Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/50f7e1-6cbc-4f5a-b2eb-b062e9725b1d/1/IocfSSbPLR2xrmQP5NXhIGMBE0c.roa
File:                     IocfSSbPLR2xrmQP5NXhIGMBE0c.roa (raw, json)
Hash identifier:          jsB+vVHqU3ZQBUgHoGr3O1bJaTeXYaTJJyHIu0tMxAo=
Subject key identifier:   22:87:1F:49:26:CF:2D:1D:B1:AE:64:0F:E4:D5:E1:20:63:01:13:47
Certificate issuer:       /CN=df512010611f91b16296728a94d1a665b4ab7570
Certificate serial:       0185729F02485FC80E39EA51FAF9E04E6032
Authority key identifier: DF:51:20:10:61:1F:91:B1:62:96:72:8A:94:D1:A6:65:B4:AB:75:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31EgEGEfkbFilnKKlNGmZbSrdXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/50f7e1-6cbc-4f5a-b2eb-b062e9725b1d/1/IocfSSbPLR2xrmQP5NXhIGMBE0c.roa
Signing time:             Mon 02 Jan 2023 13:15:01 +0000
ROA not before:           Mon 02 Jan 2023 13:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24961
IP address blocks:        91.194.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9f:02:48:5f:c8:0e:39:ea:51:fa:f9:e0:4e:60:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df512010611f91b16296728a94d1a665b4ab7570
        Validity
            Not Before: Jan  2 13:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22871f4926cf2d1db1ae640fe4d5e12063011347
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:85:ae:8b:87:1e:24:db:8d:7c:7b:fc:fb:ac:
                    d5:81:07:35:b8:9e:26:64:a4:29:0a:4d:3d:fc:e5:
                    f4:13:05:d0:ef:fa:7f:a3:40:20:ac:42:d4:09:7a:
                    b3:0c:04:83:9f:93:f6:7a:47:11:50:d0:e3:c2:3c:
                    88:41:a8:7f:8a:f1:e0:1f:5a:44:32:2e:b0:f7:49:
                    32:9e:c1:1c:33:5e:56:ba:3a:00:09:fa:5c:f8:75:
                    2d:6a:65:2d:32:4d:0b:8e:93:55:00:21:39:cd:54:
                    06:7b:fe:a5:51:6f:b7:32:b7:27:4f:4b:b8:08:ff:
                    5e:98:58:e1:b4:cd:be:75:df:d9:5e:47:99:fc:ef:
                    e7:54:9d:3a:98:7a:82:54:b1:75:2c:9b:30:22:b5:
                    e2:ea:2d:d7:20:9d:5c:5e:46:3e:93:8b:b9:1d:2e:
                    99:c0:93:f2:5d:6c:17:fd:8f:f8:db:15:81:9c:63:
                    7f:19:02:4e:dc:56:41:36:02:ab:93:e6:58:9e:70:
                    93:30:fa:a7:7e:68:a0:5f:57:48:b8:d2:e0:b4:93:
                    08:8a:e4:dd:a0:3e:02:c1:57:cc:e5:69:99:b2:33:
                    6c:15:58:e4:ed:5e:46:a8:7a:1b:b8:21:5b:18:66:
                    79:c3:2a:8c:f1:b0:0c:c3:51:83:08:53:53:50:9b:
                    63:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:87:1F:49:26:CF:2D:1D:B1:AE:64:0F:E4:D5:E1:20:63:01:13:47
            X509v3 Authority Key Identifier:
