Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dd1331-622a-4848-b340-d3163e9b0136/1/LIAUkDRgVt5wUnrS-He3fLNGnZ0.roa
File:                     LIAUkDRgVt5wUnrS-He3fLNGnZ0.roa (raw, json)
Hash identifier:          Xy/8nPbDdb9cro7flHGiJlJobbR9re35pL04ejWZNBA=
Subject key identifier:   2C:80:14:90:34:60:56:DE:70:52:7A:D2:F8:77:B7:7C:B3:46:9D:9D
Certificate issuer:       /CN=d55d3921850a5fff07eca260a36ef92101f2d85c
Certificate serial:       01856EB8D9124200CF8C7F97C768928EC324
Authority key identifier: D5:5D:39:21:85:0A:5F:FF:07:EC:A2:60:A3:6E:F9:21:01:F2:D8:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1V05IYUKX_8H7KJgo275IQHy2Fw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/dd1331-622a-4848-b340-d3163e9b0136/1/LIAUkDRgVt5wUnrS-He3fLNGnZ0.roa
Signing time:             Sun 01 Jan 2023 19:04:45 +0000
ROA not before:           Sun 01 Jan 2023 19:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44730
IP address blocks:        91.213.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:b8:d9:12:42:00:cf:8c:7f:97:c7:68:92:8e:c3:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d55d3921850a5fff07eca260a36ef92101f2d85c
        Validity
            Not Before: Jan  1 19:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c801490346056de70527ad2f877b77cb3469d9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:46:e5:69:c0:04:44:54:d2:eb:56:f0:f8:07:
                    ff:41:1a:8d:a4:60:ce:5d:9c:8e:b5:05:da:99:c8:
                    4f:7f:56:4b:7c:10:ef:12:0e:fb:de:9f:88:ac:b1:
                    11:06:81:fb:44:12:f7:b8:2f:e1:b5:58:06:ea:57:
                    87:82:1f:54:87:b3:75:0b:a3:e9:be:9e:99:21:2a:
                    e5:a1:88:6d:b2:3d:ca:e2:b7:05:b6:86:16:10:73:
                    3c:b1:4d:d4:ef:ca:37:a8:11:12:e3:1b:f4:ee:68:
                    b1:d1:0e:68:0a:4e:a7:c7:95:7e:10:e9:89:98:0b:
                    20:54:f2:08:a9:69:e3:09:ea:d1:90:61:04:bc:d7:
                    9c:b0:14:b0:f3:95:02:1f:d2:84:f1:aa:55:df:bf:
                    af:37:ad:af:8a:9d:42:b8:bf:5d:cb:9d:b6:c2:da:
                    4c:44:c4:ec:5b:1b:38:d8:3c:53:a2:e2:a0:2a:d2:
                    b1:79:e8:22:d5:14:a2:92:91:62:bc:d3:0d:1f:1a:
                    d3:bc:76:b8:1b:41:79:b5:3c:11:2d:6d:7f:e0:e6:
                    41:6b:58:c9:1b:20:24:77:7c:4f:2c:ff:dc:75:6e:
                    d3:47:23:3d:1c:61:a9:34:08:33:3e:91:4b:9e:4a:
                    65:32:0c:f9:44:93:88:70:a8:33:7f:9f:27:f6:7f:
                    76:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:80:14:90:34:60:56:DE:70:52:7A:D2:F8:77:B7:7C:B3:46:9D:9D
            X509v3 Authority Key Identifier:
