Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/PRx3rc8RLzt8Fg0zkWwOjQfq04E.roa
File:                     PRx3rc8RLzt8Fg0zkWwOjQfq04E.roa (raw, json)
Hash identifier:          gFrKAbya+9bPouTIRDFfYZhE6O+S/YlXvevs5LqOZFI=
Subject key identifier:   3D:1C:77:AD:CF:11:2F:3B:7C:16:0D:33:91:6C:0E:8D:07:EA:D3:81
Certificate issuer:       /CN=798e0da4f91007b224768acb4d131f12517d2b7a
Certificate serial:       0188E7C469F8F4BDA2FC085B1FA313B30988
Authority key identifier: 79:8E:0D:A4:F9:10:07:B2:24:76:8A:CB:4D:13:1F:12:51:7D:2B:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eY4NpPkQB7IkdorLTRMfElF9K3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/PRx3rc8RLzt8Fg0zkWwOjQfq04E.roa
Signing time:             Fri 23 Jun 2023 10:19:49 +0000
ROA not before:           Fri 23 Jun 2023 10:19:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31229
IP address blocks:        91.202.101.0/24 maxlen: 24
                          91.202.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e7:c4:69:f8:f4:bd:a2:fc:08:5b:1f:a3:13:b3:09:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=798e0da4f91007b224768acb4d131f12517d2b7a
        Validity
            Not Before: Jun 23 10:19:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d1c77adcf112f3b7c160d33916c0e8d07ead381
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2c:88:28:94:cd:35:8b:16:65:6a:58:dd:ce:
                    72:da:3d:2d:17:db:3e:41:ed:97:6a:5f:14:b2:b4:
                    db:23:3b:53:be:0b:f4:07:b6:9d:ea:a1:6d:e9:3b:
                    59:a2:a9:c5:5c:23:81:76:fb:1e:3d:90:27:1d:78:
                    9f:b6:f8:f8:41:7e:94:0e:b6:08:8c:76:c0:bd:5e:
                    48:6d:bc:fe:f3:14:00:c5:47:b6:25:3f:07:d8:b1:
                    56:56:02:c1:fc:f2:f5:ec:ed:a6:34:e8:ca:ed:b0:
                    ac:6a:e6:7d:c0:97:15:4e:cb:11:5a:c7:c6:83:e4:
                    4a:f3:a7:ec:ea:7a:35:58:f3:c7:a7:65:aa:25:01:
                    b5:5c:bf:d5:17:f4:f1:cc:1b:8e:2c:0e:58:aa:f6:
                    d4:e7:e4:3c:ca:24:af:e5:4b:a7:d2:ab:56:6b:b1:
                    ae:72:7c:be:22:6a:a8:92:3c:88:fb:ec:0c:2f:13:
                    de:49:17:e4:2b:6b:a1:37:c0:e1:a2:ba:67:89:b2:
                    67:93:53:c6:c3:fb:2a:9d:72:04:f4:37:5c:28:0a:
                    a5:e0:a8:97:a5:01:6e:96:2d:00:7f:b3:f4:bc:3c:
                    e5:52:35:93:89:9c:c1:50:1b:01:03:5b:db:01:fc:
                    d8:3e:9e:9f:b5:80:06:25:05:f5:47:34:b1:9e:42:
                    5a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:1C:77:AD:CF:11:2F:3B:7C:16:0D:33:91:6C:0E:8D:07:EA:D3:81
            X509v3 Authority Key Identifier:
                keyid:79:8E:0D:A4:F9:10:07:B2:24:76:8A:CB:4D:13:1F:12:51:7D:2B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY4NpPkQB7IkdorLTRMfElF9K3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/PRx3rc8RLzt8Fg0zkWwOjQfq04E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/eY4NpPkQB7IkdorLTRMfElF9K3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:42:bb:b4:44:77:99:7e:ea:9c:21:3e:b7:eb:62:95:78:49:
         77:04:55:22:51:22:f1:55:c7:bd:fd:08:e1:24:d4:ab:c7:84:
         1c:62:66:07:f0:21:0d:92:74:f6:80:bd:0c:a8:a4:99:21:83:
         ee:79:cf:38:70:35:1a:24:7a:c4:3b:c7:de:e4:28:bb:71:cf:
         b1:44:49:bd:42:f0:db:b8:22:d4:86:24:23:0e:7c:eb:af:a3:
         e7:22:5e:50:89:5a:31:ab:3d:6c:25:70:4c:de:90:5e:2b:52:
         ad:c4:20:93:58:dd:bb:e0:46:17:63:32:a8:b2:1a:6b:83:64:
         9f:2b:1a:b6:f6:bc:32:59:15:ba:90:e9:23:ca:d3:67:0c:79:
         2c:17:50:ef:49:0c:65:73:55:9b:fa:3f:8b:0e:da:89:c0:6b:
         f6:79:af:2f:e5:2c:02:1b:47:da:b7:a3:78:7a:aa:80:52:d6:
         35:87:14:be:f4:06:5a:46:27:f4:6c:a3:40:5e:8c:64:a5:f8:
         59:eb:74:5a:85:66:85:71:09:a8:c3:1f:13:43:a2:f1:66:0f:
         54:66:fe:b7:41:39:2d:92:cb:61:bb:58:87:5f:a9:ee:44:f6:
         19:15:24:3c:b4:44:59:12:51:b1:93:f2:45:16:6f:fa:23:4b:
         87:36:78:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjnxGn49L2i/AhbH6MTswmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGUwZGE0ZjkxMDA3YjIyNDc2OGFjYjRkMTMxZjEyNTE3
ZDJiN2EwHhcNMjMwNjIzMTAxOTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFjNzdhZGNmMTEyZjNiN2MxNjBkMzM5MTZjMGU4ZDA3ZWFkMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCyIKJTNNYsWZWpY3c5y2j0tF9s+
Qe2Xal8UsrTbIztTvgv0B7ad6qFt6TtZoqnFXCOBdvsePZAnHXiftvj4QX6UDrYI
jHbAvV5Ibbz+8xQAxUe2JT8H2LFWVgLB/PL17O2mNOjK7bCsauZ9wJcVTssRWsfG
g+RK86fs6no1WPPHp2WqJQG1XL/VF/TxzBuOLA5YqvbU5+Q8yiSv5Uun0qtWa7Gu
cny+ImqokjyI++wMLxPeSRfkK2uhN8DhorpnibJnk1PGw/sqnXIE9DdcKAql4KiX
pQFuli0Af7P0vDzlUjWTiZzBUBsBA1vbAfzYPp6ftYAGJQX1RzSxnkJaWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0cd63PES87fBYNM5FsDo0H6tOBMB8GA1UdIwQY
MBaAFHmODaT5EAeyJHaKy00THxJRfSt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk0TnBQa1FCN0lrZG9yTFRSTWZFbEY5SzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MDRlNjQtZjk4MS00NWI1LTljYWUt
NGZiNGVmOTFhODJmLzEvUFJ4M3JjOFJMenQ4RmcwemtXd09qUWZxMDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MDRlNjQtZjk4MS00NWI1LTljYWUtNGZiNGVmOTFhODJm
LzEvZVk0TnBQa1FCN0lrZG9yTFRSTWZFbEY5SzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8pkMA0G
CSqGSIb3DQEBCwUAA4IBAQBfQru0RHeZfuqcIT6362KVeEl3BFUiUSLxVce9/Qjh
JNSrx4QcYmYH8CENknT2gL0MqKSZIYPuec84cDUaJHrEO8fe5Ci7cc+xREm9QvDb
uCLUhiQjDnzrr6PnIl5QiVoxqz1sJXBM3pBeK1KtxCCTWN274EYXYzKoshprg2Sf
Kxq29rwyWRW6kOkjytNnDHksF1DvSQxlc1Wb+j+LDtqJwGv2ea8v5SwCG0fat6N4
eqqAUtY1hxS+9AZaRif0bKNAXoxkpfhZ63RahWaFcQmowx8TQ6LxZg9UZv63QTkt
ksthu1iHX6nuRPYZFSQ8tERZElGxk/JFFm/6I0uHNnhB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org