Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/21b69a-a117-4b6d-86d5-9a15bc0d3988/1/rRtNGClwkS1m4iHyCnhRhjQ8gC4.roa
File:                     rRtNGClwkS1m4iHyCnhRhjQ8gC4.roa (raw, json)
Hash identifier:          HtUNGaUsz70lmoYxFADxdJjdURCOXpfKpTHE9hO4MSU=
Subject key identifier:   AD:1B:4D:18:29:70:91:2D:66:E2:21:F2:0A:78:51:86:34:3C:80:2E
Certificate issuer:       /CN=65b48d0a37abfc34b41d2d2bae8c682ed23ec426
Certificate serial:       018572557D80A1762D32089AD4FB3DC7D1CF
Authority key identifier: 65:B4:8D:0A:37:AB:FC:34:B4:1D:2D:2B:AE:8C:68:2E:D2:3E:C4:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZbSNCjer_DS0HS0rroxoLtI-xCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/21b69a-a117-4b6d-86d5-9a15bc0d3988/1/rRtNGClwkS1m4iHyCnhRhjQ8gC4.roa
Signing time:             Mon 02 Jan 2023 11:54:43 +0000
ROA not before:           Mon 02 Jan 2023 11:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42112
IP address blocks:        91.199.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:55:7d:80:a1:76:2d:32:08:9a:d4:fb:3d:c7:d1:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65b48d0a37abfc34b41d2d2bae8c682ed23ec426
        Validity
            Not Before: Jan  2 11:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad1b4d182970912d66e221f20a785186343c802e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:fe:98:f4:f9:e4:55:40:d2:fe:2b:a4:ff:95:
                    68:3f:60:3b:3f:2a:a7:50:3e:a5:60:02:b5:01:9e:
                    c6:30:d8:fd:63:f0:f4:f5:2e:6e:97:e0:7c:a0:6a:
                    c6:64:b3:8c:0c:93:dd:21:a3:41:67:d4:1c:11:74:
                    55:2f:d0:7e:f9:22:51:16:2a:8d:71:fd:11:b0:01:
                    cd:fc:6c:35:07:cb:15:d2:be:9c:f3:36:f8:6d:5d:
                    ce:f3:ca:39:7e:00:0c:75:ba:7f:20:ac:f1:88:5b:
                    d7:18:d5:ed:57:a5:97:77:9e:ca:1d:b6:7d:20:fe:
                    1b:07:e1:20:d4:31:a2:18:d4:97:b9:eb:d7:2b:f6:
                    c2:1b:61:fc:71:4f:c8:98:28:ef:6c:a2:87:14:a4:
                    08:1b:7e:e6:05:05:94:c6:0f:d0:62:33:30:6f:80:
                    f1:5d:67:c4:2b:0d:6f:86:ca:72:b4:1a:9b:f9:bf:
                    e9:c1:f6:02:8b:92:a2:3b:93:49:ef:0d:31:ba:38:
                    80:99:ca:fe:3c:61:fd:0f:e9:c7:dd:52:f4:d1:9b:
                    0a:76:99:69:a0:ba:bd:6e:e4:5a:90:b6:9b:3e:8c:
                    5b:ce:94:1d:73:1a:b1:09:5f:13:42:06:50:e7:9c:
                    0b:dd:98:19:18:6e:85:2e:c3:b2:c4:c4:60:d3:5b:
                    bd:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:1B:4D:18:29:70:91:2D:66:E2:21:F2:0A:78:51:86:34:3C:80:2E
            X509v3 Authority Key Identifier:
