Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/e4soT7bWC40BifUOEYYjg9QEJ34.roa
File:                     e4soT7bWC40BifUOEYYjg9QEJ34.roa (raw, json)
Hash identifier:          S72PmRYKGGK6hW2xUGocHetXA8y2A+kncZXOoFRsZrI=
Subject key identifier:   7B:8B:28:4F:B6:D6:0B:8D:01:89:F5:0E:11:86:23:83:D4:04:27:7E
Certificate issuer:       /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial:       018ABDB25B754A545B96785CA2FC7C24D16C
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/e4soT7bWC40BifUOEYYjg9QEJ34.roa
Signing time:             Fri 22 Sep 2023 16:21:37 +0000
ROA not before:           Fri 22 Sep 2023 16:21:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400402
IP address blocks:        91.190.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 09:18:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:bd:b2:5b:75:4a:54:5b:96:78:5c:a2:fc:7c:24:d1:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
        Validity
            Not Before: Sep 22 16:21:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b8b284fb6d60b8d0189f50e11862383d404277e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0d:db:5d:1a:d3:6f:ef:e3:9b:17:08:f1:14:
                    16:19:f3:bb:8d:02:7f:15:94:43:85:e7:74:29:82:
                    97:00:13:24:42:52:97:cb:69:e3:1b:41:4b:99:92:
                    35:41:f1:5c:dc:27:e2:4e:49:b9:0b:ed:5e:ab:dd:
                    74:8d:6c:b4:fd:87:81:95:e5:7b:aa:c5:86:60:aa:
                    e0:e3:2f:62:b7:14:11:76:20:12:dd:cd:41:23:57:
                    54:b2:66:dc:78:5b:0c:e2:73:52:3b:0a:1c:ac:49:
                    5d:8d:c0:94:65:36:33:64:9c:9c:ae:71:3c:40:93:
                    9e:e9:70:de:1f:94:df:9e:3a:0e:a5:19:50:b1:3c:
                    32:6f:13:8f:61:8b:5a:fe:6a:56:ad:7d:38:89:eb:
                    07:f3:91:2e:d1:3d:75:8d:f7:84:1a:0a:54:3d:6e:
                    69:59:4b:cc:2b:69:03:8b:81:6a:21:a6:34:37:93:
                    3a:ef:c5:d0:1d:29:3f:99:7a:5a:1e:93:98:30:30:
                    50:d7:bd:d1:fa:3e:e2:9e:3a:94:97:f9:66:b9:34:
                    c7:7c:a8:f2:64:81:29:89:1d:59:7a:93:95:c7:8e:
                    4f:0c:40:fb:7a:a8:53:0e:7b:90:fe:86:be:7a:bc:
                    ac:e2:a5:24:cd:ab:45:11:8b:82:90:3e:d8:b4:3b:
                    01:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:8B:28:4F:B6:D6:0B:8D:01:89:F5:0E:11:86:23:83:D4:04:27:7E
            X509v3 Authority Key Identifier:
                keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/e4soT7bWC40BifUOEYYjg9QEJ34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.190.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:75:1b:3b:b9:56:c9:5d:c3:04:e9:b7:06:55:70:d6:b7:6d:
         4c:8c:b2:f7:0e:2b:50:73:a5:d6:69:e2:5a:3a:88:a9:51:11:
         ba:81:50:d8:50:07:45:5b:8d:ab:59:8a:35:99:09:44:cf:b1:
         25:b4:df:62:3f:cc:6c:18:9b:9e:12:4e:c7:5e:6f:14:0d:0c:
         87:57:e8:ac:be:9e:dc:c7:00:c4:53:fa:36:0e:ce:0f:be:a7:
         e1:73:60:b8:60:76:ac:5c:5b:20:a1:d4:b7:30:3a:aa:39:ef:
         36:07:86:c2:ac:fe:71:c5:37:55:24:31:e7:0b:0e:65:6e:29:
         6e:38:3b:40:9e:3a:42:67:dc:f1:1a:55:18:f0:d4:21:e3:17:
         33:8b:1b:6f:fd:23:e6:a0:0a:b7:8d:4d:8a:0f:1b:ab:fd:ac:
         e4:1b:a3:68:52:37:1f:b1:ea:27:04:65:24:47:25:29:96:9d:
         43:46:87:83:1a:96:a8:9d:26:13:9e:41:cb:63:fc:53:e2:d6:
         04:13:21:b6:62:60:a3:4a:d9:97:ad:70:56:11:01:da:46:40:
         b0:70:3b:d1:91:ed:5d:cd:b9:42:01:f9:bc:63:65:b7:1b:7c:
         2c:38:49:0d:80:15:73:4a:66:f9:37:64:57:b9:98:b8:c2:cb:
         cc:7e:72:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq9slt1SlRblnhcovx8JNFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwOTIyMTYyMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjhiMjg0ZmI2ZDYwYjhkMDE4OWY1MGUxMTg2MjM4M2Q0MDQyNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q3bXRrTb+/jmxcI8RQWGfO7jQJ/
FZRDhed0KYKXABMkQlKXy2njG0FLmZI1QfFc3CfiTkm5C+1eq910jWy0/YeBleV7
qsWGYKrg4y9itxQRdiAS3c1BI1dUsmbceFsM4nNSOwocrEldjcCUZTYzZJycrnE8
QJOe6XDeH5TfnjoOpRlQsTwybxOPYYta/mpWrX04iesH85Eu0T11jfeEGgpUPW5p
WUvMK2kDi4FqIaY0N5M678XQHSk/mXpaHpOYMDBQ173R+j7injqUl/lmuTTHfKjy
ZIEpiR1ZepOVx45PDED7eqhTDnuQ/oa+erys4qUkzatFEYuCkD7YtDsBEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHuLKE+21guNAYn1DhGGI4PUBCd+MB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvZTRzb1Q3YldDNDBCaWZVT0VZWWpnOVFFSjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW769MA0G
CSqGSIb3DQEBCwUAA4IBAQAzdRs7uVbJXcME6bcGVXDWt21MjLL3DitQc6XWaeJa
OoipURG6gVDYUAdFW42rWYo1mQlEz7EltN9iP8xsGJueEk7HXm8UDQyHV+isvp7c
xwDEU/o2Ds4Pvqfhc2C4YHasXFsgodS3MDqqOe82B4bCrP5xxTdVJDHnCw5lbilu
ODtAnjpCZ9zxGlUY8NQh4xczixtv/SPmoAq3jU2KDxur/azkG6NoUjcfseonBGUk
RyUplp1DRoeDGpaonSYTnkHLY/xT4tYEEyG2YmCjStmXrXBWEQHaRkCwcDvRke1d
zblCAfm8Y2W3G3wsOEkNgBVzSmb5N2RXuZi4wsvMfnKh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org