Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7a160e-a56d-41c8-8930-95817ee944ce/1/hNLhx0CXOE09Y6lYZJxuRmBmzIw.roa
File:                     hNLhx0CXOE09Y6lYZJxuRmBmzIw.roa (raw, json)
Hash identifier:          RrjMu1Hqu21OsDGqGgwE+V17FrRJWRiGMlAM/ToFI4Q=
Subject key identifier:   84:D2:E1:C7:40:97:38:4D:3D:63:A9:58:64:9C:6E:46:60:66:CC:8C
Certificate issuer:       /CN=73bbc213c6f90bd8f007139eae6fe0cafa435ece
Certificate serial:       01856F8B98CE419CC965D2A28832F0055A53
Authority key identifier: 73:BB:C2:13:C6:F9:0B:D8:F0:07:13:9E:AE:6F:E0:CA:FA:43:5E:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c7vCE8b5C9jwBxOerm_gyvpDXs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/7a160e-a56d-41c8-8930-95817ee944ce/1/hNLhx0CXOE09Y6lYZJxuRmBmzIw.roa
Signing time:             Sun 01 Jan 2023 22:54:57 +0000
ROA not before:           Sun 01 Jan 2023 22:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50599
IP address blocks:        91.224.60.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:98:ce:41:9c:c9:65:d2:a2:88:32:f0:05:5a:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73bbc213c6f90bd8f007139eae6fe0cafa435ece
        Validity
            Not Before: Jan  1 22:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84d2e1c74097384d3d63a958649c6e466066cc8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d6:c4:40:c3:db:63:bc:63:1d:cd:20:1d:94:
                    28:aa:58:c7:9f:16:23:9f:0c:41:e9:ce:f2:24:31:
                    b9:ec:7d:ee:20:87:00:ea:89:5a:ce:51:e5:70:1f:
                    63:b6:50:0a:45:b8:fc:7e:e3:4e:9e:3c:66:e3:63:
                    cb:5b:5a:b4:41:f3:3f:3b:47:2b:a6:16:c8:e2:eb:
                    5e:0e:c1:67:9a:3d:a3:a5:fe:40:92:c5:2f:5c:0f:
                    cd:4c:26:c0:c3:fb:15:7f:0c:7e:75:68:56:57:e4:
                    07:d8:1d:58:2c:cf:f9:19:ad:82:92:3d:2f:67:60:
                    c9:69:a4:1e:b6:d5:47:c3:f8:d8:0b:48:e6:f1:48:
                    dd:49:ff:85:40:a3:4f:34:a9:7a:57:44:78:83:02:
                    85:2e:5b:96:2b:10:1c:35:ea:f9:62:98:12:4b:16:
                    8a:23:1b:2b:4c:83:b6:a1:8c:67:ea:86:17:6a:46:
                    8f:7d:3a:8a:49:77:ac:c2:b8:c6:33:6e:0e:35:36:
                    8a:28:09:80:52:2c:94:de:5b:96:81:92:77:74:7d:
                    0d:4f:a4:85:c3:85:49:8c:f6:8e:44:12:e8:3e:cd:
                    7e:b6:d3:22:8a:0c:de:a9:92:c4:6d:e6:1f:36:81:
                    ba:3a:4f:cd:9a:87:0a:56:1b:d6:17:f5:f3:78:ad:
                    e0:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:D2:E1:C7:40:97:38:4D:3D:63:A9:58:64:9C:6E:46:60:66:CC:8C
            X509v3 Authority Key Identifier:
                keyid:73:BB:C2:13:C6:F9:0B:D8:F0:07:13:9E:AE:6F:E0:CA:FA:43:5E:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7vCE8b5C9jwBxOerm_gyvpDXs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7a160e-a56d-41c8-8930-95817ee944ce/1/hNLhx0CXOE09Y6lYZJxuRmBmzIw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7a160e-a56d-41c8-8930-95817ee944ce/1/c7vCE8b5C9jwBxOerm_gyvpDXs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.224.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:f3:9c:71:79:e6:c9:f5:06:8c:e6:83:1e:57:e0:77:cf:b9:
         51:b3:0b:ca:8b:17:06:0b:0e:db:48:b7:f7:77:70:14:67:8c:
         0a:2f:89:5f:53:b1:6a:bc:d5:de:e6:fe:7d:87:2b:26:cc:82:
         83:f3:07:a5:23:45:1b:6a:8e:74:f1:3c:31:d5:6e:a4:12:c2:
         6e:ea:df:e8:61:29:8f:35:94:7c:90:51:9a:3c:3c:30:bc:f4:
         17:36:54:08:d8:31:25:a4:50:68:37:7b:78:89:8e:43:b6:09:
         af:23:e5:41:6c:98:f4:83:d9:8b:5c:ed:1d:1a:d6:fd:eb:6d:
         f7:14:fe:90:ab:64:77:33:f5:8c:f1:0e:65:9a:ae:ab:6b:82:
         86:a5:e1:6d:de:35:1e:00:6e:3f:be:ef:be:b8:9c:45:11:50:
         39:88:36:06:b0:f3:55:f8:17:5d:66:4b:de:aa:f1:4f:b0:5d:
         64:1c:e0:c5:e8:f1:13:3e:a1:3e:bf:fe:a1:ae:1e:0c:4d:e6:
         bc:d2:20:d1:bd:25:91:31:52:0a:f3:2f:c8:f9:d6:d2:77:0b:
         de:3f:e3:28:1a:05:84:9a:24:8c:3f:44:5d:80:6c:94:1f:33:
         d9:16:83:61:54:c1:8b:94:02:ec:6e:c4:38:25:24:61:56:f1:
         f1:02:7e:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi5jOQZzJZdKiiDLwBVpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYmJjMjEzYzZmOTBiZDhmMDA3MTM5ZWFlNmZlMGNhZmE0
MzVlY2UwHhcNMjMwMTAxMjI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQyZTFjNzQwOTczODRkM2Q2M2E5NTg2NDljNmU0NjYwNjZjYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtbEQMPbY7xjHc0gHZQoqljHnxYj
nwxB6c7yJDG57H3uIIcA6olazlHlcB9jtlAKRbj8fuNOnjxm42PLW1q0QfM/O0cr
phbI4uteDsFnmj2jpf5AksUvXA/NTCbAw/sVfwx+dWhWV+QH2B1YLM/5Ga2Ckj0v
Z2DJaaQettVHw/jYC0jm8UjdSf+FQKNPNKl6V0R4gwKFLluWKxAcNer5YpgSSxaK
IxsrTIO2oYxn6oYXakaPfTqKSXeswrjGM24ONTaKKAmAUiyU3luWgZJ3dH0NT6SF
w4VJjPaORBLoPs1+ttMiigzeqZLEbeYfNoG6Ok/NmocKVhvWF/XzeK3gkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITS4cdAlzhNPWOpWGScbkZgZsyMMB8GA1UdIwQY
MBaAFHO7whPG+QvY8AcTnq5v4Mr6Q17OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzd2Q0U4YjVDOWp3QnhPZXJtX2d5dnBEWHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83YTE2MGUtYTU2ZC00MWM4LTg5MzAt
OTU4MTdlZTk0NGNlLzEvaE5MaHgwQ1hPRTA5WTZsWVpKeHVSbUJtekl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83YTE2MGUtYTU2ZC00MWM4LTg5MzAtOTU4MTdlZTk0NGNl
LzEvYzd2Q0U4YjVDOWp3QnhPZXJtX2d5dnBEWHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+A8MA0G
CSqGSIb3DQEBCwUAA4IBAQBQ85xxeebJ9QaM5oMeV+B3z7lRswvKixcGCw7bSLf3
d3AUZ4wKL4lfU7FqvNXe5v59hysmzIKD8welI0Ubao508Twx1W6kEsJu6t/oYSmP
NZR8kFGaPDwwvPQXNlQI2DElpFBoN3t4iY5DtgmvI+VBbJj0g9mLXO0dGtb96233
FP6Qq2R3M/WM8Q5lmq6ra4KGpeFt3jUeAG4/vu++uJxFEVA5iDYGsPNV+BddZkve
qvFPsF1kHODF6PETPqE+v/6hrh4MTea80iDRvSWRMVIK8y/I+dbSdwveP+MoGgWE
miSMP0RdgGyUHzPZFoNhVMGLlALsbsQ4JSRhVvHxAn47
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:49 2024 by rpki-client on console-ams.rpki-client.org