Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/pvKk4g9R3xLK3ot2P6431YfC7GI.roa
File:                     pvKk4g9R3xLK3ot2P6431YfC7GI.roa (raw, json)
Hash identifier:          akNaOBjBhMyoP7LEzn6Q2Id8MBAF7Amwu4Kol0eWJis=
Subject key identifier:   A6:F2:A4:E2:0F:51:DF:12:CA:DE:8B:76:3F:AE:37:D5:87:C2:EC:62
Certificate issuer:       /CN=47bf2ffeda381e54818df07052cf67e222515f89
Certificate serial:       018895C76297361B4F1B57BF82364E38BA94
Authority key identifier: 47:BF:2F:FE:DA:38:1E:54:81:8D:F0:70:52:CF:67:E2:22:51:5F:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R78v_to4HlSBjfBwUs9n4iJRX4k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/pvKk4g9R3xLK3ot2P6431YfC7GI.roa
Signing time:             Wed 07 Jun 2023 12:14:12 +0000
ROA not before:           Wed 07 Jun 2023 12:14:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        80.91.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:95:c7:62:97:36:1b:4f:1b:57:bf:82:36:4e:38:ba:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47bf2ffeda381e54818df07052cf67e222515f89
        Validity
            Not Before: Jun  7 12:14:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a6f2a4e20f51df12cade8b763fae37d587c2ec62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:eb:cb:7b:00:87:28:36:99:23:ad:2a:34:dd:
                    6d:a3:fd:50:84:fe:a6:76:03:9b:d0:23:3e:ab:1b:
                    cb:e0:f2:5a:7e:f8:6c:9b:a8:50:8d:c3:48:4e:70:
                    2d:46:2b:7e:95:c7:3c:54:78:43:c4:fb:ae:0a:93:
                    86:b2:19:4b:c8:d4:18:1a:bc:64:2c:5c:2a:52:c4:
                    a4:f4:89:02:e8:5f:d0:63:88:06:15:9d:b9:94:85:
                    57:69:d1:d0:aa:c5:5b:cd:64:8d:b7:08:b5:f9:cd:
                    7d:f9:c7:f2:d7:e0:f3:9f:ab:97:19:cd:f3:eb:78:
                    aa:27:db:14:3b:ed:32:3a:df:a7:60:4b:88:07:50:
                    e7:d2:0e:b2:60:e0:bf:96:26:70:f7:48:98:54:85:
                    e1:de:86:a9:16:54:bf:ce:bb:b1:00:7f:fd:5e:83:
                    78:13:e1:cf:91:71:bc:f7:41:00:54:3e:17:90:df:
                    ab:5d:6a:c2:c7:53:62:c3:b3:bb:e2:c3:9b:0c:4c:
                    95:88:af:2e:b3:c1:74:74:67:01:af:09:5c:f4:52:
                    6a:5a:db:6c:2a:c5:b2:fa:0d:e9:15:b7:4d:bc:96:
                    c2:c1:84:7d:d9:33:68:24:fc:7e:53:bf:35:c1:e8:
                    0c:92:c0:b8:46:0b:29:62:b2:4c:05:39:b4:a7:a2:
                    5a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:F2:A4:E2:0F:51:DF:12:CA:DE:8B:76:3F:AE:37:D5:87:C2:EC:62
            X509v3 Authority Key Identifier:
                keyid:47:BF:2F:FE:DA:38:1E:54:81:8D:F0:70:52:CF:67:E2:22:51:5F:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R78v_to4HlSBjfBwUs9n4iJRX4k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/pvKk4g9R3xLK3ot2P6431YfC7GI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/246d03-e090-4325-82f1-0bd095da78ef/1/R78v_to4HlSBjfBwUs9n4iJRX4k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.91.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:3a:66:27:1e:02:fb:b7:f8:27:77:d5:ea:82:3b:cc:80:c1:
