Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/aa3661-deb3-45a4-8693-3881a8b827ac/1/_TrKLEA0bhI0NuAx3YtkqSs-dkU.roa
File:                     _TrKLEA0bhI0NuAx3YtkqSs-dkU.roa (raw, json)
Hash identifier:          NILooIHkVGERS4m6dlvauzwfrzwGmqFGfvqvpX/rdbc=
Subject key identifier:   FD:3A:CA:2C:40:34:6E:12:34:36:E0:31:DD:8B:64:A9:2B:3E:76:45
Certificate issuer:       /CN=41fc55ee2488fb9401c4b668abac54110ebb8092
Certificate serial:       018C10AE355124DF1A6626081C7AEA75BCE3
Authority key identifier: 41:FC:55:EE:24:88:FB:94:01:C4:B6:68:AB:AC:54:11:0E:BB:80:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QfxV7iSI-5QBxLZoq6xUEQ67gJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/aa3661-deb3-45a4-8693-3881a8b827ac/1/_TrKLEA0bhI0NuAx3YtkqSs-dkU.roa
Signing time:             Mon 27 Nov 2023 12:08:21 +0000
ROA not before:           Mon 27 Nov 2023 12:08:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50246
IP address blocks:        91.227.187.0/24 maxlen: 24
                          193.29.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:10:ae:35:51:24:df:1a:66:26:08:1c:7a:ea:75:bc:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41fc55ee2488fb9401c4b668abac54110ebb8092
        Validity
            Not Before: Nov 27 12:08:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd3aca2c40346e123436e031dd8b64a92b3e7645
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:22:37:fc:63:18:59:4a:0d:62:be:e4:a7:f4:
                    f3:84:9c:ea:d3:59:df:de:da:77:a8:3b:74:e8:2c:
                    5e:da:b6:da:f3:f7:05:7c:b5:f1:c4:9a:c6:d0:a7:
                    c1:6a:33:7d:cb:1a:4d:5e:ee:61:4f:3e:93:7a:2a:
                    57:cd:c8:d5:5f:c4:9a:e3:f0:13:aa:1e:c1:eb:6f:
                    f1:bf:8f:77:8f:b5:99:f4:18:81:b7:1f:04:72:b5:
                    c1:33:52:99:27:8b:82:2b:b3:8d:3e:4f:30:fe:dc:
                    81:b7:d4:72:26:99:1d:04:3c:fa:65:be:c1:36:e7:
                    be:93:25:7f:5d:ab:36:1f:05:a8:ee:0e:35:46:4d:
                    c4:79:c5:fe:6c:6f:a3:4f:ce:3a:19:eb:65:3d:6b:
                    92:f8:36:62:ce:30:2b:59:f0:85:b0:13:02:a6:7e:
                    bf:e9:9a:23:d9:b1:dc:e4:1c:82:dc:e7:d3:1d:e3:
                    23:2a:86:e9:92:b1:be:60:2d:c2:06:64:8b:34:74:
                    6b:be:5d:58:ad:e2:da:d9:58:8b:99:db:52:9b:e6:
                    9f:90:61:63:3a:fc:02:fe:15:0e:db:4a:34:e0:69:
                    ea:cc:de:f6:32:e4:9a:9a:0a:e6:1b:8c:9f:8e:49:
                    ab:8b:93:3d:49:9e:22:28:dc:93:4b:79:58:de:9f:
                    bf:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:3A:CA:2C:40:34:6E:12:34:36:E0:31:DD:8B:64:A9:2B:3E:76:45
            X509v3 Authority Key Identifier:
                keyid:41:FC:55:EE:24:88:FB:94:01:C4:B6:68:AB:AC:54:11:0E:BB:80:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfxV7iSI-5QBxLZoq6xUEQ67gJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/aa3661-deb3-45a4-8693-3881a8b827ac/1/_TrKLEA0bhI0NuAx3YtkqSs-dkU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/aa3661-deb3-45a4-8693-3881a8b827ac/1/QfxV7iSI-5QBxLZoq6xUEQ67gJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.227.187.0/24
                  193.29.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:c9:7b:62:27:5a:1b:52:13:a8:7e:3c:fe:0a:7c:ed:82:32:
         f1:13:10:58:55:94:4f:e4:46:0e:a0:74:7b:a3:5e:a1:81:d2:
         df:bf:98:dd:2d:b9:7e:04:21:2d:90:8d:cd:e8:ac:84:94:f3:
         47:3d:6f:4e:35:74:76:ec:2b:f9:c5:f4:f3:ff:32:de:af:fb:
         bc:20:5c:47:b4:ea:7f:19:1f:d7:8c:33:6e:50:7c:16:15:6b:
         41:80:64:d7:59:c6:3d:f9:ae:64:0a:a4:25:48:8b:cd:7d:4f:
         f5:bd:69:dc:43:63:3a:ec:f7:b9:a0:c1:d9:37:1c:7e:2d:40:
         9b:00:30:10:ee:4c:97:22:a2:df:57:0d:2c:a9:ac:9f:0f:c2:
         b4:1c:b4:f5:f0:72:7b:1a:b6:ad:03:88:09:d2:52:a0:23:87:
         8d:00:d3:9f:4e:8a:15:a7:23:20:21:b7:7f:80:0b:6a:88:80:
         ef:9a:2a:e0:4c:2c:6f:93:ba:85:ff:52:06:b1:8f:7c:04:98:
         de:f9:e6:9d:b7:ae:94:5b:85:21:75:27:0b:f7:2d:d5:7c:45:
         c7:fd:cb:95:0c:de:66:a1:1e:b9:2d:56:17:09:02:62:72:6c:
         c1:e2:41:7e:7c:16:be:19:3a:25:2e:79:3d:fa:5c:e0:b9:61:
         78:b1:d0:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwQrjVRJN8aZiYIHHrqdbzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZmM1NWVlMjQ4OGZiOTQwMWM0YjY2OGFiYWM1NDExMGVi
YjgwOTIwHhcNMjMxMTI3MTIwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNhY2EyYzQwMzQ2ZTEyMzQzNmUwMzFkZDhiNjRhOTJiM2U3NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSI3/GMYWUoNYr7kp/TzhJzq01nf
3tp3qDt06Cxe2rba8/cFfLXxxJrG0KfBajN9yxpNXu5hTz6TeipXzcjVX8Sa4/AT
qh7B62/xv493j7WZ9BiBtx8EcrXBM1KZJ4uCK7ONPk8w/tyBt9RyJpkdBDz6Zb7B
Nue+kyV/Xas2HwWo7g41Rk3EecX+bG+jT846GetlPWuS+DZizjArWfCFsBMCpn6/
6Zoj2bHc5ByC3OfTHeMjKobpkrG+YC3CBmSLNHRrvl1YreLa2ViLmdtSm+afkGFj
OvwC/hUO20o04GnqzN72MuSamgrmG4yfjkmri5M9SZ4iKNyTS3lY3p+/mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP06yixANG4SNDbgMd2LZKkrPnZFMB8GA1UdIwQY
MBaAFEH8Ve4kiPuUAcS2aKusVBEOu4CSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZ4VjdpU0ktNVFCeExab3E2eFVFUTY3Z0pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hYTM2NjEtZGViMy00NWE0LTg2OTMt
Mzg4MWE4YjgyN2FjLzEvX1RyS0xFQTBiaEkwTnVBeDNZdGtxU3MtZGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hYTM2NjEtZGViMy00NWE0LTg2OTMtMzg4MWE4YjgyN2Fj
LzEvUWZ4VjdpU0ktNVFCeExab3E2eFVFUTY3Z0pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+O7AwQA
wR0mMA0GCSqGSIb3DQEBCwUAA4IBAQA5yXtiJ1obUhOofjz+CnztgjLxExBYVZRP
5EYOoHR7o16hgdLfv5jdLbl+BCEtkI3N6KyElPNHPW9ONXR27Cv5xfTz/zLer/u8
IFxHtOp/GR/XjDNuUHwWFWtBgGTXWcY9+a5kCqQlSIvNfU/1vWncQ2M67Pe5oMHZ
Nxx+LUCbADAQ7kyXIqLfVw0sqayfD8K0HLT18HJ7GratA4gJ0lKgI4eNANOfTooV
pyMgIbd/gAtqiIDvmirgTCxvk7qF/1IGsY98BJje+eadt66UW4UhdScL9y3VfEXH
/cuVDN5moR65LVYXCQJicmzB4kF+fBa+GTolLnk9+lzguWF4sdCU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org