Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/nShQ1qdblZsMVIMlcn2XcGPcVMU.roa
File:                     nShQ1qdblZsMVIMlcn2XcGPcVMU.roa (raw, json)
Hash identifier:          73yzulEfSpgar0Fkeu0gr3J/EodAliBnsdRwFdsyw2Q=
Subject key identifier:   9D:28:50:D6:A7:5B:95:9B:0C:54:83:25:72:7D:97:70:63:DC:54:C5
Certificate issuer:       /CN=053f8469ec62520987896d8926c17228a7bcfb3d
Certificate serial:       018EADE11923E6E96C8EDCE1464CEC792CF1
Authority key identifier: 05:3F:84:69:EC:62:52:09:87:89:6D:89:26:C1:72:28:A7:BC:FB:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BT-EaexiUgmHiW2JJsFyKKe8-z0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/nShQ1qdblZsMVIMlcn2XcGPcVMU.roa
Signing time:             Fri 05 Apr 2024 10:49:53 +0000
ROA not before:           Fri 05 Apr 2024 10:49:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     196629
IP address blocks:        91.207.218.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 12:06:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:ad:e1:19:23:e6:e9:6c:8e:dc:e1:46:4c:ec:79:2c:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=053f8469ec62520987896d8926c17228a7bcfb3d
        Validity
            Not Before: Apr  5 10:49:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9d2850d6a75b959b0c548325727d977063dc54c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:fa:87:c9:bb:09:1a:eb:27:71:21:5a:86:d9:
                    0d:a4:14:9f:71:ef:79:d3:94:c5:0b:82:50:0c:c1:
                    1b:b0:1a:73:5e:6c:23:e1:af:7b:e9:f0:b2:37:9e:
                    11:5e:e5:0a:ce:80:cf:c7:d4:3c:2e:39:d4:be:d6:
                    81:d1:89:7b:c4:c6:46:58:6e:aa:9f:07:6b:00:04:
                    60:9e:12:4a:2f:cf:4a:3f:1c:7e:12:0b:dd:fd:39:
                    50:a3:3d:cc:9c:1b:47:c2:e1:27:63:24:32:a8:34:
                    2d:b2:1e:31:c6:34:d8:1c:35:5d:9e:57:07:f4:70:
                    98:44:06:28:87:99:ea:cb:0a:7d:48:dd:01:49:06:
                    5e:2e:bb:ca:21:e4:14:1d:3a:0e:15:fa:12:1d:ba:
                    85:26:f2:70:be:11:ab:f2:35:f8:60:cb:12:4c:87:
                    7d:f7:fa:c5:ee:d1:55:29:d0:2d:41:9d:35:7d:9d:
                    a6:d0:1e:28:b8:6b:6a:d1:a7:a3:64:cb:13:20:1e:
                    1c:e4:47:55:4d:83:19:80:b1:fe:04:e9:71:14:3b:
                    60:93:39:25:82:4f:8c:ef:02:07:fe:7e:09:f8:db:
                    e5:ab:db:4f:59:bf:f7:00:97:1c:c4:76:a3:24:f4:
                    96:6b:01:33:34:be:72:82:70:62:1e:6d:44:c9:99:
                    63:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:28:50:D6:A7:5B:95:9B:0C:54:83:25:72:7D:97:70:63:DC:54:C5
            X509v3 Authority Key Identifier:
