Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d679f2-414e-4538-9c60-295611aa7e92/1/f-mivcgfge0Dss3CGjghEfPdMWg.roa
File:                     f-mivcgfge0Dss3CGjghEfPdMWg.roa (raw, json)
Hash identifier:          KsvuqH72YOWdwQf0Ta33eQfOcCnBHx4swhIKJNXq5J4=
Subject key identifier:   7F:E9:A2:BD:C8:1F:81:ED:03:B2:CD:C2:1A:38:21:11:F3:DD:31:68
Certificate issuer:       /CN=0b5e798db6e8f57c5f4a445150901dee8a96d5e5
Certificate serial:       01856CEF21FE677A1792BAC58568782D7223
Authority key identifier: 0B:5E:79:8D:B6:E8:F5:7C:5F:4A:44:51:50:90:1D:EE:8A:96:D5:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C155jbbo9XxfSkRRUJAd7oqW1eU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d679f2-414e-4538-9c60-295611aa7e92/1/f-mivcgfge0Dss3CGjghEfPdMWg.roa
Signing time:             Sun 01 Jan 2023 10:44:49 +0000
ROA not before:           Sun 01 Jan 2023 10:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34024
IP address blocks:        91.199.235.0/24 maxlen: 24
                          193.26.26.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ef:21:fe:67:7a:17:92:ba:c5:85:68:78:2d:72:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b5e798db6e8f57c5f4a445150901dee8a96d5e5
        Validity
            Not Before: Jan  1 10:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7fe9a2bdc81f81ed03b2cdc21a382111f3dd3168
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:5b:97:95:35:22:c8:31:3a:0d:d5:9d:f1:bc:
                    b5:4c:a0:5a:37:d5:da:c1:7a:14:dd:90:14:67:8d:
                    d0:d1:6a:b6:73:3b:ae:58:ee:39:48:c1:69:5c:06:
                    30:cf:27:b4:cd:da:7b:ec:e2:fc:98:3e:05:68:dd:
                    6f:4e:1e:82:04:4c:b0:06:6d:a2:16:6f:db:4b:8a:
                    05:34:0d:f2:1d:c9:c6:9b:16:0b:b0:fc:e6:03:46:
                    72:5f:85:3d:83:77:5a:7d:da:b0:83:07:61:95:30:
                    99:90:6f:0e:72:d7:3d:11:19:93:4e:b1:69:6d:e0:
                    3f:78:4a:e8:f9:78:5b:1e:6d:b9:d6:10:68:c2:fa:
                    9e:41:b2:ad:37:6b:77:cf:52:a6:bc:cf:67:2b:58:
                    60:4e:5d:e7:1f:45:81:69:a2:0a:b5:aa:21:58:8b:
                    1c:94:e2:5a:4b:36:1f:ad:70:60:1b:19:da:02:ee:
                    c7:82:02:04:8d:41:bb:f1:36:b3:32:a6:d3:9e:a1:
                    bc:25:ca:b1:aa:88:0f:48:50:42:34:ba:66:64:47:
                    e6:5b:e9:58:7d:07:13:9f:04:ec:d6:24:4f:a1:30:
                    58:5e:b6:d2:93:8c:5b:40:7b:7c:15:e4:cd:37:d7:
                    3d:c5:4c:5b:b7:1c:cb:be:ca:61:5d:4d:51:7a:67:
                    63:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:E9:A2:BD:C8:1F:81:ED:03:B2:CD:C2:1A:38:21:11:F3:DD:31:68
            X509v3 Authority Key Identifier:
                keyid:0B:5E:79:8D:B6:E8:F5:7C:5F:4A:44:51:50:90:1D:EE:8A:96:D5:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C155jbbo9XxfSkRRUJAd7oqW1eU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d679f2-414e-4538-9c60-295611aa7e92/1/f-mivcgfge0Dss3CGjghEfPdMWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d679f2-414e-4538-9c60-295611aa7e92/1/C155jbbo9XxfSkRRUJAd7oqW1eU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.235.0/24
