Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/U47wJJ5cV-PoUYZLTDnHD8pkJPU.roa
File:                     U47wJJ5cV-PoUYZLTDnHD8pkJPU.roa (raw, json)
Hash identifier:          h9C0dMVzaECB8LWBAjnGJ6g81Wgm5VTnbvio4zdON6c=
Subject key identifier:   53:8E:F0:24:9E:5C:57:E3:E8:51:86:4B:4C:39:C7:0F:CA:64:24:F5
Certificate issuer:       /CN=6ef4874994de7a14e4b584f6d2b96b2d991b1e91
Certificate serial:       018CC2DAFA5FC8EA525048048C029B8CE16F
Authority key identifier: 6E:F4:87:49:94:DE:7A:14:E4:B5:84:F6:D2:B9:6B:2D:99:1B:1E:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/U47wJJ5cV-PoUYZLTDnHD8pkJPU.roa
Signing time:             Mon 01 Jan 2024 02:29:39 +0000
ROA not before:           Mon 01 Jan 2024 02:29:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35625
IP address blocks:        91.225.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 May 2024 21:05:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:fa:5f:c8:ea:52:50:48:04:8c:02:9b:8c:e1:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ef4874994de7a14e4b584f6d2b96b2d991b1e91
        Validity
            Not Before: Jan  1 02:29:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=538ef0249e5c57e3e851864b4c39c70fca6424f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:97:48:99:43:ac:a7:44:a0:87:54:d8:ee:f0:
                    a7:3f:49:8d:86:38:8b:80:03:22:fe:01:f7:09:89:
                    36:de:32:99:fe:8d:15:5c:b1:3c:7a:2d:64:b3:dd:
                    ed:18:a5:d6:0f:c8:d5:cc:1b:e0:df:51:05:8b:b0:
                    99:ae:cd:29:87:fd:02:72:f2:4c:b9:d8:97:57:11:
                    cf:59:0a:42:c4:eb:ae:fc:b7:ee:de:bd:b5:03:bf:
                    dc:41:66:1c:64:73:ac:17:f9:f8:69:04:50:83:85:
                    d2:10:29:6c:f3:58:6b:c2:eb:1f:85:db:01:b5:70:
                    b3:fb:b1:22:69:ee:45:6c:ac:b3:f2:2f:20:31:28:
                    1f:fc:6c:86:e1:1c:df:78:ef:fe:34:bf:02:d5:cb:
                    74:79:fc:64:2e:19:ba:01:7a:9f:16:8b:97:4b:75:
                    ca:b5:1f:71:f6:d9:c8:24:47:04:ed:79:ab:5d:c1:
                    60:4b:7b:e3:d3:20:6b:18:23:f8:b5:62:e4:2d:66:
                    84:02:00:1a:05:b7:7a:e1:f8:7a:7c:a3:36:f9:9d:
                    72:1b:86:bf:f2:82:09:2d:62:d7:11:12:df:d4:ca:
                    7f:dc:9b:a3:2a:90:50:36:c0:da:d4:a3:5e:9a:2f:
                    7c:11:fa:8e:65:d6:05:cf:50:f9:bf:bd:2f:5c:f5:
                    b6:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:8E:F0:24:9E:5C:57:E3:E8:51:86:4B:4C:39:C7:0F:CA:64:24:F5
            X509v3 Authority Key Identifier:
                keyid:6E:F4:87:49:94:DE:7A:14:E4:B5:84:F6:D2:B9:6B:2D:99:1B:1E:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/U47wJJ5cV-PoUYZLTDnHD8pkJPU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/bvSHSZTeehTktYT20rlrLZkbHpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:68:1f:b1:e9:cf:05:7d:78:3f:7b:1a:54:b1:09:56:0b:92:
