Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/33z6soiDivxYvzO32EPdwY8dJJM.roa
File:                     33z6soiDivxYvzO32EPdwY8dJJM.roa (raw, json)
Hash identifier:          8acDRrNBTtUg3yH4XABlxGcwg7eFe9vUhXhteuPdgMU=
Subject key identifier:   DF:7C:FA:B2:88:83:8A:FC:58:BF:33:B7:D8:43:DD:C1:8F:1D:24:93
Certificate issuer:       /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial:       01897411252AD4CD3A3D8FA0A9C3F921F6BC
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/33z6soiDivxYvzO32EPdwY8dJJM.roa
Signing time:             Thu 20 Jul 2023 16:10:27 +0000
ROA not before:           Thu 20 Jul 2023 16:10:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212669
IP address blocks:        91.193.235.0/24 maxlen: 24
                          91.193.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:74:11:25:2a:d4:cd:3a:3d:8f:a0:a9:c3:f9:21:f6:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
        Validity
            Not Before: Jul 20 16:10:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df7cfab288838afc58bf33b7d843ddc18f1d2493
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5a:ac:89:4b:8b:2a:63:fa:ea:c2:97:93:0b:
                    46:38:1f:6e:d4:b6:f6:67:18:28:c1:b2:cd:63:16:
                    84:c2:75:86:26:bd:cb:2d:6d:51:f9:35:22:31:d8:
                    48:75:9a:77:bb:b4:4d:e5:a8:f7:5f:13:89:f2:35:
                    41:f5:66:06:af:00:47:66:79:4c:79:43:ab:1e:23:
                    8a:64:54:7d:fd:f0:b1:61:1c:8a:7a:e0:1e:8b:f0:
                    04:de:45:f9:05:61:5b:0a:4a:16:79:6e:f8:51:6a:
                    ab:bb:29:ee:3b:43:9b:1f:ee:55:2b:c9:42:60:44:
                    08:b9:88:5e:3b:36:b0:ab:9a:6a:29:9d:bd:7d:46:
                    8f:f5:a4:0b:81:c9:c6:2c:e2:b1:e0:c9:11:76:dc:
                    15:c7:0d:a3:a5:0e:15:78:8d:fb:54:93:0f:63:72:
                    01:18:6e:6e:93:03:44:f4:f6:0f:c5:3c:42:7f:0d:
                    9a:81:e5:46:8b:9c:88:a6:db:e8:b3:ed:59:76:85:
                    b3:79:e8:8a:ea:2a:93:87:7c:91:27:0c:5a:4b:60:
                    5d:dd:77:31:5e:0e:cd:ef:ad:d6:c7:12:00:73:df:
                    ba:7f:b9:ca:80:25:b6:56:fc:d1:ae:49:3f:8f:2b:
                    15:ea:15:3e:2d:25:62:1c:e2:ca:48:58:e5:e9:60:
                    20:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:7C:FA:B2:88:83:8A:FC:58:BF:33:B7:D8:43:DD:C1:8F:1D:24:93
            X509v3 Authority Key Identifier:
                keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/33z6soiDivxYvzO32EPdwY8dJJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.193.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:e2:e6:01:b4:58:20:e2:66:0e:4a:4e:d5:65:cf:03:0a:e6:
         99:7e:bf:6f:34:db:5a:d7:5c:e8:ab:ae:6e:98:43:b6:1e:fa:
         6c:2b:0f:38:76:f0:13:ca:dc:52:55:6d:95:8f:2c:8b:35:03:
         72:c4:ff:5a:8b:0c:cd:82:19:f1:20:b6:86:06:75:cc:81:2f:
         bb:af:46:66:bb:1d:be:c9:6f:0f:a3:d2:8d:da:b9:7a:2d:1f:
         5b:1b:7e:74:4c:48:fc:a5:fe:5d:00:84:41:23:6a:bc:60:7e:
         a0:66:f7:2a:f2:4c:64:63:66:c7:1a:88:60:2a:f4:7a:28:b5:
         67:90:ad:ca:d7:56:14:60:98:0e:a3:14:2d:32:9a:0e:97:fb:
         f2:4a:aa:db:ce:75:2f:49:b1:62:cd:75:42:52:fb:73:fe:ac:
         09:38:c8:9a:ab:ff:b0:03:0b:39:6b:e2:e3:6e:b4:fe:94:09:
         3d:c6:f7:1a:90:16:d2:a8:28:75:a6:f9:69:97:2c:52:d1:79:
         a4:2d:b0:b2:2a:8f:ca:53:a5:bd:43:65:ec:34:45:a7:6e:4b:
         a4:5a:77:28:77:64:59:f1:aa:2a:47:47:57:a7:67:ff:36:58:
         0c:a9:a8:45:ac:8b:d3:59:3e:5d:f3:cd:e1:9c:68:23:b1:5b:
         89:25:72:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl0ESUq1M06PY+gqcP5Ifa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMwNzIwMTYxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdjZmFiMjg4ODM4YWZjNThiZjMzYjdkODQzZGRjMThmMWQyNDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFqsiUuLKmP66sKXkwtGOB9u1Lb2
ZxgowbLNYxaEwnWGJr3LLW1R+TUiMdhIdZp3u7RN5aj3XxOJ8jVB9WYGrwBHZnlM
eUOrHiOKZFR9/fCxYRyKeuAei/AE3kX5BWFbCkoWeW74UWqruynuO0ObH+5VK8lC
YEQIuYheOzawq5pqKZ29fUaP9aQLgcnGLOKx4MkRdtwVxw2jpQ4VeI37VJMPY3IB
GG5ukwNE9PYPxTxCfw2ageVGi5yIptvos+1ZdoWzeeiK6iqTh3yRJwxaS2Bd3Xcx
Xg7N763WxxIAc9+6f7nKgCW2VvzRrkk/jysV6hU+LSViHOLKSFjl6WAgewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN98+rKIg4r8WL8zt9hD3cGPHSSTMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvMzN6NnNvaURpdnhZdnpPMzJFUGR3WThkSkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8HqMA0G
CSqGSIb3DQEBCwUAA4IBAQA34uYBtFgg4mYOSk7VZc8DCuaZfr9vNNta11zoq65u
mEO2HvpsKw84dvATytxSVW2VjyyLNQNyxP9aiwzNghnxILaGBnXMgS+7r0Zmux2+
yW8Po9KN2rl6LR9bG350TEj8pf5dAIRBI2q8YH6gZvcq8kxkY2bHGohgKvR6KLVn
kK3K11YUYJgOoxQtMpoOl/vySqrbznUvSbFizXVCUvtz/qwJOMiaq/+wAws5a+Lj
brT+lAk9xvcakBbSqCh1pvlplyxS0XmkLbCyKo/KU6W9Q2XsNEWnbkukWncod2RZ
8aoqR0dXp2f/NlgMqahFrIvTWT5d883hnGgjsVuJJXK+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org