Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/e477bd-ac8b-455d-bc7f-eddac0c7a1f2/1/LkVGV28KxuoZWHIqYoc4aRc9Kfk.roa
File:                     LkVGV28KxuoZWHIqYoc4aRc9Kfk.roa (raw, json)
Hash identifier:          9gW6/WMCYZlz5vk29u1ybmy5sS9ywBbcA3wCpoQJ2bg=
Subject key identifier:   2E:45:46:57:6F:0A:C6:EA:19:58:72:2A:62:87:38:69:17:3D:29:F9
Certificate issuer:       /CN=2edc5783725d59501962aa2cb5b590c42b57df5e
Certificate serial:       01856D6617351F0FEABB89B5D11885E14CC9
Authority key identifier: 2E:DC:57:83:72:5D:59:50:19:62:AA:2C:B5:B5:90:C4:2B:57:DF:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LtxXg3JdWVAZYqostbWQxCtX314.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/e477bd-ac8b-455d-bc7f-eddac0c7a1f2/1/LkVGV28KxuoZWHIqYoc4aRc9Kfk.roa
Signing time:             Sun 01 Jan 2023 12:54:44 +0000
ROA not before:           Sun 01 Jan 2023 12:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41360
IP address blocks:        91.217.67.0/24 maxlen: 24
                          91.217.66.0/24 maxlen: 24
                          91.217.66.0/23 maxlen: 23
                          91.192.44.0/22 maxlen: 22
                          91.192.44.0/23 maxlen: 23
                          91.192.44.0/24 maxlen: 24
                          91.192.46.0/24 maxlen: 24
                          91.192.46.0/23 maxlen: 23
                          91.192.45.0/24 maxlen: 24
                          91.192.47.0/24 maxlen: 24
                          194.9.15.0/24 maxlen: 24
                          194.9.14.0/23 maxlen: 23
                          194.9.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:66:17:35:1f:0f:ea:bb:89:b5:d1:18:85:e1:4c:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2edc5783725d59501962aa2cb5b590c42b57df5e
        Validity
            Not Before: Jan  1 12:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2e4546576f0ac6ea1958722a62873869173d29f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:40:4a:b0:53:be:76:72:c7:63:69:59:84:e1:
                    b9:08:9c:5d:99:6e:e6:ec:9b:e7:10:ef:2e:7b:b0:
                    82:54:b4:05:56:7b:27:be:8f:6b:19:9a:0c:fc:01:
                    ca:52:ad:2e:64:ad:33:a6:0b:c7:7c:56:cf:04:2c:
                    a7:a2:19:88:4c:ec:dd:b4:cd:22:d3:9e:ed:4f:73:
                    64:97:80:b7:fa:e9:a6:70:a9:b5:da:47:07:1f:ac:
                    30:a6:da:4b:82:2d:bb:41:bf:fb:a4:b1:34:43:66:
                    f1:82:f7:3a:88:e6:fb:6e:e3:e2:ea:30:93:cb:a3:
                    77:6b:9b:aa:29:6a:20:5c:f1:93:64:6a:95:54:b2:
                    f7:8a:f9:90:b0:8b:6e:a2:b4:07:2f:01:4b:35:20:
                    0d:48:d1:62:02:8c:14:c4:2f:15:74:f9:20:6b:5a:
                    48:16:51:6c:9e:c5:67:cc:32:53:5d:07:d9:fd:11:
                    8b:ea:42:27:68:ca:d5:95:9e:06:8b:ed:9c:63:1e:
                    f0:17:e6:14:84:42:ba:68:38:13:03:e0:d9:ed:9e:
                    d2:04:5e:55:e9:b5:59:e1:02:53:12:b0:4a:aa:29:
                    a8:bb:c2:74:48:82:cb:0a:83:c1:b8:31:3d:23:35:
                    20:06:5d:f8:a5:dd:c2:58:c9:b0:61:c3:9a:a9:3c:
                    f3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:45:46:57:6F:0A:C6:EA:19:58:72:2A:62:87:38:69:17:3D:29:F9
            X509v3 Authority Key Identifier:
                keyid:2E:DC:57:83:72:5D:59:50:19:62:AA:2C:B5:B5:90:C4:2B:57:DF:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LtxXg3JdWVAZYqostbWQxCtX314.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/e477bd-ac8b-455d-bc7f-eddac0c7a1f2/1/LkVGV28KxuoZWHIqYoc4aRc9Kfk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/e477bd-ac8b-455d-bc7f-eddac0c7a1f2/1/LtxXg3JdWVAZYqostbWQxCtX314.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.44.0/22
                  91.217.66.0/23
                  194.9.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4c:bb:b2:b0:d6:51:92:11:87:3f:63:6b:37:6f:f8:17:60:80:
         20:06:cd:7c:50:f7:12:5f:73:74:5f:c1:c4:a9:8a:d3:ee:4b:
         6b:8f:a0:e6:49:a6:41:86:72:9b:82:b0:42:a5:0c:9b:4b:9b:
         85:fc:cb:ff:ad:b4:51:03:b2:47:b0:47:1e:b8:e0:fe:b3:a3:
         7c:b2:9e:d3:57:a8:05:19:f8:62:c7:b5:a2:c4:f4:e6:19:5d:
         bc:e9:cc:d3:ba:84:83:f6:25:21:19:c2:a1:67:b5:08:ee:47:
         4f:86:24:14:93:38:e9:cf:4e:c7:36:49:f8:0e:ac:4c:98:50:
         82:26:74:6f:89:b7:2a:f2:63:10:7b:cd:36:c3:25:9d:3a:ab:
         37:c1:42:9b:6c:69:77:e1:50:01:f1:16:f5:2b:37:35:9f:cb:
         c1:dc:f6:03:78:4c:78:63:8c:3c:41:6b:28:18:38:85:be:5c:
         46:51:62:7b:60:07:4c:0c:19:98:53:42:a1:6d:f9:ab:3f:66:
         c9:42:76:76:b9:d0:62:01:cc:5b:6d:57:b5:80:75:37:d1:bf:
         e2:76:d0:93:67:e5:52:f0:c4:e9:e9:2f:d9:ad:a1:18:22:26:
         04:04:a8:47:c5:0b:04:7d:0f:40:74:f5:21:d0:80:f6:ad:f9:
         3a:f4:e6:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtZhc1Hw/qu4m10RiF4UzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZGM1NzgzNzI1ZDU5NTAxOTYyYWEyY2I1YjU5MGM0MmI1
N2RmNWUwHhcNMjMwMTAxMTI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQ1NDY1NzZmMGFjNmVhMTk1ODcyMmE2Mjg3Mzg2OTE3M2QyOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEBKsFO+dnLHY2lZhOG5CJxdmW7m
7JvnEO8ue7CCVLQFVnsnvo9rGZoM/AHKUq0uZK0zpgvHfFbPBCynohmITOzdtM0i
057tT3Nkl4C3+ummcKm12kcHH6wwptpLgi27Qb/7pLE0Q2bxgvc6iOb7buPi6jCT
y6N3a5uqKWogXPGTZGqVVLL3ivmQsItuorQHLwFLNSANSNFiAowUxC8VdPkga1pI
FlFsnsVnzDJTXQfZ/RGL6kInaMrVlZ4Gi+2cYx7wF+YUhEK6aDgTA+DZ7Z7SBF5V
6bVZ4QJTErBKqimou8J0SILLCoPBuDE9IzUgBl34pd3CWMmwYcOaqTzzzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC5FRldvCsbqGVhyKmKHOGkXPSn5MB8GA1UdIwQY
MBaAFC7cV4NyXVlQGWKqLLW1kMQrV99eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHR4WGczSmRXVkFaWXFvc3RiV1F4Q3RYMzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9lNDc3YmQtYWM4Yi00NTVkLWJjN2Yt
ZWRkYWMwYzdhMWYyLzEvTGtWR1YyOEt4dW9aV0hJcVlvYzRhUmM5S2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9lNDc3YmQtYWM4Yi00NTVkLWJjN2YtZWRkYWMwYzdhMWYy
LzEvTHR4WGczSmRXVkFaWXFvc3RiV1F4Q3RYMzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8AsAwQB
W9lCAwQBwgkOMA0GCSqGSIb3DQEBCwUAA4IBAQBMu7Kw1lGSEYc/Y2s3b/gXYIAg
Bs18UPcSX3N0X8HEqYrT7ktrj6DmSaZBhnKbgrBCpQybS5uF/Mv/rbRRA7JHsEce
uOD+s6N8sp7TV6gFGfhix7WixPTmGV286czTuoSD9iUhGcKhZ7UI7kdPhiQUkzjp
z07HNkn4DqxMmFCCJnRvibcq8mMQe802wyWdOqs3wUKbbGl34VAB8Rb1Kzc1n8vB
3PYDeEx4Y4w8QWsoGDiFvlxGUWJ7YAdMDBmYU0KhbfmrP2bJQnZ2udBiAcxbbVe1
gHU30b/idtCTZ+VS8MTp6S/ZraEYIiYEBKhHxQsEfQ9AdPUh0ID2rfk69Oa/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:40 2024 by rpki-client on console-ams.rpki-client.org