                keyid:D5:5D:39:21:85:0A:5F:FF:07:EC:A2:60:A3:6E:F9:21:01:F2:D8:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1V05IYUKX_8H7KJgo275IQHy2Fw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dd1331-622a-4848-b340-d3163e9b0136/1/LIAUkDRgVt5wUnrS-He3fLNGnZ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dd1331-622a-4848-b340-d3163e9b0136/1/1V05IYUKX_8H7KJgo275IQHy2Fw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:a3:0b:d8:65:18:48:18:ea:74:82:f8:7e:a7:90:94:1a:39:
         f2:5d:ca:ee:f4:32:f8:e5:c3:3a:b5:19:26:e9:93:dc:a5:85:
         77:bf:5f:1d:15:84:8e:61:d6:4f:a5:31:02:0b:6a:0b:3b:23:
         fb:24:cc:ac:a4:84:07:37:99:59:52:3e:31:d2:5b:27:41:cf:
         13:93:93:4a:1e:84:84:86:86:12:10:f2:e1:46:d8:1b:32:e8:
         78:c8:72:00:fa:97:19:27:19:af:3c:b7:f8:3e:06:11:64:66:
         57:3b:24:73:fd:de:09:2f:aa:3d:95:70:05:2a:03:b8:69:6f:
         e9:5a:f9:42:61:db:f6:2c:b3:ee:b7:72:27:b5:43:6e:6f:cd:
         0c:f2:c4:02:6b:67:05:c8:b6:9f:0f:58:b0:d0:1a:1a:a7:b8:
         32:78:ac:0b:f3:33:d1:4a:b0:1f:0c:ca:96:4d:bc:6a:4b:67:
         33:e0:8f:c7:f3:b5:fb:d8:7f:b6:6a:27:90:4e:22:8c:62:97:
         7a:25:4c:7d:9b:80:8b:c3:07:0a:e9:70:ba:a3:3e:77:e6:3a:
         ca:03:b7:0d:72:4a:c8:66:9d:91:a0:bd:a2:c2:64:a9:5b:6a:
         29:6f:f9:14:b2:7e:86:8d:2c:70:d3:40:c6:f5:66:89:cc:be:
         14:d3:5f:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuNkSQgDPjH+Xx2iSjsMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NWQzOTIxODUwYTVmZmYwN2VjYTI2MGEzNmVmOTIxMDFm
MmQ4NWMwHhcNMjMwMTAxMTkwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzgwMTQ5MDM0NjA1NmRlNzA1MjdhZDJmODc3Yjc3Y2IzNDY5ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEblacAERFTS61bw+Af/QRqNpGDO
XZyOtQXamchPf1ZLfBDvEg773p+IrLERBoH7RBL3uC/htVgG6leHgh9Uh7N1C6Pp
vp6ZISrloYhtsj3K4rcFtoYWEHM8sU3U78o3qBES4xv07mix0Q5oCk6nx5V+EOmJ
mAsgVPIIqWnjCerRkGEEvNecsBSw85UCH9KE8apV37+vN62vip1CuL9dy522wtpM
RMTsWxs42DxTouKgKtKxeegi1RSikpFivNMNHxrTvHa4G0F5tTwRLW1/4OZBa1jJ
GyAkd3xPLP/cdW7TRyM9HGGpNAgzPpFLnkplMgz5RJOIcKgzf58n9n92zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCyAFJA0YFbecFJ60vh3t3yzRp2dMB8GA1UdIwQY
MBaAFNVdOSGFCl//B+yiYKNu+SEB8thcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVYwNUlZVUtYXzhIN0tKZ28yNzVJUUh5MkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kZDEzMzEtNjIyYS00ODQ4LWIzNDAt
ZDMxNjNlOWIwMTM2LzEvTElBVWtEUmdWdDV3VW5yUy1IZTNmTE5HblowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kZDEzMzEtNjIyYS00ODQ4LWIzNDAtZDMxNjNlOWIwMTM2
LzEvMVYwNUlZVUtYXzhIN0tKZ28yNzVJUUh5MkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XxMA0G
CSqGSIb3DQEBCwUAA4IBAQBcowvYZRhIGOp0gvh+p5CUGjnyXcru9DL45cM6tRkm
6ZPcpYV3v18dFYSOYdZPpTECC2oLOyP7JMyspIQHN5lZUj4x0lsnQc8Tk5NKHoSE
hoYSEPLhRtgbMuh4yHIA+pcZJxmvPLf4PgYRZGZXOyRz/d4JL6o9lXAFKgO4aW/p
WvlCYdv2LLPut3IntUNub80M8sQCa2cFyLafD1iw0Boap7gyeKwL8zPRSrAfDMqW
TbxqS2cz4I/H87X72H+2aieQTiKMYpd6JUx9m4CLwwcK6XC6oz535jrKA7cNckrI
Zp2RoL2iwmSpW2opb/kUsn6GjSxw00DG9WaJzL4U01+v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:14 2024 by rpki-client on console-fra.rpki-client.org