b6:9f:15:1e:43:f5:
         6d:39:5e:c2:23:07:3b:b5:6e:94:0e:e2:34:d9:0d:b1:be:f5:
         08:3b:e4:18:38:1a:34:dc:45:38:ac:a4:19:51:a2:73:cb:c8:
         7f:90:b6:e9:5b:ea:e6:d8:b7:ee:84:40:92:01:8a:e3:3f:1f:
         bc:9d:36:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7r1IAEt2m8sySBu4691MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzM2UxMzEwMDhkZWY3MDVhNDE3ZjBkNDBkMTQ4YTM2ZjI1
YTFhMzkwHhcNMjMwMTAyMDg0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTE2YTgzM2U4OGU4MTZhMDU3N2I4MmEzMjU4Y2YwZDQ4ZmM5MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjidLSvWxaRjuK6UxXit87oU4/p3R
S9sxtTIEBIuiyJZ4i1LPx0o+kEoSDTK/BVrE5aRT8aT+4qf5wzXI8/M/GBV20V7j
ZKFQWU0KPmlbVUQlDNcdAjvZVCl4BOivExd1TPJpiU9oWbB5ErJHuCRDrTQC+PnT
RWCTNwaCElzxVcL3ybsQdv/AAI5sXr8Ei5kjH6Y0oTYWw9o85hbML11d+PP5EVCQ
MNaP9Fsr4J0OG3mmTnO4RoDK2DTgOMIqL9luAfkOSO7Mr8IoInKdGgex/8oSiSAx
r35oGPM9cjcRc5fsm9rr9sAqXsds2pZ+JSAYurnhMekccQlye9SeP5D2GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEWqDPojoFqBXe4KjJYzw1I/JLiMB8GA1UdIwQY
MBaAFNM+ExAI3vcFpBfw1A0UijbyWho5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHo0VEVBamU5d1drRl9EVURSU0tOdkphR2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81NDZkZDktYWE0OC00NDVlLWJlNjAt
MDkwN2FkMzRjYjlmLzEvZ1Jhb00taU9nV29GZDdncU1salBEVWo4a3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81NDZkZDktYWE0OC00NDVlLWJlNjAtMDkwN2FkMzRjYjlm
LzEvMHo0VEVBamU5d1drRl9EVURSU0tOdkphR2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9w3MA0G
CSqGSIb3DQEBCwUAA4IBAQA1TgSqqDFxMWmH6W7QvqYuULlFNu7jTxtD6EKDcKWk
jT7iY++p+9elqRj2f3Nqvnyai0xxRBikXplkz1dOQhz0RuwzBOESgUffgdVRXw13
6DuWp+v+1rW1aIW+QOKms/odPDBYcN+K5YWqTyGzMgJAzaGowuRVk/VFHcClAxlA
9+0CnExMAn7bCZ62/RWUBd0mrxfnYRWdx4TSl4vCD9x5k89iux05rss1xh3du94w
JRtDDZgwFshfW9VcmAmqijK2nxUeQ/VtOV7CIwc7tW6UDuI02Q2xvvUIO+QYOBo0
3EU4rKQZUaJzy8h/kLbpW+rm2LfuhECSAYrjPx+8nTa/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:55 2024 by rpki-client on console-ams.rpki-client.org