                keyid:DF:51:20:10:61:1F:91:B1:62:96:72:8A:94:D1:A6:65:B4:AB:75:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31EgEGEfkbFilnKKlNGmZbSrdXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f7e1-6cbc-4f5a-b2eb-b062e9725b1d/1/IocfSSbPLR2xrmQP5NXhIGMBE0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f7e1-6cbc-4f5a-b2eb-b062e9725b1d/1/31EgEGEfkbFilnKKlNGmZbSrdXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.194.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:3a:c4:39:1d:42:57:dc:c2:64:45:08:c8:19:8a:f0:95:45:
         9b:b1:df:7c:e9:cf:e2:89:37:bc:cd:e3:c1:ef:e4:1a:09:21:
         8a:32:7a:53:e3:90:92:17:78:86:9a:a2:13:02:18:f3:a1:35:
         4f:07:ef:0e:7a:42:85:88:8e:99:3e:21:4d:84:2d:2c:12:b1:
         cf:e2:7e:66:4f:bc:91:62:c1:86:36:ee:84:72:54:81:13:da:
         b3:4a:98:98:9a:d8:63:8d:1a:08:5a:ae:6a:7c:01:4e:56:ce:
         d9:57:14:41:98:71:7a:23:f6:1b:51:e3:68:ec:46:18:95:06:
         36:34:61:fc:be:b1:7f:f3:02:83:65:f0:a4:4a:b1:98:ce:a1:
         4f:c0:8a:e2:fa:c1:e2:e8:2e:fe:b3:a5:bc:83:d5:20:ab:fa:
         58:01:48:10:77:96:a4:54:9f:46:e3:44:be:b3:bd:a7:9e:28:
         64:62:06:44:5a:e9:80:e9:55:d2:5d:e3:28:47:13:25:e5:a5:
         be:a5:1e:0d:f9:0f:2d:17:5f:10:a2:ec:f4:6f:8e:af:89:2c:
         b1:58:b9:f4:9f:a6:ef:5f:32:78:c8:d9:e5:92:c4:e0:c7:07:
         f6:0e:4b:7d:78:02:55:df:4e:b1:40:bb:40:76:3d:04:92:a3:
         c2:3f:08:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynwJIX8gOOepR+vngTmAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTEyMDEwNjExZjkxYjE2Mjk2NzI4YTk0ZDFhNjY1YjRh
Yjc1NzAwHhcNMjMwMTAyMTMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg3MWY0OTI2Y2YyZDFkYjFhZTY0MGZlNGQ1ZTEyMDYzMDExMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIWui4ceJNuNfHv8+6zVgQc1uJ4m
ZKQpCk09/OX0EwXQ7/p/o0AgrELUCXqzDASDn5P2ekcRUNDjwjyIQah/ivHgH1pE
Mi6w90kynsEcM15WujoACfpc+HUtamUtMk0LjpNVACE5zVQGe/6lUW+3MrcnT0u4
CP9emFjhtM2+dd/ZXkeZ/O/nVJ06mHqCVLF1LJswIrXi6i3XIJ1cXkY+k4u5HS6Z
wJPyXWwX/Y/42xWBnGN/GQJO3FZBNgKrk+ZYnnCTMPqnfmigX1dIuNLgtJMIiuTd
oD4CwVfM5WmZsjNsFVjk7V5GqHobuCFbGGZ5wyqM8bAMw1GDCFNTUJtjJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKHH0kmzy0dsa5kD+TV4SBjARNHMB8GA1UdIwQY
MBaAFN9RIBBhH5GxYpZyipTRpmW0q3VwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFFZ0VHRWZrYkZpbG5LS2xOR21aYlNyZFhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81MGY3ZTEtNmNiYy00ZjVhLWIyZWIt
YjA2MmU5NzI1YjFkLzEvSW9jZlNTYlBMUjJ4cm1RUDVOWGhJR01CRTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81MGY3ZTEtNmNiYy00ZjVhLWIyZWItYjA2MmU5NzI1YjFk
LzEvMzFFZ0VHRWZrYkZpbG5LS2xOR21aYlNyZFhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8JVMA0G
CSqGSIb3DQEBCwUAA4IBAQBPOsQ5HUJX3MJkRQjIGYrwlUWbsd986c/iiTe8zePB
7+QaCSGKMnpT45CSF3iGmqITAhjzoTVPB+8OekKFiI6ZPiFNhC0sErHP4n5mT7yR
YsGGNu6EclSBE9qzSpiYmthjjRoIWq5qfAFOVs7ZVxRBmHF6I/YbUeNo7EYYlQY2
NGH8vrF/8wKDZfCkSrGYzqFPwIri+sHi6C7+s6W8g9Ugq/pYAUgQd5akVJ9G40S+
s72nnihkYgZEWumA6VXSXeMoRxMl5aW+pR4N+Q8tF18Qouz0b46viSyxWLn0n6bv
XzJ4yNnlksTgxwf2Dkt9eAJV306xQLtAdj0EkqPCPwjY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:17 2024 by rpki-client on console-fra.rpki-client.org