                keyid:65:B4:8D:0A:37:AB:FC:34:B4:1D:2D:2B:AE:8C:68:2E:D2:3E:C4:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbSNCjer_DS0HS0rroxoLtI-xCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/21b69a-a117-4b6d-86d5-9a15bc0d3988/1/rRtNGClwkS1m4iHyCnhRhjQ8gC4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/21b69a-a117-4b6d-86d5-9a15bc0d3988/1/ZbSNCjer_DS0HS0rroxoLtI-xCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:07:54:3e:97:23:8b:ec:a1:65:19:e1:1a:de:aa:97:26:a7:
         5c:f5:90:d5:90:09:85:60:2b:83:3c:43:c5:c7:be:55:03:50:
         f3:ec:94:71:82:c6:36:7b:31:3c:20:9c:d5:2f:e0:eb:e6:2d:
         58:cb:9c:57:ea:d9:d4:12:e2:b4:71:27:ee:5c:f1:4c:33:cd:
         72:99:96:47:aa:74:0d:c2:f9:4c:46:87:c4:5d:e5:4f:62:f1:
         71:71:77:cc:e5:42:6f:c4:d2:39:54:8e:10:b9:30:f4:0c:f4:
         aa:2b:64:c1:84:2f:18:05:12:14:df:84:75:ce:c4:dd:8a:40:
         4d:bb:65:56:7d:0f:9c:69:0a:be:23:b2:c8:fa:76:80:75:ea:
         25:30:dd:6b:79:d6:c8:f5:55:14:ac:6d:7b:74:5e:61:52:d2:
         3e:73:78:92:47:18:3b:9c:59:cb:4a:a4:39:9d:6b:b8:cc:07:
         d8:c0:cf:44:f2:d5:65:51:ec:c1:36:36:58:69:3b:35:10:1c:
         33:64:d7:b4:bc:27:50:08:ae:17:df:6a:49:c2:9c:84:a6:e3:
         b2:15:a5:d3:f1:ec:08:d7:3f:7f:ec:e4:8e:d0:10:db:6a:c0:
         38:a4:92:be:ad:fe:9f:d2:b3:07:17:b9:31:1e:12:ce:3b:05:
         97:8f:3f:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVX2AoXYtMgia1Ps9x9HPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjQ4ZDBhMzdhYmZjMzRiNDFkMmQyYmFlOGM2ODJlZDIz
ZWM0MjYwHhcNMjMwMTAyMTE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDFiNGQxODI5NzA5MTJkNjZlMjIxZjIwYTc4NTE4NjM0M2M4MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/6Y9PnkVUDS/iuk/5VoP2A7Pyqn
UD6lYAK1AZ7GMNj9Y/D09S5ul+B8oGrGZLOMDJPdIaNBZ9QcEXRVL9B++SJRFiqN
cf0RsAHN/Gw1B8sV0r6c8zb4bV3O88o5fgAMdbp/IKzxiFvXGNXtV6WXd57KHbZ9
IP4bB+Eg1DGiGNSXuevXK/bCG2H8cU/ImCjvbKKHFKQIG37mBQWUxg/QYjMwb4Dx
XWfEKw1vhspytBqb+b/pwfYCi5KiO5NJ7w0xujiAmcr+PGH9D+nH3VL00ZsKdplp
oLq9buRakLabPoxbzpQdcxqxCV8TQgZQ55wL3ZgZGG6FLsOyxMRg01u9kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0bTRgpcJEtZuIh8gp4UYY0PIAuMB8GA1UdIwQY
MBaAFGW0jQo3q/w0tB0tK66MaC7SPsQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJTTkNqZXJfRFMwSFMwcnJveG9MdEkteENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMWI2OWEtYTExNy00YjZkLTg2ZDUt
OWExNWJjMGQzOTg4LzEvclJ0TkdDbHdrUzFtNGlIeUNuaFJoalE4Z0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMWI2OWEtYTExNy00YjZkLTg2ZDUtOWExNWJjMGQzOTg4
LzEvWmJTTkNqZXJfRFMwSFMwcnJveG9MdEkteENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8dbMA0G
CSqGSIb3DQEBCwUAA4IBAQBnB1Q+lyOL7KFlGeEa3qqXJqdc9ZDVkAmFYCuDPEPF
x75VA1Dz7JRxgsY2ezE8IJzVL+Dr5i1Yy5xX6tnUEuK0cSfuXPFMM81ymZZHqnQN
wvlMRofEXeVPYvFxcXfM5UJvxNI5VI4QuTD0DPSqK2TBhC8YBRIU34R1zsTdikBN
u2VWfQ+caQq+I7LI+naAdeolMN1redbI9VUUrG17dF5hUtI+c3iSRxg7nFnLSqQ5
nWu4zAfYwM9E8tVlUezBNjZYaTs1EBwzZNe0vCdQCK4X32pJwpyEpuOyFaXT8ewI
1z9/7OSO0BDbasA4pJK+rf6f0rMHF7kxHhLOOwWXjz/z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:33 2024 by rpki-client on console-ams.rpki-client.org