Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/U43glddsqjXTu3y5hqe6C9bTDJY.roa
File:                     U43glddsqjXTu3y5hqe6C9bTDJY.roa (raw, json)
Hash identifier:          LoA9St6dFnJzomKKcjNo6ySvh8tztrjws6PvIZNlEg4=
Subject key identifier:   53:8D:E0:95:D7:6C:AA:35:D3:BB:7C:B9:86:A7:BA:0B:D6:D3:0C:96
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C2D27A88DF7142B5921440B86DA8D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/U43glddsqjXTu3y5hqe6C9bTDJY.roa
Signing time:             Mon 02 Jan 2023 05:55:01 +0000
ROA not before:           Mon 02 Jan 2023 05:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202306
IP address blocks:        91.103.252.0/24 maxlen: 24
                          2a04:5200:5977::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 21 Apr 2023 13:40:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:2d:27:a8:8d:f7:14:2b:59:21:44:0b:86:da:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=538de095d76caa35d3bb7cb986a7ba0bd6d30c96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:6d:63:98:22:b2:cf:68:8e:8f:49:f3:ed:09:
                    6d:f5:c3:c7:c1:37:c8:20:a7:d6:9c:5e:88:a6:54:
                    5e:df:18:13:a8:6f:63:06:da:e1:2e:eb:aa:4e:8d:
                    20:90:82:8d:5d:0e:8c:b1:19:d9:db:15:ac:74:d7:
                    f6:cd:ea:11:ea:f2:15:7f:6c:3d:81:c9:88:2f:89:
                    f9:7b:d1:a3:28:7c:e8:0e:c3:46:46:2f:76:5c:47:
                    b9:cf:21:bb:82:c7:a7:26:a4:d4:86:f1:41:81:6a:
                    6b:00:07:f4:1c:a7:8f:79:55:24:4e:60:c3:a0:b2:
                    be:ae:a2:1b:58:13:9a:2f:4a:47:37:e2:c8:d0:06:
                    ed:4f:4b:e8:e4:5e:8f:56:d5:62:49:1b:7d:05:11:
                    e5:7b:e0:ad:b8:0a:6b:63:1c:7c:30:f5:50:f3:ce:
                    3d:c3:16:f2:81:03:9d:87:b5:50:42:a1:ef:60:5c:
                    bd:9c:03:bd:37:b5:90:7e:45:34:0d:b3:1e:dd:63:
                    cd:c0:e2:3d:2f:96:45:4c:d2:66:b8:69:35:9a:7d:
                    ee:27:5d:0d:ec:19:ed:a6:e6:97:f6:b6:eb:51:37:
                    27:32:c3:7d:f4:98:33:cd:08:44:84:fe:9c:12:46:
                    b2:f5:ac:f4:24:58:e4:f7:83:14:56:d3:05:f7:c9:
                    b3:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:8D:E0:95:D7:6C:AA:35:D3:BB:7C:B9:86:A7:BA:0B:D6:D3:0C:96
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/U43glddsqjXTu3y5hqe6C9bTDJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.103.252.0/24
                IPv6:
                  2a04:5200:5977::/48

    Signature Algorithm: sha256WithRSAEncryption
         2c:76:c0:42:9a:8a:18:9e:be:f5:ec:c2:98:ab:b3:df:a5:8a:
         6b:22:fc:d5:f7:a4:c4:0d:a7:19:5b:69:e4:f6:7f:e9:e7:93:
         96:65:a0:59:bc:9b:f4:f2:28:fc:e3:67:e0:e1:1e:bb:4e:2b:
         34:f1:ca:f6:7e:5f:6d:1a:8c:39:03:26:6e:a8:ad:a6:4d:46:
         6e:53:1f:cd:02:b9:aa:b9:0f:c2:75:73:d5:05:26:37:43:d5:
         1d:d6:ff:6a:ec:ea:84:5b:6d:80:64:1f:c8:6c:46:d9:43:f6:
         a6:94:6a:c2:39:7f:40:1d:40:e1:eb:de:c9:8f:76:e1:36:80:
         6a:87:04:43:cd:76:11:9d:14:24:67:fd:88:9e:89:8f:15:32:
         5d:f6:20:f5:e0:64:04:71:f0:74:72:bd:37:69:7b:45:e3:aa:
         9e:44:8a:29:4d:c7:db:44:6b:35:e6:bf:12:27:33:0a:72:bd:
         20:de:81:e3:90:ef:8e:e9:99:ce:6f:7d:09:03:ec:58:90:da:
         f4:e7:c2:e8:5f:75:d4:58:db:ae:1f:1d:d4:b7:50:8b:d6:60:
         06:f0:43:68:2d:fe:40:4e:7a:9e:35:75:4a:b6:70:d3:74:9d:
         05:92:2e:5d:d7:da:1d:5d:5c:62:3e:93:cb:d3:a4:ce:02:78:
         2f:09:49:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxDC0nqI33FCtZIUQLhtqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzhkZTA5NWQ3NmNhYTM1ZDNiYjdjYjk4NmE3YmEwYmQ2ZDMwYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA321jmCKyz2iOj0nz7Qlt9cPHwTfI
IKfWnF6IplRe3xgTqG9jBtrhLuuqTo0gkIKNXQ6MsRnZ2xWsdNf2zeoR6vIVf2w9
gcmIL4n5e9GjKHzoDsNGRi92XEe5zyG7gsenJqTUhvFBgWprAAf0HKePeVUkTmDD
oLK+rqIbWBOaL0pHN+LI0AbtT0vo5F6PVtViSRt9BRHle+CtuAprYxx8MPVQ8849
wxbygQOdh7VQQqHvYFy9nAO9N7WQfkU0DbMe3WPNwOI9L5ZFTNJmuGk1mn3uJ10N
7BntpuaX9rbrUTcnMsN99JgzzQhEhP6cEkay9az0JFjk94MUVtMF98mzbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFON4JXXbKo107t8uYanugvW0wyWMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVTQzZ2xkZHNxalhUdTN5NWhxZTZDOWJUREpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW2f8MA8E
AgACMAkDBwAqBFIAWXcwDQYJKoZIhvcNAQELBQADggEBACx2wEKaihievvXswpir
s9+limsi/NX3pMQNpxlbaeT2f+nnk5ZloFm8m/TyKPzjZ+DhHrtOKzTxyvZ+X20a
jDkDJm6oraZNRm5TH80Cuaq5D8J1c9UFJjdD1R3W/2rs6oRbbYBkH8hsRtlD9qaU
asI5f0AdQOHr3smPduE2gGqHBEPNdhGdFCRn/YieiY8VMl32IPXgZARx8HRyvTdp
e0Xjqp5EiilNx9tEazXmvxInMwpyvSDegeOQ747pmc5vfQkD7FiQ2vTnwuhfddRY
264fHdS3UIvWYAbwQ2gt/kBOep41dUq2cNN0nQWSLl3X2h1dXGI+k8vTpM4CeC8J
Sbw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org