                keyid:05:3F:84:69:EC:62:52:09:87:89:6D:89:26:C1:72:28:A7:BC:FB:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT-EaexiUgmHiW2JJsFyKKe8-z0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/nShQ1qdblZsMVIMlcn2XcGPcVMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/BT-EaexiUgmHiW2JJsFyKKe8-z0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.207.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:cd:7c:2f:ea:64:d8:fd:52:42:12:bc:88:1e:97:4c:50:12:
         6f:53:a4:6d:a0:0f:37:c0:a9:35:c4:c9:19:e4:1c:0f:93:95:
         0c:07:1f:10:81:be:df:25:49:b3:f7:00:0c:18:4f:7c:93:d8:
         d3:40:49:8e:98:d6:49:54:39:fb:90:1f:4d:4e:0b:eb:21:fd:
         4e:39:c4:21:8f:16:4e:fc:cd:80:62:c6:e8:dd:76:98:d3:8e:
         b5:88:86:93:5f:23:5c:43:3d:4e:03:b5:55:d8:bd:bb:d0:de:
         90:fe:0d:67:f3:38:d5:e3:75:af:5e:f4:ab:4e:d6:13:bd:d7:
         80:b5:c6:87:95:21:02:21:94:72:9e:08:d9:b6:53:d7:19:b7:
         fd:5e:f0:06:f8:8e:aa:ed:27:45:ef:a8:25:21:dc:02:ab:09:
         c4:af:c2:04:de:09:4a:22:6a:bd:1a:93:d4:8c:6a:1b:ff:0b:
         cc:89:a4:48:92:80:91:b8:bf:4a:ef:57:65:8e:65:80:b9:53:
         e1:a9:c8:5f:d3:d7:5c:c6:ec:d3:ac:1f:7c:ea:5e:b2:2b:d9:
         ad:20:5e:f7:fc:3a:55:e2:6c:67:ac:70:0d:e6:d5:64:c9:28:
         12:ce:98:59:9d:b7:fc:e9:e7:89:bf:10:23:b2:26:8e:a1:ef:
         92:52:0e:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6t4Rkj5ulsjtzhRkzseSzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2Y4NDY5ZWM2MjUyMDk4Nzg5NmQ4OTI2YzE3MjI4YTdi
Y2ZiM2QwHhcNMjQwNDA1MTA0OTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI4NTBkNmE3NWI5NTliMGM1NDgzMjU3MjdkOTc3MDYzZGM1NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PqHybsJGusncSFahtkNpBSfce95
05TFC4JQDMEbsBpzXmwj4a976fCyN54RXuUKzoDPx9Q8LjnUvtaB0Yl7xMZGWG6q
nwdrAARgnhJKL89KPxx+Egvd/TlQoz3MnBtHwuEnYyQyqDQtsh4xxjTYHDVdnlcH
9HCYRAYoh5nqywp9SN0BSQZeLrvKIeQUHToOFfoSHbqFJvJwvhGr8jX4YMsSTId9
9/rF7tFVKdAtQZ01fZ2m0B4ouGtq0aejZMsTIB4c5EdVTYMZgLH+BOlxFDtgkzkl
gk+M7wIH/n4J+Nvlq9tPWb/3AJccxHajJPSWawEzNL5ygnBiHm1EyZljoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0oUNanW5WbDFSDJXJ9l3Bj3FTFMB8GA1UdIwQY
MBaAFAU/hGnsYlIJh4ltiSbBciinvPs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQtRWFleGlVZ21IaVcySkpzRnlLS2U4LXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mYWQ2NzItZTkzYS00ZGQ1LTg4OTMt
ZWZjMTc1MDI5NzQwLzEvblNoUTFxZGJsWnNNVklNbGNuMlhjR1BjVk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mYWQ2NzItZTkzYS00ZGQ1LTg4OTMtZWZjMTc1MDI5NzQw
LzEvQlQtRWFleGlVZ21IaVcySkpzRnlLS2U4LXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8/aMA0G
CSqGSIb3DQEBCwUAA4IBAQBmzXwv6mTY/VJCEryIHpdMUBJvU6RtoA83wKk1xMkZ
5BwPk5UMBx8Qgb7fJUmz9wAMGE98k9jTQEmOmNZJVDn7kB9NTgvrIf1OOcQhjxZO
/M2AYsbo3XaY0461iIaTXyNcQz1OA7VV2L270N6Q/g1n8zjV43WvXvSrTtYTvdeA
tcaHlSECIZRyngjZtlPXGbf9XvAG+I6q7SdF76glIdwCqwnEr8IE3glKImq9GpPU
jGob/wvMiaRIkoCRuL9K71dljmWAuVPhqchf09dcxuzTrB986l6yK9mtIF73/DpV
4mxnrHAN5tVkySgSzphZnbf86eeJvxAjsiaOoe+SUg6P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:01 2024 by rpki-client on console-ams.rpki-client.org