Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/rGf9ga0sMb4O8n_tL0kpvOxqXPU.roa
File:                     rGf9ga0sMb4O8n_tL0kpvOxqXPU.roa (raw, json)
Hash identifier:          wQN6opegSgCQi8eIxu7BfUdMCpE6wZauYv2cW9esrvY=
Subject key identifier:   AC:67:FD:81:AD:2C:31:BE:0E:F2:7F:ED:2F:49:29:BC:EC:6A:5C:F5
Certificate issuer:       /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial:       0189304C40C1AEB8E9A4B83B68FEDEDA0425
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/rGf9ga0sMb4O8n_tL0kpvOxqXPU.roa
Signing time:             Fri 07 Jul 2023 12:20:50 +0000
ROA not before:           Fri 07 Jul 2023 12:20:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        91.190.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Sep 2023 07:07:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:30:4c:40:c1:ae:b8:e9:a4:b8:3b:68:fe:de:da:04:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
        Validity
            Not Before: Jul  7 12:20:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ac67fd81ad2c31be0ef27fed2f4929bcec6a5cf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5f:d7:48:f6:0c:78:e6:be:a0:eb:65:a7:9a:
                    98:1b:72:96:ae:f9:44:ea:ad:16:14:07:eb:7f:9e:
                    6d:1a:ad:55:c3:61:f4:7d:16:be:a7:cb:65:ed:27:
                    16:0a:74:77:c2:36:eb:20:21:17:d4:fd:ee:46:ed:
                    b8:1b:ab:5e:d9:8d:7a:78:7e:1e:14:7f:24:c3:06:
                    f6:e4:a4:f3:d1:58:fe:bd:f1:1e:95:9a:7f:8c:a7:
                    ed:11:98:fd:d6:95:2e:43:27:3a:ba:23:70:64:92:
                    53:63:cf:c5:1b:70:4b:1f:2a:b8:19:76:f0:e4:b8:
                    15:47:4c:f5:bb:34:5d:c4:41:36:2f:c1:2a:06:63:
                    c5:7f:54:12:c7:45:66:4b:10:38:33:c9:90:57:06:
                    65:a2:de:98:8b:5c:f6:ba:6c:37:19:70:f1:fa:d0:
                    e8:71:79:ea:bf:73:be:48:4d:aa:0f:77:00:b4:7f:
                    9c:ed:e9:7b:89:2c:ab:7b:25:95:5e:ea:47:0d:ee:
                    50:1c:c0:9e:16:63:58:5b:ed:5b:a4:57:fe:e2:24:
                    db:c8:55:c2:6c:72:08:27:41:2d:15:bb:cc:f8:69:
                    a9:85:3d:85:03:47:16:57:60:da:49:c4:35:51:cf:
                    65:a6:81:dc:f0:e2:7a:8d:55:b6:4b:df:b8:86:97:
                    d0:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:67:FD:81:AD:2C:31:BE:0E:F2:7F:ED:2F:49:29:BC:EC:6A:5C:F5
            X509v3 Authority Key Identifier:
                keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/rGf9ga0sMb4O8n_tL0kpvOxqXPU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.190.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:7c:1b:74:85:9e:21:57:c2:17:d2:18:6f:78:c8:a6:21:06:
         53:3d:d8:c6:b6:79:2a:d4:d3:36:a4:e1:39:16:b4:71:97:76:
         25:90:77:4d:99:ac:5f:c1:34:3c:67:83:27:2f:39:28:62:be:
         8e:25:70:43:8d:cc:9d:d8:a4:c2:f7:b1:27:92:aa:ba:d7:9e:
         16:da:1a:58:66:df:b2:3e:55:49:7c:55:e8:e8:9d:ad:ba:de:
         ed:c3:36:50:4c:3e:e5:e1:71:29:cf:c7:b4:45:6e:bb:41:b4:
         7c:21:ef:e5:8f:af:9d:74:a8:41:4c:7a:16:3d:7b:db:d9:c7:
         a7:94:87:94:17:57:48:f9:2c:7b:8c:bd:fd:4e:c8:af:87:88:
         86:a0:e4:b1:fe:35:0e:1b:86:b9:28:cf:d6:c8:9f:9f:aa:7e:
         79:85:33:bd:4b:ed:fe:e7:fb:cb:0e:f1:39:4d:b9:2b:49:2a:
         cf:1b:2f:04:04:48:61:a4:11:f7:c8:18:2f:d9:f7:11:0a:6c:
         9d:e5:d9:03:5d:ad:5e:a8:b8:9c:42:50:df:58:40:37:4c:bc:
         9e:fa:1b:46:51:a0:ba:3a:80:7b:24:c4:4a:2c:02:67:a7:59:
         e4:c4:aa:35:35:cb:c9:5b:a6:7e:e2:09:92:9f:ae:92:d4:d7:
         65:07:ad:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkwTEDBrrjppLg7aP7e2gQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwNzA3MTIyMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzY3ZmQ4MWFkMmMzMWJlMGVmMjdmZWQyZjQ5MjliY2VjNmE1Y2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl/XSPYMeOa+oOtlp5qYG3KWrvlE
6q0WFAfrf55tGq1Vw2H0fRa+p8tl7ScWCnR3wjbrICEX1P3uRu24G6te2Y16eH4e
FH8kwwb25KTz0Vj+vfEelZp/jKftEZj91pUuQyc6uiNwZJJTY8/FG3BLHyq4GXbw
5LgVR0z1uzRdxEE2L8EqBmPFf1QSx0VmSxA4M8mQVwZlot6Yi1z2umw3GXDx+tDo
cXnqv3O+SE2qD3cAtH+c7el7iSyreyWVXupHDe5QHMCeFmNYW+1bpFf+4iTbyFXC
bHIIJ0EtFbvM+GmphT2FA0cWV2DaScQ1Uc9lpoHc8OJ6jVW2S9+4hpfQ6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxn/YGtLDG+DvJ/7S9JKbzsalz1MB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvckdmOWdhMHNNYjRPOG5fdEwwa3B2T3hxWFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW767MA0G
CSqGSIb3DQEBCwUAA4IBAQCAfBt0hZ4hV8IX0hhveMimIQZTPdjGtnkq1NM2pOE5
FrRxl3YlkHdNmaxfwTQ8Z4MnLzkoYr6OJXBDjcyd2KTC97Enkqq6154W2hpYZt+y
PlVJfFXo6J2tut7twzZQTD7l4XEpz8e0RW67QbR8Ie/lj6+ddKhBTHoWPXvb2cen
lIeUF1dI+Sx7jL39Tsivh4iGoOSx/jUOG4a5KM/WyJ+fqn55hTO9S+3+5/vLDvE5
TbkrSSrPGy8EBEhhpBH3yBgv2fcRCmyd5dkDXa1eqLicQlDfWEA3TLye+htGUaC6
OoB7JMRKLAJnp1nkxKo1NcvJW6Z+4gmSn66S1NdlB60Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:21 2024 by rpki-client on console-ams.rpki-client.org