Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/pY_k_S5yb4BrtOcHWnIc3YzgKv4.roa
File:                     pY_k_S5yb4BrtOcHWnIc3YzgKv4.roa (raw, json)
Hash identifier:          1f5QmfPxEKNUlzyAFah0oDdofRR/k+ki8C0S090sGIo=
Subject key identifier:   A5:8F:E4:FD:2E:72:6F:80:6B:B4:E7:07:5A:72:1C:DD:8C:E0:2A:FE
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       018A756BC857F63A45C683FA23A614E7ABE8
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/pY_k_S5yb4BrtOcHWnIc3YzgKv4.roa
Signing time:             Fri 08 Sep 2023 15:31:52 +0000
ROA not before:           Fri 08 Sep 2023 15:31:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57013
IP address blocks:        91.231.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:75:6b:c8:57:f6:3a:45:c6:83:fa:23:a6:14:e7:ab:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Sep  8 15:31:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a58fe4fd2e726f806bb4e7075a721cdd8ce02afe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:fb:48:31:93:6c:9b:e9:8f:a4:cc:78:43:c4:
                    fd:fb:8c:31:1f:d3:24:49:72:0e:31:5d:b2:73:a0:
                    40:99:aa:31:ca:8c:9e:d4:24:24:09:aa:8d:aa:b0:
                    9d:19:55:05:b8:fe:73:02:83:a3:f2:b5:c1:d0:ed:
                    c4:44:97:33:95:b5:45:bd:27:32:09:cb:70:e0:13:
                    e8:92:e2:c2:fc:da:df:f5:46:63:9d:5a:0f:ca:05:
                    2e:96:95:01:2b:87:0f:d3:a6:c3:d1:db:31:4e:67:
                    72:a2:69:82:5c:8c:5b:f4:cc:a2:23:a5:49:6f:fc:
                    64:d8:3a:ca:fb:0d:24:0d:07:88:3d:55:68:3c:a3:
                    c5:f4:6c:b9:85:fa:31:c9:16:1b:b3:be:fe:b6:d0:
                    2f:07:a1:e9:99:9b:0e:68:48:c0:f4:56:73:e2:16:
                    be:92:63:ed:c6:00:0a:87:18:52:cf:e1:2a:0d:49:
                    61:03:83:5d:31:09:be:06:40:bd:fa:fb:b3:66:ea:
                    e9:ef:b2:a3:33:5e:ff:6c:b6:6f:9d:67:6b:fa:8f:
                    ae:8b:63:43:74:d1:b5:be:b2:ab:ce:ea:19:e4:57:
                    8b:c1:83:9a:ec:6b:e9:5b:38:2b:5c:7a:23:bc:e4:
                    47:1b:85:1d:3b:a6:9e:50:e7:f2:08:e9:44:6c:95:
                    c3:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:8F:E4:FD:2E:72:6F:80:6B:B4:E7:07:5A:72:1C:DD:8C:E0:2A:FE
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/pY_k_S5yb4BrtOcHWnIc3YzgKv4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.231.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:95:79:2f:e0:e6:61:d0:b3:a8:e4:ff:82:8c:20:67:27:db:
         31:38:7c:d6:3c:d1:10:f6:85:53:54:61:97:41:4e:13:11:90:
         f4:eb:6f:1c:31:b5:2f:9c:ee:5a:dc:8e:67:b7:51:cd:67:26:
         cb:1e:ff:89:6e:b1:24:4e:f7:f3:d7:94:0a:16:7b:77:59:fc:
         a2:60:0a:ad:88:a2:ff:d0:5b:b2:e2:54:50:db:6e:00:fe:2f:
         07:66:0a:11:24:cf:2d:f6:10:f5:4c:e0:79:2d:54:92:d4:56:
         7e:e4:22:eb:a2:22:96:8a:bd:5f:29:3f:41:89:95:e6:e5:81:
         f5:8c:8c:07:bf:eb:e6:4f:03:9c:2f:cc:68:64:22:01:22:3d:
         a6:47:b4:01:82:fa:08:a8:8c:63:17:cd:09:ac:f9:20:84:92:
         19:c5:a2:c7:99:ae:11:ab:b5:37:f2:53:4c:96:24:46:c6:d4:
         87:14:a1:78:b8:67:f6:6e:3f:33:f7:b4:46:aa:83:2b:41:bf:
         0d:cd:d7:e7:48:af:f7:51:88:b8:05:c1:c4:e6:b7:6d:d2:a7:
         2b:26:9d:08:bb:fd:4f:0d:be:88:67:f1:9d:68:22:1a:31:c5:
         63:5b:76:3c:9c:06:16:80:ba:3e:8e:01:c0:29:0c:e5:5c:62:
         e4:16:cf:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYp1a8hX9jpFxoP6I6YU56voMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwOTA4MTUzMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThmZTRmZDJlNzI2ZjgwNmJiNGU3MDc1YTcyMWNkZDhjZTAyYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPtIMZNsm+mPpMx4Q8T9+4wxH9Mk
SXIOMV2yc6BAmaoxyoye1CQkCaqNqrCdGVUFuP5zAoOj8rXB0O3ERJczlbVFvScy
Cctw4BPokuLC/Nrf9UZjnVoPygUulpUBK4cP06bD0dsxTmdyommCXIxb9MyiI6VJ
b/xk2DrK+w0kDQeIPVVoPKPF9Gy5hfoxyRYbs77+ttAvB6HpmZsOaEjA9FZz4ha+
kmPtxgAKhxhSz+EqDUlhA4NdMQm+BkC9+vuzZurp77KjM17/bLZvnWdr+o+ui2ND
dNG1vrKrzuoZ5FeLwYOa7GvpWzgrXHojvORHG4UdO6aeUOfyCOlEbJXDswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWP5P0ucm+Aa7TnB1pyHN2M4Cr+MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvcFlfa19TNXliNEJydE9jSFduSWMzWXpnS3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+e7MA0G
CSqGSIb3DQEBCwUAA4IBAQCJlXkv4OZh0LOo5P+CjCBnJ9sxOHzWPNEQ9oVTVGGX
QU4TEZD0628cMbUvnO5a3I5nt1HNZybLHv+JbrEkTvfz15QKFnt3WfyiYAqtiKL/
0Fuy4lRQ224A/i8HZgoRJM8t9hD1TOB5LVSS1FZ+5CLroiKWir1fKT9BiZXm5YH1
jIwHv+vmTwOcL8xoZCIBIj2mR7QBgvoIqIxjF80JrPkghJIZxaLHma4Rq7U38lNM
liRGxtSHFKF4uGf2bj8z97RGqoMrQb8NzdfnSK/3UYi4BcHE5rdt0qcrJp0Iu/1P
Db6IZ/GdaCIaMcVjW3Y8nAYWgLo+jgHAKQzlXGLkFs/C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:51 2024 by rpki-client on console-fra.rpki-client.org