Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WMLyp4k0fUNgF-caZ5gu_nAJCsc.roa
File:                     WMLyp4k0fUNgF-caZ5gu_nAJCsc.roa (raw, json)
Hash identifier:          QLdKOOJKSOZjpF42eR68rnnNLVil45cPHg/X+wY1PA8=
Subject key identifier:   58:C2:F2:A7:89:34:7D:43:60:17:E7:1A:67:98:2E:FE:70:09:0A:C7
Certificate issuer:       /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial:       018570397C60E7AACBB0E55D0084D9DFA534
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WMLyp4k0fUNgF-caZ5gu_nAJCsc.roa
Signing time:             Mon 02 Jan 2023 02:04:53 +0000
ROA not before:           Mon 02 Jan 2023 02:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205161
IP address blocks:        91.203.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:7c:60:e7:aa:cb:b0:e5:5d:00:84:d9:df:a5:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
        Validity
            Not Before: Jan  2 02:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58c2f2a789347d436017e71a67982efe70090ac7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3a:41:ec:b9:dc:c2:3d:ec:9c:3b:ad:51:02:
                    6b:56:cf:7a:3a:06:05:03:68:e2:de:fe:6a:1a:29:
                    44:45:52:af:d4:f5:d0:4b:33:d9:8a:1a:21:96:bf:
                    58:07:80:9d:0d:04:1a:db:e5:86:f0:ae:ae:04:f3:
                    57:48:7e:1e:ba:70:6f:1c:11:62:0d:b3:98:a1:ef:
                    71:9d:f4:d5:e3:63:03:26:2e:13:16:c9:6a:4b:c1:
                    c1:2e:5d:e6:98:5e:71:9f:d4:42:b5:12:17:87:0e:
                    5b:bc:12:7a:02:04:db:89:ba:28:15:93:4f:c5:8e:
                    5a:1a:ed:46:6f:8d:3d:8d:f0:b4:9a:65:1e:60:e0:
                    e5:a1:c9:29:51:d2:27:a3:40:97:e3:85:0c:3a:71:
                    9f:ad:cb:0b:09:d4:5c:53:04:df:b5:4d:98:c4:74:
                    8c:df:2a:93:e5:f2:d5:1b:0b:24:75:87:4a:a2:1f:
                    72:3e:b4:d8:0f:58:a7:e0:0b:45:c1:25:94:26:de:
                    ad:f2:97:99:c7:15:61:74:dc:48:b4:78:35:9e:23:
                    b9:dd:2c:b3:41:01:a3:ae:e0:88:eb:39:b3:1b:43:
                    b4:9f:63:bb:ac:63:fd:38:94:db:7f:1e:df:59:28:
                    92:6b:e0:e7:f5:2b:dd:63:d8:cc:fe:22:67:44:5b:
                    bb:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:C2:F2:A7:89:34:7D:43:60:17:E7:1A:67:98:2E:FE:70:09:0A:C7
            X509v3 Authority Key Identifier:
                keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WMLyp4k0fUNgF-caZ5gu_nAJCsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.203.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:d8:1d:f4:bf:c6:e6:96:8a:b9:6a:89:61:35:36:7c:7a:1a:
         7e:ce:99:38:7c:3d:f4:4e:d1:38:d2:10:f6:86:d4:ca:f9:7d:
         aa:ad:b4:b3:aa:ee:58:9d:9b:fb:ab:c7:a9:a8:98:d3:77:a9:
         7b:de:23:93:c3:fa:9b:30:a1:6b:a9:6a:15:e7:d1:8a:3c:ff:
         98:09:46:d6:98:4a:4a:2d:2c:89:be:08:1e:a7:7d:e4:b8:34:
         6f:fe:b1:64:a6:ce:4a:ad:e1:a8:53:60:0d:39:e0:9c:3c:e5:
         86:8a:1c:0d:f4:a9:a7:bc:b1:4b:d5:7f:dd:af:77:84:c8:08:
         a4:33:ee:e6:65:6f:36:90:a2:9e:41:03:a8:19:fe:d0:80:91:
         d1:76:e6:02:bf:29:a6:b6:6f:02:83:c7:1d:1b:d0:6b:9e:4e:
         b3:44:7a:cc:ff:ea:af:cf:2f:64:54:7c:46:4e:88:77:7a:1b:
         39:14:2e:2f:c1:cc:2e:c5:75:29:4c:58:31:23:d5:00:b5:b1:
         68:03:b8:17:84:69:cb:a5:1c:2e:ae:8c:28:af:49:ca:98:7b:
         4d:fe:3f:43:bd:53:ba:9c:43:05:39:cc:a8:7f:ee:01:92:de:
         7d:9b:87:a1:12:18:87:ab:62:82:ff:2a:54:39:29:75:b3:4e:
         8e:42:3b:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOXxg56rLsOVdAITZ36U0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTI2YTczY2U4ZjlmNjJjMTRhMTFhMmVhOTEzZWMyNzNk
NThjNDYwHhcNMjMwMTAyMDIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGMyZjJhNzg5MzQ3ZDQzNjAxN2U3MWE2Nzk4MmVmZTcwMDkwYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujpB7Lncwj3snDutUQJrVs96OgYF
A2ji3v5qGilERVKv1PXQSzPZihohlr9YB4CdDQQa2+WG8K6uBPNXSH4eunBvHBFi
DbOYoe9xnfTV42MDJi4TFslqS8HBLl3mmF5xn9RCtRIXhw5bvBJ6AgTbibooFZNP
xY5aGu1Gb409jfC0mmUeYODlockpUdIno0CX44UMOnGfrcsLCdRcUwTftU2YxHSM
3yqT5fLVGwskdYdKoh9yPrTYD1in4AtFwSWUJt6t8peZxxVhdNxItHg1niO53Syz
QQGjruCI6zmzG0O0n2O7rGP9OJTbfx7fWSiSa+Dn9SvdY9jM/iJnRFu7JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFjC8qeJNH1DYBfnGmeYLv5wCQrHMB8GA1UdIwQY
MBaAFJpSanPOj59iwUoRouqRPsJz1YxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMt
N2QxNmI5MGRiZTcyLzEvV01MeXA0azBmVU5nRi1jYVo1Z3VfbkFKQ3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMtN2QxNmI5MGRiZTcy
LzEvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8vhMA0G
CSqGSIb3DQEBCwUAA4IBAQAC2B30v8bmloq5aolhNTZ8ehp+zpk4fD30TtE40hD2
htTK+X2qrbSzqu5YnZv7q8epqJjTd6l73iOTw/qbMKFrqWoV59GKPP+YCUbWmEpK
LSyJvggep33kuDRv/rFkps5KreGoU2ANOeCcPOWGihwN9KmnvLFL1X/dr3eEyAik
M+7mZW82kKKeQQOoGf7QgJHRduYCvymmtm8Cg8cdG9Brnk6zRHrM/+qvzy9kVHxG
Toh3ehs5FC4vwcwuxXUpTFgxI9UAtbFoA7gXhGnLpRwurowor0nKmHtN/j9DvVO6
nEMFOcyof+4Bkt59m4ehEhiHq2KC/ypUOSl1s06OQjs8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:01 2024 by rpki-client on console-fra.rpki-client.org