Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/J6urg9D3vOtUJvap5vS1Y3tf9r8.roa
File:                     J6urg9D3vOtUJvap5vS1Y3tf9r8.roa (raw, json)
Hash identifier:          il51ZQPv5hpn+biKbwUrDlf2JhHS03cl2ijl4QFNtdQ=
Subject key identifier:   27:AB:AB:83:D0:F7:BC:EB:54:26:F6:A9:E6:F4:B5:63:7B:5F:F6:BF
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       01869ED9F4F5CD2EB560BE137E50192054E9
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/J6urg9D3vOtUJvap5vS1Y3tf9r8.roa
Signing time:             Wed 01 Mar 2023 20:25:29 +0000
ROA not before:           Wed 01 Mar 2023 20:25:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50790
IP address blocks:        91.240.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 16:03:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9e:d9:f4:f5:cd:2e:b5:60:be:13:7e:50:19:20:54:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Mar  1 20:25:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27abab83d0f7bceb5426f6a9e6f4b5637b5ff6bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:8d:ed:5b:86:15:40:11:18:15:09:69:d7:0f:
                    37:b7:99:36:1f:82:3a:30:42:1c:f5:e3:9c:69:21:
                    9c:5e:34:53:55:2f:ae:04:37:df:16:c0:ad:4c:f4:
                    2a:c5:68:44:ec:fc:1e:88:bd:c6:2f:c4:59:cc:dd:
                    d1:ea:73:76:b4:a3:b4:d3:0e:b2:29:e5:74:b0:97:
                    19:10:44:8e:d9:ea:2d:c2:03:c7:82:03:9e:de:21:
                    92:3d:6f:f0:29:a6:70:4d:3d:0d:49:70:3e:11:cc:
                    42:a7:51:a5:8b:28:94:15:1a:4a:3f:01:04:f2:8a:
                    9b:6a:a8:fc:68:02:2e:44:fc:2a:f3:4b:ef:74:60:
                    56:ed:e7:7f:bd:0f:74:e6:76:4a:16:06:11:34:7e:
                    5f:77:05:30:98:9d:bd:fb:88:e6:29:49:ea:f7:58:
                    ed:7c:6a:32:e6:4d:04:83:65:41:82:b9:31:5c:7a:
                    8e:9b:cf:39:fc:c8:aa:44:8c:3a:47:21:db:e3:b4:
                    8f:92:63:af:09:b8:bf:18:9a:6e:dd:79:4b:f1:e0:
                    de:2d:4a:7e:0f:8c:67:be:4d:b5:41:74:3c:35:fe:
                    a1:d4:b2:08:b5:42:c3:6b:fb:a0:c9:a9:c4:c0:b7:
                    9c:58:8e:80:38:4d:41:28:f0:2b:99:18:52:1a:82:
                    9e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:AB:AB:83:D0:F7:BC:EB:54:26:F6:A9:E6:F4:B5:63:7B:5F:F6:BF
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/J6urg9D3vOtUJvap5vS1Y3tf9r8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.240.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:01:86:2c:48:49:ae:96:f4:68:6c:7a:d6:fd:af:c8:28:d7:
         74:b3:2b:50:58:a3:33:00:9a:69:92:53:08:6b:a8:9c:17:0a:
         16:be:d1:00:b6:6e:f4:46:bd:50:2d:5e:45:ce:ca:ce:c2:80:
         28:da:6e:59:3c:76:9f:44:8e:6b:a5:2f:35:b3:a8:da:e6:d5:
         35:24:50:0b:5a:d3:dc:6d:12:02:ed:0d:7e:ca:0c:d2:61:9c:
         3e:e1:db:a5:e7:b2:64:cf:55:55:63:b7:be:d8:8b:59:49:3d:
         8c:0c:e5:fc:d6:d5:81:5b:ff:af:89:18:a1:ed:f4:17:58:e1:
         71:f2:e5:b7:31:67:16:69:57:30:2a:65:9c:b4:18:31:31:6b:
         cf:66:fe:b2:18:3e:43:30:4c:c3:14:0a:49:90:24:42:62:2f:
         b9:dd:45:6d:2f:1c:6f:bc:9b:18:ba:4e:81:17:e0:9a:34:3e:
         fb:14:e5:47:c3:4d:14:98:9e:b7:68:b6:0b:63:10:49:8c:a0:
         6b:7a:8d:40:5d:cf:e8:e3:74:53:fa:3d:b4:9b:9f:c7:cd:6e:
         f8:b7:56:40:20:30:8c:a8:23:2d:db:fa:b8:d8:bb:4c:19:63:
         62:e9:52:a0:bc:6c:2f:19:9f:30:cc:cb:bd:49:c5:41:64:4e:
         5f:41:38:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYae2fT1zS61YL4TflAZIFTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwMzAxMjAyNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2FiYWI4M2QwZjdiY2ViNTQyNmY2YTllNmY0YjU2MzdiNWZmNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx43tW4YVQBEYFQlp1w83t5k2H4I6
MEIc9eOcaSGcXjRTVS+uBDffFsCtTPQqxWhE7PweiL3GL8RZzN3R6nN2tKO00w6y
KeV0sJcZEESO2eotwgPHggOe3iGSPW/wKaZwTT0NSXA+EcxCp1GliyiUFRpKPwEE
8oqbaqj8aAIuRPwq80vvdGBW7ed/vQ905nZKFgYRNH5fdwUwmJ29+4jmKUnq91jt
fGoy5k0Eg2VBgrkxXHqOm885/MiqRIw6RyHb47SPkmOvCbi/GJpu3XlL8eDeLUp+
D4xnvk21QXQ8Nf6h1LIItULDa/ugyanEwLecWI6AOE1BKPArmRhSGoKemwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCerq4PQ97zrVCb2qeb0tWN7X/a/MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvSjZ1cmc5RDN2T3RVSnZhcDV2UzFZM3RmOXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/AhMA0G
CSqGSIb3DQEBCwUAA4IBAQA/AYYsSEmulvRobHrW/a/IKNd0sytQWKMzAJppklMI
a6icFwoWvtEAtm70Rr1QLV5FzsrOwoAo2m5ZPHafRI5rpS81s6ja5tU1JFALWtPc
bRIC7Q1+ygzSYZw+4dul57Jkz1VVY7e+2ItZST2MDOX81tWBW/+viRih7fQXWOFx
8uW3MWcWaVcwKmWctBgxMWvPZv6yGD5DMEzDFApJkCRCYi+53UVtLxxvvJsYuk6B
F+CaND77FOVHw00UmJ63aLYLYxBJjKBreo1AXc/o43RT+j20m5/HzW74t1ZAIDCM
qCMt2/q42LtMGWNi6VKgvGwvGZ8wzMu9ScVBZE5fQTja
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:38 2024 by rpki-client on console-ams.rpki-client.org