Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/c98b87-1857-44bd-8b0c-78d833e4146a/1/nSDHJ7MZDJ1rAUQWp4hN05KN7B8.roa
File:                     nSDHJ7MZDJ1rAUQWp4hN05KN7B8.roa (raw, json)
Hash identifier:          7dy5wVN41iR/qoV61y86i5TNpW4tSNr3SIT5UkmYUTM=
Subject key identifier:   9D:20:C7:27:B3:19:0C:9D:6B:01:44:16:A7:88:4D:D3:92:8D:EC:1F
Certificate issuer:       /CN=a1411f56875b4cb7a58cee6cb607ee251cbdf980
Certificate serial:       01856F14B6FD8A28C119AA02B3F4976E004D
Authority key identifier: A1:41:1F:56:87:5B:4C:B7:A5:8C:EE:6C:B6:07:EE:25:1C:BD:F9:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUEfVodbTLeljO5stgfuJRy9-YA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/c98b87-1857-44bd-8b0c-78d833e4146a/1/nSDHJ7MZDJ1rAUQWp4hN05KN7B8.roa
Signing time:             Sun 01 Jan 2023 20:45:06 +0000
ROA not before:           Sun 01 Jan 2023 20:45:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21430
IP address blocks:        91.234.162.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:b6:fd:8a:28:c1:19:aa:02:b3:f4:97:6e:00:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1411f56875b4cb7a58cee6cb607ee251cbdf980
        Validity
            Not Before: Jan  1 20:45:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d20c727b3190c9d6b014416a7884dd3928dec1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:bd:33:ab:c8:c8:eb:2e:99:6d:35:17:b0:7e:
                    85:5a:f8:ea:8f:74:15:59:c3:bd:20:0a:88:fa:70:
                    5e:f9:f0:6a:cd:6e:fb:2a:63:d6:02:da:2a:21:1a:
                    ef:ad:df:1b:de:ec:3a:6c:09:be:22:13:42:c9:64:
                    5f:59:b8:a1:01:ae:de:ac:8f:a9:55:5d:d1:5a:59:
                    9f:09:91:28:01:f7:9b:8d:d3:77:62:8c:d1:6c:a8:
                    e3:f8:46:f8:8b:b0:39:5d:9e:85:fc:6f:f1:f7:8f:
                    91:ae:d8:33:b3:ce:72:13:fd:e0:00:3e:57:7e:65:
                    ab:aa:dc:cb:bd:88:ff:be:9a:f0:96:9c:1c:e0:19:
                    4f:ac:f5:b4:b9:76:f7:ca:d4:9c:6b:f7:5d:8b:b9:
                    e1:b4:12:c6:a6:d9:4d:88:8d:70:56:30:19:83:a9:
                    63:39:d6:7d:f7:a1:90:3a:70:3d:6b:2c:31:b4:1a:
                    70:59:8d:58:5a:07:90:d7:6b:40:d0:18:a6:1c:ea:
                    31:92:e5:ec:c4:2c:df:15:25:22:52:a7:35:6c:1e:
                    e9:54:98:fc:cb:9c:6a:7f:a2:1b:37:37:00:82:3d:
                    71:df:64:93:34:e3:5b:72:6c:6e:71:a6:5b:d8:7a:
                    7b:a4:46:b3:5d:6c:ad:e9:44:d0:11:13:10:cc:a4:
                    69:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:20:C7:27:B3:19:0C:9D:6B:01:44:16:A7:88:4D:D3:92:8D:EC:1F
            X509v3 Authority Key Identifier:
