Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XvNgFfVTGifFyziaoGh1KkVlSKM.roa
File:                     XvNgFfVTGifFyziaoGh1KkVlSKM.roa (raw, json)
Hash identifier:          NN56Oubghi/8bbNIOb02Y7z0IrA3t6DgzaRvE0EXMQk=
Subject key identifier:   5E:F3:60:15:F5:53:1A:27:C5:CB:38:9A:A0:68:75:2A:45:65:48:A3
Certificate issuer:       /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial:       018CC3B69D08764E82135C0A39EE8C8BDDC2
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XvNgFfVTGifFyziaoGh1KkVlSKM.roa
Signing time:             Mon 01 Jan 2024 06:29:34 +0000
ROA not before:           Mon 01 Jan 2024 06:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202673
IP address blocks:        91.226.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 Jan 2024 07:38:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:9d:08:76:4e:82:13:5c:0a:39:ee:8c:8b:dd:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
        Validity
            Not Before: Jan  1 06:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ef36015f5531a27c5cb389aa068752a456548a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:32:4f:8c:63:50:39:1a:40:47:76:bb:8e:a5:
                    d3:86:aa:cc:b0:b2:38:25:f3:f0:bd:01:95:23:e8:
                    00:68:6d:be:4a:e1:96:e7:73:56:3d:95:41:11:34:
                    56:e0:a9:4d:de:9f:88:63:88:d5:20:c2:e5:c1:8c:
                    7b:47:62:27:5a:19:f0:1c:30:74:ab:c0:be:ea:47:
                    02:86:9a:89:cd:63:33:45:05:5e:2f:f3:48:7d:37:
                    5e:50:eb:dc:7d:5a:7b:66:bd:a2:87:e3:74:68:66:
                    5a:9e:2b:1c:a4:e0:8d:eb:29:2d:6d:53:b2:fd:fd:
                    53:18:5a:ad:a9:c8:10:01:f9:05:7e:1e:39:6e:73:
                    fc:2d:b1:d9:f0:85:fb:8d:71:4d:87:3f:1c:ed:e7:
                    44:e5:3e:cf:84:c8:54:90:79:c1:ee:f1:97:c1:8c:
                    47:e1:f4:fb:4e:d3:87:f4:fc:df:e7:a4:a5:4a:b3:
                    33:62:d2:c8:27:fc:21:d3:1e:a1:c1:55:b9:e5:93:
                    f6:99:e3:8c:3b:21:a7:03:ec:d9:53:b6:54:4e:04:
                    06:21:4c:01:92:1e:a6:09:07:58:b1:98:aa:66:5a:
                    37:55:6b:5a:29:90:fe:69:b4:f3:c7:19:2b:9a:1c:
                    1c:16:6a:5b:51:6c:0d:b1:42:b8:99:a9:8f:ac:6d:
                    c4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F3:60:15:F5:53:1A:27:C5:CB:38:9A:A0:68:75:2A:45:65:48:A3
            X509v3 Authority Key Identifier:
                keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XvNgFfVTGifFyziaoGh1KkVlSKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.226.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:29:42:56:c4:99:97:e8:ef:6a:4d:de:57:40:0a:14:d1:f8:
         d1:7f:5a:22:d7:25:67:38:2a:6d:a8:35:69:02:fd:88:81:6e:
         1b:d0:e1:ca:e8:37:49:b6:43:89:69:80:3a:eb:98:6c:d5:37:
         8c:71:88:78:51:d5:c1:20:1c:ef:f4:cf:6c:92:0b:92:b5:dd:
         59:76:54:3f:a6:6f:9d:46:33:e2:f7:8e:93:d5:c4:9a:b0:04:
         47:d7:60:f0:f6:75:16:c3:ae:8f:47:77:f6:87:f3:af:a8:4f:
         c8:be:ff:c8:dc:9c:08:03:c8:55:42:1c:0d:9b:da:8c:0e:c3:
         dd:83:d0:7d:c9:79:17:2f:b8:ff:f8:30:85:2c:8c:62:a9:b2:
         8b:2b:52:fe:39:d9:56:9e:a4:0b:65:c1:6f:f6:70:6f:25:4a:
         d1:3a:72:53:95:b4:52:d5:c6:cf:5c:00:07:c0:5d:42:92:43:
         dc:5c:b7:82:72:d4:29:86:f4:0c:b4:fe:b8:fa:3f:a0:04:68:
         d7:77:0a:ba:32:99:f8:ec:ce:19:de:72:0a:5d:47:17:c2:39:
         dd:30:ad:e5:99:d2:86:66:d6:0a:93:a7:f9:e9:d7:c8:88:13:
         b3:93:78:6d:39:6b:50:37:35:7f:14:be:a8:d6:b7:f4:92:fb:
         53:65:0b:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtp0Idk6CE1wKOe6Mi93CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWYzNjAxNWY1NTMxYTI3YzVjYjM4OWFhMDY4NzUyYTQ1NjU0OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDJPjGNQORpAR3a7jqXThqrMsLI4
JfPwvQGVI+gAaG2+SuGW53NWPZVBETRW4KlN3p+IY4jVIMLlwYx7R2InWhnwHDB0
q8C+6kcChpqJzWMzRQVeL/NIfTdeUOvcfVp7Zr2ih+N0aGZaniscpOCN6yktbVOy
/f1TGFqtqcgQAfkFfh45bnP8LbHZ8IX7jXFNhz8c7edE5T7PhMhUkHnB7vGXwYxH
4fT7TtOH9Pzf56SlSrMzYtLIJ/wh0x6hwVW55ZP2meOMOyGnA+zZU7ZUTgQGIUwB
kh6mCQdYsZiqZlo3VWtaKZD+abTzxxkrmhwcFmpbUWwNsUK4mamPrG3ETQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7zYBX1Uxonxcs4mqBodSpFZUijMB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvWHZOZ0ZmVlRHaWZGeXppYW9HaDFLa1ZsU0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+JhMA0G
CSqGSIb3DQEBCwUAA4IBAQAyKUJWxJmX6O9qTd5XQAoU0fjRf1oi1yVnOCptqDVp
Av2IgW4b0OHK6DdJtkOJaYA665hs1TeMcYh4UdXBIBzv9M9skguStd1ZdlQ/pm+d
RjPi946T1cSasARH12Dw9nUWw66PR3f2h/OvqE/Ivv/I3JwIA8hVQhwNm9qMDsPd
g9B9yXkXL7j/+DCFLIxiqbKLK1L+OdlWnqQLZcFv9nBvJUrROnJTlbRS1cbPXAAH
wF1CkkPcXLeCctQphvQMtP64+j+gBGjXdwq6Mpn47M4Z3nIKXUcXwjndMK3lmdKG
ZtYKk6f56dfIiBOzk3htOWtQNzV/FL6o1rf0kvtTZQv3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:54 2024 by rpki-client on console-fra.rpki-client.org