         47:34:a3:f2:ee:24:c4:a9:12:a0:70:c6:4a:7d:7b:c7:4e:76:
         d6:d1:c4:41:6e:c5:c3:e9:a7:9d:f7:90:7a:76:33:2c:34:e4:
         5d:95:cb:fe:07:8a:b5:8c:cd:36:8f:b5:28:9e:e9:a6:3a:9c:
         c0:54:92:a5:be:c6:61:ff:75:d6:b4:d7:9b:3c:c6:e4:9d:e7:
         8f:8d:58:f1:24:8f:9a:45:fa:a6:45:ba:40:72:8f:b9:d5:f4:
         8a:85:1c:7e:b6:82:2e:4d:08:7a:98:2d:77:ea:a1:0c:c9:c5:
         fa:01:ab:77:8b:08:09:b8:e1:ac:97:5b:f2:0e:c3:ff:6b:c6:
         31:a1:8e:78:af:73:31:5b:39:12:16:40:19:a0:4b:cd:55:07:
         0c:ea:ea:54:8d:96:96:d1:bc:77:33:25:75:a2:36:8c:ec:12:
         5b:b7:34:04:8c:91:44:9d:e1:0d:a0:c4:78:29:88:6c:4b:43:
         14:94:3a:8d:fa:bd:4f:b4:37:3c:19:7d:7d:bd:53:50:e0:a1:
         ba:9e:f7:e1:5d:59:cd:4f:ab:5f:12:8b:bb:3d:ec:cc:82:52:
         78:0c:d6:95:ac:25:ec:d1:45:4a:dc:91:ce:63:dd:45:2b:8d:
         02:50:8f:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2vpfyOpSUEgEjAKbjOFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZjQ4NzQ5OTRkZTdhMTRlNGI1ODRmNmQyYjk2YjJkOTkx
YjFlOTEwHhcNMjQwMTAxMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzhlZjAyNDllNWM1N2UzZTg1MTg2NGI0YzM5YzcwZmNhNjQyNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JdImUOsp0Sgh1TY7vCnP0mNhjiL
gAMi/gH3CYk23jKZ/o0VXLE8ei1ks93tGKXWD8jVzBvg31EFi7CZrs0ph/0CcvJM
udiXVxHPWQpCxOuu/Lfu3r21A7/cQWYcZHOsF/n4aQRQg4XSECls81hrwusfhdsB
tXCz+7Eiae5FbKyz8i8gMSgf/GyG4RzfeO/+NL8C1ct0efxkLhm6AXqfFouXS3XK
tR9x9tnIJEcE7XmrXcFgS3vj0yBrGCP4tWLkLWaEAgAaBbd64fh6fKM2+Z1yG4a/
8oIJLWLXERLf1Mp/3JujKpBQNsDa1KNemi98EfqOZdYFz1D5v70vXPW2PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFOO8CSeXFfj6FGGS0w5xw/KZCT1MB8GA1UdIwQY
MBaAFG70h0mU3noU5LWE9tK5ay2ZGx6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnZTSFNaVGVlaFRrdFlUMjBybHJMWmtiSHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8zMTE1MDgtZDVhMi00ZGM1LWJjOTMt
NTBlNzQ2NDI0NjMwLzEvVTQ3d0pKNWNWLVBvVVlaTFREbkhEOHBrSlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8zMTE1MDgtZDVhMi00ZGM1LWJjOTMtNTBlNzQ2NDI0NjMw
LzEvYnZTSFNaVGVlaFRrdFlUMjBybHJMWmtiSHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+EBMA0G
CSqGSIb3DQEBCwUAA4IBAQBCaB+x6c8FfXg/expUsQlWC5JHNKPy7iTEqRKgcMZK
fXvHTnbW0cRBbsXD6aed95B6djMsNORdlcv+B4q1jM02j7UonummOpzAVJKlvsZh
/3XWtNebPMbkneePjVjxJI+aRfqmRbpAco+51fSKhRx+toIuTQh6mC136qEMycX6
Aat3iwgJuOGsl1vyDsP/a8YxoY54r3MxWzkSFkAZoEvNVQcM6upUjZaW0bx3MyV1
ojaM7BJbtzQEjJFEneENoMR4KYhsS0MUlDqN+r1PtDc8GX19vVNQ4KG6nvfhXVnN
T6tfEou7PezMglJ4DNaVrCXs0UVK3JHOY91FK40CUI9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:04 2024 by rpki-client on console-fra.rpki-client.org