         47:6b:f5:c1:fd:c3:b4:4b:8c:af:67:0a:b7:7f:55:cf:a2:c8:
         0f:96:92:6e:61:6a:87:48:2c:9e:08:bb:fa:c9:9b:d9:4e:72:
         e0:6f:15:1f:5b:fc:ca:b9:aa:23:0d:4a:f1:5c:6e:11:a4:d9:
         99:f4:21:e5:a4:f8:4a:8c:8d:a3:33:9d:8e:6d:aa:d3:f5:25:
         3b:53:f3:bd:3c:05:e1:62:ac:f8:05:99:27:16:f7:65:ba:67:
         73:7e:e5:c2:74:ec:52:ae:cf:9d:29:aa:15:d0:e8:60:ce:24:
         8e:99:88:1d:6f:db:03:27:82:8f:af:86:54:4e:24:7d:32:04:
         64:34:51:d6:e1:00:a3:25:e7:d5:ed:8f:c5:f2:67:a0:c8:57:
         34:92:ef:b4:0b:a3:16:19:aa:69:a1:51:74:20:8b:7c:9a:3a:
         91:fa:72:f2:78:e4:7c:f2:1b:03:7f:cf:97:2c:79:b0:5c:d0:
         16:38:6a:9c:ae:f5:31:d6:29:4b:9a:40:05:33:a4:95:03:2f:
         3d:c8:55:c1:0f:6c:fd:75:a9:f2:1d:79:10:27:96:d2:8b:e8:
         af:72:30:ab:41:71:20:70:96:67:1a:a4:cb:2c:90:d7:3b:72:
         c8:f7:f5:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiVx2KXNhtPG1e/gjZOOLqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YmYyZmZlZGEzODFlNTQ4MThkZjA3MDUyY2Y2N2UyMjI1
MTVmODkwHhcNMjMwNjA3MTIxNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmYyYTRlMjBmNTFkZjEyY2FkZThiNzYzZmFlMzdkNTg3YzJlYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9evLewCHKDaZI60qNN1to/1QhP6m
dgOb0CM+qxvL4PJafvhsm6hQjcNITnAtRit+lcc8VHhDxPuuCpOGshlLyNQYGrxk
LFwqUsSk9IkC6F/QY4gGFZ25lIVXadHQqsVbzWSNtwi1+c19+cfy1+Dzn6uXGc3z
63iqJ9sUO+0yOt+nYEuIB1Dn0g6yYOC/liZw90iYVIXh3oapFlS/zruxAH/9XoN4
E+HPkXG890EAVD4XkN+rXWrCx1Niw7O74sObDEyViK8us8F0dGcBrwlc9FJqWtts
KsWy+g3pFbdNvJbCwYR92TNoJPx+U781wegMksC4RgspYrJMBTm0p6JaOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbypOIPUd8Syt6Ldj+uN9WHwuxiMB8GA1UdIwQY
MBaAFEe/L/7aOB5UgY3wcFLPZ+IiUV+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjc4dl90bzRIbFNCamZCd1VzOW40aUpSWDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yNDZkMDMtZTA5MC00MzI1LTgyZjEt
MGJkMDk1ZGE3OGVmLzEvcHZLazRnOVIzeExLM290MlA2NDMxWWZDN0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yNDZkMDMtZTA5MC00MzI1LTgyZjEtMGJkMDk1ZGE3OGVm
LzEvUjc4dl90bzRIbFNCamZCd1VzOW40aUpSWDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvhMA0G
CSqGSIb3DQEBCwUAA4IBAQAuOmYnHgL7t/gnd9XqgjvMgMFHa/XB/cO0S4yvZwq3
f1XPosgPlpJuYWqHSCyeCLv6yZvZTnLgbxUfW/zKuaojDUrxXG4RpNmZ9CHlpPhK
jI2jM52ObarT9SU7U/O9PAXhYqz4BZknFvdlumdzfuXCdOxSrs+dKaoV0OhgziSO
mYgdb9sDJ4KPr4ZUTiR9MgRkNFHW4QCjJefV7Y/F8megyFc0ku+0C6MWGappoVF0
IIt8mjqR+nLyeOR88hsDf8+XLHmwXNAWOGqcrvUx1ilLmkAFM6SVAy89yFXBD2z9
danyHXkQJ5bSi+ivcjCrQXEgcJZnGqTLLJDXO3LI9/Xf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:40 2024 by rpki-client on console-fra.rpki-client.org