                  193.26.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:cf:54:0b:bf:1c:50:c1:41:0a:a8:0f:09:de:bb:2f:6e:31:
         12:63:2b:2e:07:7a:a8:37:42:b9:b0:21:10:b4:11:0c:6d:9f:
         57:19:bf:0d:5b:21:39:e3:21:3f:7b:24:ac:54:3e:25:06:bf:
         2e:9e:4b:5f:4e:28:32:b6:a5:e7:d2:15:fe:9e:e2:59:47:50:
         2e:9e:14:a5:d7:71:84:02:e3:8d:b4:eb:7d:a0:c1:5c:4e:f1:
         1f:85:77:81:a7:cf:cc:96:66:ee:76:ee:3f:c6:f3:c8:9e:89:
         fc:87:87:67:7c:dc:e2:95:70:3c:25:56:19:8e:d3:ef:81:b9:
         ce:ff:1c:6d:3f:3a:ff:a5:ce:70:0e:e6:d5:8c:b7:b3:6f:91:
         99:63:b5:d1:ea:80:9a:c8:20:74:1d:99:4a:e9:cc:3f:14:e1:
         b9:f0:be:9d:f8:a2:1b:a1:58:3c:7f:67:29:a9:5b:6a:9a:8a:
         ef:bd:3a:3b:f9:a6:b3:71:2f:2b:28:5f:9c:9a:d3:e6:8b:ab:
         ab:7b:0c:59:b8:be:4c:0f:33:e2:3e:07:22:e8:7d:de:ae:1a:
         0a:b8:3c:81:55:df:24:80:66:fb:9b:0a:ae:17:95:89:ed:b8:
         05:a4:3d:b4:a3:5e:a8:28:b3:48:8b:3f:1e:98:f9:e4:02:67:
         e7:e3:a8:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs7yH+Z3oXkrrFhWh4LXIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWU3OThkYjZlOGY1N2M1ZjRhNDQ1MTUwOTAxZGVlOGE5
NmQ1ZTUwHhcNMjMwMTAxMTA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmU5YTJiZGM4MWY4MWVkMDNiMmNkYzIxYTM4MjExMWYzZGQzMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FuXlTUiyDE6DdWd8by1TKBaN9Xa
wXoU3ZAUZ43Q0Wq2czuuWO45SMFpXAYwzye0zdp77OL8mD4FaN1vTh6CBEywBm2i
Fm/bS4oFNA3yHcnGmxYLsPzmA0ZyX4U9g3dafdqwgwdhlTCZkG8Octc9ERmTTrFp
beA/eEro+XhbHm251hBowvqeQbKtN2t3z1KmvM9nK1hgTl3nH0WBaaIKtaohWIsc
lOJaSzYfrXBgGxnaAu7HggIEjUG78TazMqbTnqG8JcqxqogPSFBCNLpmZEfmW+lY
fQcTnwTs1iRPoTBYXrbSk4xbQHt8FeTNN9c9xUxbtxzLvsphXU1RemdjNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH/por3IH4HtA7LNwho4IRHz3TFoMB8GA1UdIwQY
MBaAFAteeY226PV8X0pEUVCQHe6KltXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzE1NWpiYm85WHhmU2tSUlVKQWQ3b3FXMWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kNjc5ZjItNDE0ZS00NTM4LTljNjAt
Mjk1NjExYWE3ZTkyLzEvZi1taXZjZ2ZnZTBEc3MzQ0dqZ2hFZlBkTVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kNjc5ZjItNDE0ZS00NTM4LTljNjAtMjk1NjExYWE3ZTky
LzEvQzE1NWpiYm85WHhmU2tSUlVKQWQ3b3FXMWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8frAwQA
wRoaMA0GCSqGSIb3DQEBCwUAA4IBAQBDz1QLvxxQwUEKqA8J3rsvbjESYysuB3qo
N0K5sCEQtBEMbZ9XGb8NWyE54yE/eySsVD4lBr8unktfTigytqXn0hX+nuJZR1Au
nhSl13GEAuONtOt9oMFcTvEfhXeBp8/Mlmbudu4/xvPInon8h4dnfNzilXA8JVYZ
jtPvgbnO/xxtPzr/pc5wDubVjLezb5GZY7XR6oCayCB0HZlK6cw/FOG58L6d+KIb
oVg8f2cpqVtqmorvvTo7+aazcS8rKF+cmtPmi6urewxZuL5MDzPiPgci6H3erhoK
uDyBVd8kgGb7mwquF5WJ7bgFpD20o16oKLNIiz8emPnkAmfn46gl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:14 2024 by rpki-client on console-fra.rpki-client.org