Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/1moBM59nQBVwOU-6etxHzfzk-jY.roa
File:                     1moBM59nQBVwOU-6etxHzfzk-jY.roa (raw, json)
Hash identifier:          M2ne0+SzKRa1yCpB2e+SiiydqQQ4Tlj4EJzHP28DQHI=
Subject key identifier:   D6:6A:01:33:9F:67:40:15:70:39:4F:BA:7A:DC:47:CD:FC:E4:FA:36
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       01892E5535012D5C9C5E5010B57FE6395016
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/1moBM59nQBVwOU-6etxHzfzk-jY.roa
Signing time:             Fri 07 Jul 2023 03:11:23 +0000
ROA not before:           Fri 07 Jul 2023 03:11:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5511
IP address blocks:        91.240.228.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2e:55:35:01:2d:5c:9c:5e:50:10:b5:7f:e6:39:50:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Jul  7 03:11:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d66a01339f67401570394fba7adc47cdfce4fa36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0e:49:3a:af:54:6d:95:3d:4e:cc:8b:fa:92:
                    23:3f:95:8a:a5:5f:88:3b:85:42:82:1f:fd:ba:91:
                    87:1f:23:b6:8a:4d:c9:06:47:c3:d3:ec:5b:fa:f9:
                    9c:e2:fb:9c:01:a4:f1:fd:60:3d:f6:29:b7:a8:02:
                    7b:46:83:12:d0:19:26:69:4a:2c:0e:5a:2a:27:0b:
                    99:eb:0d:a8:d6:f7:2c:ac:ff:d7:27:22:fb:dc:fd:
                    2a:81:ea:d5:99:6c:38:d8:71:40:6c:78:fe:be:21:
                    ab:4e:8d:0a:8d:ca:3e:34:4f:55:d0:30:b3:96:5c:
                    12:ff:c7:14:b8:9f:43:9e:5d:d0:f5:15:7e:fa:2f:
                    b7:c5:ae:ac:00:8d:04:ac:bc:5f:98:68:83:a5:24:
                    52:50:42:86:a5:8e:d2:ed:76:c2:48:59:78:fd:0f:
                    1a:6c:72:98:02:db:c1:c3:5d:ae:d3:8c:63:e5:27:
                    9f:6b:ab:d4:b8:86:52:74:8a:56:8d:7e:41:00:39:
                    9c:5d:df:c0:2b:fb:b2:ea:7c:28:33:9e:90:45:c6:
                    2a:76:4f:b0:b6:e1:c9:0f:ea:46:4e:47:4d:91:a5:
                    06:01:58:45:7e:ef:22:f5:0b:eb:79:45:0d:ff:7f:
                    6d:a1:93:2d:35:e5:ce:58:05:3e:e7:16:83:fa:ef:
                    89:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:6A:01:33:9F:67:40:15:70:39:4F:BA:7A:DC:47:CD:FC:E4:FA:36
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/1moBM59nQBVwOU-6etxHzfzk-jY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.240.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:ff:ef:90:5f:f5:fe:13:ab:5c:20:11:53:54:84:04:8f:41:
         3f:22:fa:2e:33:8b:36:73:4f:ee:f0:d5:92:24:8a:62:df:f9:
         00:da:55:35:be:24:88:de:7d:d4:c8:a7:9f:18:94:d5:cd:bb:
         0a:47:7c:d0:9b:f6:18:68:b2:40:85:4d:7a:4e:98:97:07:e8:
         8a:34:9e:f2:60:d7:d3:74:95:ea:b3:25:17:d2:b3:f2:00:b4:
         11:d9:17:86:25:26:11:26:56:12:62:25:88:9c:a7:03:a9:7c:
         5f:24:62:de:81:27:32:13:3c:0e:bf:98:03:35:80:94:f0:a2:
         7a:be:75:2e:e3:d9:87:92:75:3e:da:3b:07:2d:06:de:08:eb:
         6e:f8:a2:fd:12:e8:0a:13:05:ce:d4:19:1a:15:55:f2:89:e1:
         1b:98:61:56:31:38:a8:74:66:ba:2c:70:95:77:a0:e7:df:e9:
         4e:50:e1:52:ce:b0:43:b8:0b:f4:32:d6:1a:9c:9e:be:42:d7:
         d5:ca:4d:26:9c:80:e7:ac:ce:09:e2:06:ea:1b:db:c1:a5:1d:
         c0:b6:88:a2:6b:6c:5e:e7:a0:39:a5:35:f4:2e:13:1d:bc:fe:
         41:1d:6a:09:5d:2b:b3:fe:35:41:cf:2a:bf:87:a8:0f:75:9d:
         bb:63:bf:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkuVTUBLVycXlAQtX/mOVAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjMwNzA3MDMxMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjZhMDEzMzlmNjc0MDE1NzAzOTRmYmE3YWRjNDdjZGZjZTRmYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg5JOq9UbZU9TsyL+pIjP5WKpV+I
O4VCgh/9upGHHyO2ik3JBkfD0+xb+vmc4vucAaTx/WA99im3qAJ7RoMS0BkmaUos
DloqJwuZ6w2o1vcsrP/XJyL73P0qgerVmWw42HFAbHj+viGrTo0Kjco+NE9V0DCz
llwS/8cUuJ9Dnl3Q9RV++i+3xa6sAI0ErLxfmGiDpSRSUEKGpY7S7XbCSFl4/Q8a
bHKYAtvBw12u04xj5Sefa6vUuIZSdIpWjX5BADmcXd/AK/uy6nwoM56QRcYqdk+w
tuHJD+pGTkdNkaUGAVhFfu8i9QvreUUN/39toZMtNeXOWAU+5xaD+u+JRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZqATOfZ0AVcDlPunrcR8385Po2MB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvMW1vQk01OW5RQlZ3T1UtNmV0eEh6ZnprLWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/DkMA0G
CSqGSIb3DQEBCwUAA4IBAQAB/++QX/X+E6tcIBFTVIQEj0E/IvouM4s2c0/u8NWS
JIpi3/kA2lU1viSI3n3UyKefGJTVzbsKR3zQm/YYaLJAhU16TpiXB+iKNJ7yYNfT
dJXqsyUX0rPyALQR2ReGJSYRJlYSYiWInKcDqXxfJGLegScyEzwOv5gDNYCU8KJ6
vnUu49mHknU+2jsHLQbeCOtu+KL9EugKEwXO1BkaFVXyieEbmGFWMTiodGa6LHCV
d6Dn3+lOUOFSzrBDuAv0MtYanJ6+QtfVyk0mnIDnrM4J4gbqG9vBpR3Atoiia2xe
56A5pTX0LhMdvP5BHWoJXSuz/jVBzyq/h6gPdZ27Y7+0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org