Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oFAnJv76hHOXxU77j794FV9aL3E.roa
File:                     oFAnJv76hHOXxU77j794FV9aL3E.roa (raw, json)
Hash identifier:          XRA526TdZaqsW2Tq9MeI7AkuORNaqnbqWeLuldjqlgo=
Subject key identifier:   A0:50:27:26:FE:FA:84:73:97:C5:4E:FB:8F:BF:78:15:5F:5A:2F:71
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       0185A56567BFB2E1A46A6E9FAA3C67AF39A5
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oFAnJv76hHOXxU77j794FV9aL3E.roa
Signing time:             Thu 12 Jan 2023 09:52:44 +0000
ROA not before:           Thu 12 Jan 2023 09:52:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        91.237.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Sep 2023 04:14:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a5:65:67:bf:b2:e1:a4:6a:6e:9f:aa:3c:67:af:39:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Jan 12 09:52:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0502726fefa847397c54efb8fbf78155f5a2f71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:5b:26:dc:ed:12:b2:d4:1f:92:53:b8:04:ee:
                    45:69:56:23:7c:8e:2c:7d:24:4b:3d:bd:35:b6:1c:
                    dd:6c:4e:1f:a6:22:a0:12:7f:96:20:17:f6:11:e7:
                    1d:7c:00:41:61:5e:4b:66:1d:83:fa:50:fc:0e:6b:
                    a8:79:c6:4d:22:22:ba:00:a0:78:fe:25:34:b0:62:
                    d8:63:fa:65:a1:38:cb:cd:41:11:e0:e3:d4:44:ab:
                    af:27:f8:70:d9:0c:88:d1:b7:06:ef:13:09:d1:97:
                    62:65:7a:ce:86:e8:63:80:e0:ca:8c:10:fa:13:72:
                    b7:8a:7e:f2:19:2e:5e:57:f0:21:de:e0:67:2e:bd:
                    be:72:ef:7b:4a:e2:37:4c:a6:99:9c:eb:42:15:25:
                    f9:6f:2e:83:a4:fb:c5:a3:5d:dc:7e:03:96:13:2d:
                    f8:ef:d8:99:69:a2:64:9c:94:94:32:c6:10:73:02:
                    ca:6e:87:25:a6:e5:47:75:6a:db:2c:72:1c:ad:02:
                    7f:3a:5b:2d:aa:a8:bf:8c:0c:30:cc:34:38:e5:1d:
                    e0:3d:38:01:ff:f7:6b:31:60:11:70:7b:f7:5f:4c:
                    13:0e:1a:94:a6:3e:2a:bc:1d:27:d5:f9:28:fc:2b:
                    c4:c4:27:9e:1c:82:38:06:cd:02:71:3d:e5:a4:25:
                    1c:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:50:27:26:FE:FA:84:73:97:C5:4E:FB:8F:BF:78:15:5F:5A:2F:71
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oFAnJv76hHOXxU77j794FV9aL3E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:1c:ad:7b:33:16:51:e1:06:49:cd:4e:9a:3b:39:b4:3a:c8:
         5c:ab:d1:86:12:1f:fe:5a:5e:7e:54:43:1f:79:e8:97:48:a2:
         ad:99:80:1b:be:cc:42:c3:a5:e7:a1:6d:ea:f8:12:55:26:9b:
         9f:e0:84:80:1f:3c:9b:01:1c:99:65:33:5d:fd:91:b7:02:1c:
         18:12:d9:65:87:d6:ff:93:bc:92:9d:fe:88:b5:4e:8f:24:4b:
         00:c3:d4:ed:35:0e:dc:fa:fe:47:1f:3e:49:41:d7:44:60:08:
         f6:6e:06:82:24:55:e1:ed:8e:15:59:3a:1b:b9:2c:80:a4:5a:
         af:25:9a:af:a4:3b:9e:84:2d:24:41:28:71:f1:93:72:f6:4c:
         2b:2a:0e:85:0a:6f:ea:a2:03:d2:33:24:87:26:b9:67:83:b5:
         1f:4c:14:b4:d5:9c:ed:69:ad:28:4c:2e:0b:ca:0c:73:09:91:
         b7:42:62:27:af:aa:0f:a7:b9:4b:ba:74:a1:66:08:87:53:3c:
         98:50:69:cf:de:d4:12:b6:ec:8f:4e:38:85:33:87:7b:14:34:
         08:c2:c1:79:df:6e:d2:56:ee:0e:3f:0b:f3:b6:56:5f:c1:b2:
         65:0f:b1:4b:c4:2d:69:7b:05:ef:a1:72:e1:ab:da:a4:8a:80:
         6c:cc:80:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWlZWe/suGkam6fqjxnrzmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMwMTEyMDk1MjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUwMjcyNmZlZmE4NDczOTdjNTRlZmI4ZmJmNzgxNTVmNWEyZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1sm3O0SstQfklO4BO5FaVYjfI4s
fSRLPb01thzdbE4fpiKgEn+WIBf2EecdfABBYV5LZh2D+lD8DmuoecZNIiK6AKB4
/iU0sGLYY/ploTjLzUER4OPURKuvJ/hw2QyI0bcG7xMJ0ZdiZXrOhuhjgODKjBD6
E3K3in7yGS5eV/Ah3uBnLr2+cu97SuI3TKaZnOtCFSX5by6DpPvFo13cfgOWEy34
79iZaaJknJSUMsYQcwLKboclpuVHdWrbLHIcrQJ/Olstqqi/jAwwzDQ45R3gPTgB
//drMWARcHv3X0wTDhqUpj4qvB0n1fko/CvExCeeHII4Bs0CcT3lpCUcCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBQJyb++oRzl8VO+4+/eBVfWi9xMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvb0ZBbkp2NzZoSE9YeFU3N2o3OTRGVjlhTDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+13MA0G
CSqGSIb3DQEBCwUAA4IBAQAVHK17MxZR4QZJzU6aOzm0Oshcq9GGEh/+Wl5+VEMf
eeiXSKKtmYAbvsxCw6XnoW3q+BJVJpuf4ISAHzybARyZZTNd/ZG3AhwYEtllh9b/
k7ySnf6ItU6PJEsAw9TtNQ7c+v5HHz5JQddEYAj2bgaCJFXh7Y4VWTobuSyApFqv
JZqvpDuehC0kQShx8ZNy9kwrKg6FCm/qogPSMySHJrlng7UfTBS01Zztaa0oTC4L
ygxzCZG3QmInr6oPp7lLunShZgiHUzyYUGnP3tQStuyPTjiFM4d7FDQIwsF5327S
Vu4OPwvztlZfwbJlD7FLxC1pewXvoXLhq9qkioBszIBa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org