                keyid:A1:41:1F:56:87:5B:4C:B7:A5:8C:EE:6C:B6:07:EE:25:1C:BD:F9:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUEfVodbTLeljO5stgfuJRy9-YA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/c98b87-1857-44bd-8b0c-78d833e4146a/1/nSDHJ7MZDJ1rAUQWp4hN05KN7B8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/c98b87-1857-44bd-8b0c-78d833e4146a/1/oUEfVodbTLeljO5stgfuJRy9-YA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.234.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:d3:f4:aa:4e:09:3b:c3:c6:fc:fa:ae:e7:bd:4a:0e:88:c2:
         d6:ec:36:cf:9e:41:0f:96:ee:de:fa:fa:c5:7c:8c:a0:37:04:
         5f:55:5f:11:e7:a0:0b:65:e0:dc:db:e4:fb:9d:86:31:7e:e2:
         8e:54:bc:e1:a4:9b:91:69:35:ca:02:4c:59:a0:ef:0a:aa:73:
         af:d7:f6:c7:48:a6:c5:1a:13:1f:ac:8f:97:5b:f2:97:8d:ff:
         77:7f:79:ca:10:05:a8:09:de:4a:65:03:4c:12:6a:92:9a:5a:
         c0:2c:f3:de:1d:c5:bf:0c:33:94:36:ae:3c:16:23:3f:99:75:
         ac:15:50:65:1a:51:d7:6b:06:46:75:cc:d9:a2:b9:a3:5d:a1:
         4d:99:cb:08:9f:ae:32:90:c2:8b:7d:01:f3:df:b0:d2:d8:88:
         1c:56:07:9e:32:cb:04:22:a5:10:f1:15:d2:d7:b4:aa:47:db:
         76:54:51:5b:01:a7:26:3d:55:bd:0e:5a:da:b6:a4:35:70:1e:
         b8:20:66:5c:5c:50:d2:8e:e0:d4:a0:a4:a6:ac:e4:0f:8d:6b:
         b9:7a:81:82:b0:cd:fb:a3:d7:f5:4a:55:0c:c6:43:96:7b:06:
         16:a6:51:14:48:01:d3:46:2e:c7:80:de:6a:8a:a3:6f:16:81:
         7e:e9:85:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFLb9iijBGaoCs/SXbgBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDExZjU2ODc1YjRjYjdhNThjZWU2Y2I2MDdlZTI1MWNi
ZGY5ODAwHhcNMjMwMTAxMjA0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDIwYzcyN2IzMTkwYzlkNmIwMTQ0MTZhNzg4NGRkMzkyOGRlYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb0zq8jI6y6ZbTUXsH6FWvjqj3QV
WcO9IAqI+nBe+fBqzW77KmPWAtoqIRrvrd8b3uw6bAm+IhNCyWRfWbihAa7erI+p
VV3RWlmfCZEoAfebjdN3YozRbKjj+Eb4i7A5XZ6F/G/x94+Rrtgzs85yE/3gAD5X
fmWrqtzLvYj/vprwlpwc4BlPrPW0uXb3ytSca/ddi7nhtBLGptlNiI1wVjAZg6lj
OdZ996GQOnA9aywxtBpwWY1YWgeQ12tA0BimHOoxkuXsxCzfFSUiUqc1bB7pVJj8
y5xqf6IbNzcAgj1x32STNONbcmxucaZb2Hp7pEazXWyt6UTQERMQzKRpdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0gxyezGQydawFEFqeITdOSjewfMB8GA1UdIwQY
MBaAFKFBH1aHW0y3pYzubLYH7iUcvfmAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VFZlZvZGJUTGVsak81c3RnZnVKUnk5LVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9jOThiODctMTg1Ny00NGJkLThiMGMt
NzhkODMzZTQxNDZhLzEvblNESEo3TVpESjFyQVVRV3A0aE4wNUtON0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9jOThiODctMTg1Ny00NGJkLThiMGMtNzhkODMzZTQxNDZh
LzEvb1VFZlZvZGJUTGVsak81c3RnZnVKUnk5LVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+qiMA0G
CSqGSIb3DQEBCwUAA4IBAQBN0/SqTgk7w8b8+q7nvUoOiMLW7DbPnkEPlu7e+vrF
fIygNwRfVV8R56ALZeDc2+T7nYYxfuKOVLzhpJuRaTXKAkxZoO8KqnOv1/bHSKbF
GhMfrI+XW/KXjf93f3nKEAWoCd5KZQNMEmqSmlrALPPeHcW/DDOUNq48FiM/mXWs
FVBlGlHXawZGdczZormjXaFNmcsIn64ykMKLfQHz37DS2IgcVgeeMssEIqUQ8RXS
17SqR9t2VFFbAacmPVW9DlratqQ1cB64IGZcXFDSjuDUoKSmrOQPjWu5eoGCsM37
o9f1SlUMxkOWewYWplEUSAHTRi7HgN5qiqNvFoF+6YWo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:10 2024 by rpki-client on console-fra.rpki-client.org