Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/RalXtrrMyL_F0sS6ZkV9zPmyE-M.roa
File:                     RalXtrrMyL_F0sS6ZkV9zPmyE-M.roa (raw, json)
Hash identifier:          CR56E8pxu32dQRCivK7aBFFcgctdpup7XPRDJJstLr4=
Subject key identifier:   45:A9:57:B6:BA:CC:C8:BF:C5:D2:C4:BA:66:45:7D:CC:F9:B2:13:E3
Certificate issuer:       /CN=2ebff6cfb8326b447295a11b107868212e665fdd
Certificate serial:       018B065A73A7336B7849B4B9EDF6062C6001
Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/RalXtrrMyL_F0sS6ZkV9zPmyE-M.roa
Signing time:             Fri 06 Oct 2023 18:57:52 +0000
ROA not before:           Fri 06 Oct 2023 18:57:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56428
IP address blocks:        91.223.136.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:06:5a:73:a7:33:6b:78:49:b4:b9:ed:f6:06:2c:60:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd
        Validity
            Not Before: Oct  6 18:57:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=45a957b6baccc8bfc5d2c4ba66457dccf9b213e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:09:4e:9d:83:b4:49:4a:27:0e:b8:62:9d:ae:
                    b4:a0:61:77:57:46:28:de:47:94:07:e0:84:cd:62:
                    89:77:db:be:01:bf:e8:53:96:a4:d2:de:df:ea:1b:
                    96:e6:fe:75:d3:32:8d:06:fb:18:9d:45:b4:1b:90:
                    59:36:a1:99:07:f4:9d:de:61:83:97:73:bb:34:10:
                    b1:d3:3d:6b:07:26:46:75:bc:04:5e:8c:59:28:18:
                    24:6f:9e:3a:20:c5:36:c8:42:69:a5:ea:6c:40:60:
                    85:26:3b:d4:87:4e:fe:6d:b8:7c:52:61:40:94:f2:
                    68:d4:99:49:7d:9e:16:ba:bf:7f:d3:92:fc:8d:2e:
                    9e:42:09:e7:7c:0e:6a:3b:47:06:30:65:03:49:ee:
                    1a:be:8a:26:04:af:7f:45:5e:5b:68:b1:0e:d1:44:
                    7b:ea:04:0c:98:a5:8c:ab:8a:91:cd:32:0c:2c:be:
                    36:15:41:b5:62:d5:86:35:57:c9:62:c8:2c:ee:44:
                    2c:36:63:14:ea:4a:1b:cb:e8:92:75:6c:b0:67:c1:
                    2d:a2:65:33:b1:9e:4b:c0:b6:26:da:d6:3c:b9:ac:
                    60:f0:e1:b1:0d:38:23:5e:48:26:5e:33:09:b5:f5:
                    5f:b3:d9:d4:7d:75:4e:90:e6:5a:74:c1:99:97:3c:
                    99:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:A9:57:B6:BA:CC:C8:BF:C5:D2:C4:BA:66:45:7D:CC:F9:B2:13:E3
            X509v3 Authority Key Identifier:
                keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/RalXtrrMyL_F0sS6ZkV9zPmyE-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:cc:32:2c:74:27:b3:1f:f6:86:ca:0a:7c:62:fe:83:8b:fb:
         3f:fc:ea:97:1c:da:72:d0:2b:01:9f:9d:bd:36:74:60:9f:0e:
         79:5d:56:71:4c:d7:20:8c:70:0f:8d:24:45:27:8f:0b:13:fb:
         1b:03:8d:fa:e9:7f:c2:09:31:d9:84:dd:03:41:2f:f1:11:e9:
         9a:7d:27:fb:05:0b:53:cb:99:8c:c5:a3:81:70:fb:6b:30:17:
         fe:39:3f:8d:ff:6c:91:58:c7:c0:d1:51:3f:df:c7:7b:1d:fa:
         c9:d0:09:ed:93:e9:72:3b:e4:be:2a:c3:de:d5:90:d1:aa:8e:
         9f:15:27:c7:50:fc:90:4e:ec:ae:c6:f5:8b:d1:f0:ad:93:b1:
         62:a3:18:e8:15:cf:90:58:64:b2:fb:d3:f1:08:fa:90:06:46:
         e2:7a:7b:33:76:38:a1:e1:a1:af:54:d6:04:33:12:58:38:43:
         8c:70:98:9f:f4:e2:31:72:3f:22:34:fd:ee:34:44:b8:97:6c:
         ff:ac:06:d4:2a:bf:f9:eb:68:fd:9d:22:ed:9f:68:71:44:f0:
         2f:4d:19:2c:b6:c8:e7:a5:d1:d2:54:68:17:b4:55:1d:72:d4:
         90:68:11:61:e3:4d:a9:21:6f:1b:3e:a8:0c:ff:49:b0:39:41:
         df:ee:08:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsGWnOnM2t4SbS57fYGLGABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2
NjVmZGQwHhcNMjMxMDA2MTg1NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWE5NTdiNmJhY2NjOGJmYzVkMmM0YmE2NjQ1N2RjY2Y5YjIxM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQlOnYO0SUonDrhina60oGF3V0Yo
3keUB+CEzWKJd9u+Ab/oU5ak0t7f6huW5v510zKNBvsYnUW0G5BZNqGZB/Sd3mGD
l3O7NBCx0z1rByZGdbwEXoxZKBgkb546IMU2yEJppepsQGCFJjvUh07+bbh8UmFA
lPJo1JlJfZ4Wur9/05L8jS6eQgnnfA5qO0cGMGUDSe4avoomBK9/RV5baLEO0UR7
6gQMmKWMq4qRzTIMLL42FUG1YtWGNVfJYsgs7kQsNmMU6koby+iSdWywZ8EtomUz
sZ5LwLYm2tY8uaxg8OGxDTgjXkgmXjMJtfVfs9nUfXVOkOZadMGZlzyZMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEWpV7a6zMi/xdLEumZFfcz5shPjMB8GA1UdIwQY
MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt
YTc4NmNlYmUyMGQzLzEvUmFsWHRyck15TF9GMHNTNlprVjl6UG15RS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz
LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+IMA0G
CSqGSIb3DQEBCwUAA4IBAQBuzDIsdCezH/aGygp8Yv6Di/s//OqXHNpy0CsBn529
NnRgnw55XVZxTNcgjHAPjSRFJ48LE/sbA4366X/CCTHZhN0DQS/xEemafSf7BQtT
y5mMxaOBcPtrMBf+OT+N/2yRWMfA0VE/38d7HfrJ0Antk+lyO+S+KsPe1ZDRqo6f
FSfHUPyQTuyuxvWL0fCtk7FioxjoFc+QWGSy+9PxCPqQBkbienszdjih4aGvVNYE
MxJYOEOMcJif9OIxcj8iNP3uNES4l2z/rAbUKr/562j9nSLtn2hxRPAvTRkstsjn
pdHSVGgXtFUdctSQaBFh402pIW8bPqgM/0mwOUHf7ggz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org