Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/bGHVmN3WqhBB4Ly7at4WSNp9LK4.roa
File:                     bGHVmN3WqhBB4Ly7at4WSNp9LK4.roa (raw, json)
Hash identifier:          XKu+wTLfRTA57m08wZU4TJfHYTsqZqK/HNca2CTcNyU=
Subject key identifier:   6C:61:D5:98:DD:D6:AA:10:41:E0:BC:BB:6A:DE:16:48:DA:7D:2C:AE
Certificate issuer:       /CN=5aa4e5710a46536bef2af36bf63f1940bc37bd42
Certificate serial:       01856EA6A23BE58CF07556AD8A806F0FCCC5
Authority key identifier: 5A:A4:E5:71:0A:46:53:6B:EF:2A:F3:6B:F6:3F:19:40:BC:37:BD:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/bGHVmN3WqhBB4Ly7at4WSNp9LK4.roa
Signing time:             Sun 01 Jan 2023 18:44:52 +0000
ROA not before:           Sun 01 Jan 2023 18:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198606
IP address blocks:        91.237.96.0/24 maxlen: 24
                          2001:67c:28c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:a2:3b:e5:8c:f0:75:56:ad:8a:80:6f:0f:cc:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5aa4e5710a46536bef2af36bf63f1940bc37bd42
        Validity
            Not Before: Jan  1 18:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c61d598ddd6aa1041e0bcbb6ade1648da7d2cae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:1f:0e:79:fc:88:a4:b5:92:c4:b8:b2:b1:4a:
                    8c:a9:14:bf:a0:81:07:a1:03:77:94:6f:cd:2a:6b:
                    ab:4d:93:1b:3f:02:cb:e9:7a:f3:85:fa:e2:43:c2:
                    4a:6a:7f:2b:fe:d7:5d:87:07:dd:80:b3:06:d5:c8:
                    b7:30:2d:95:02:ba:15:f7:2a:e6:79:25:71:79:88:
                    24:fc:9f:38:e3:49:e4:be:d6:6a:47:0c:a6:8b:b1:
                    c1:bd:43:fd:a3:fb:d0:7f:3c:79:7e:bc:73:9a:91:
                    59:ea:31:87:cb:05:59:57:89:1b:0e:55:3e:fa:de:
                    4a:f0:31:f4:5c:a0:87:31:8c:8b:a2:50:69:40:eb:
                    de:3e:9c:cd:34:42:9f:7f:81:76:53:ae:28:bc:50:
                    d1:b5:33:c9:88:85:89:a8:09:a9:da:5c:00:ac:2b:
                    a8:76:d6:3b:8c:bd:6a:04:a6:5e:b9:05:2a:80:ce:
                    35:bf:5d:3d:23:cd:56:66:63:d1:c0:24:11:35:9e:
                    7f:de:76:0c:23:5c:1d:25:a3:c3:cb:9d:61:cb:79:
                    94:27:19:98:d7:39:8b:fa:04:64:40:6d:5e:cb:f4:
                    1f:f9:14:d1:48:3a:21:50:69:1a:6a:9e:ec:f8:42:
                    29:38:bc:1d:de:2f:a6:93:ad:0d:c1:7b:55:c5:1a:
                    7f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:61:D5:98:DD:D6:AA:10:41:E0:BC:BB:6A:DE:16:48:DA:7D:2C:AE
            X509v3 Authority Key Identifier:
                keyid:5A:A4:E5:71:0A:46:53:6B:EF:2A:F3:6B:F6:3F:19:40:BC:37:BD:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/bGHVmN3WqhBB4Ly7at4WSNp9LK4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.96.0/24
                IPv6:
                  2001:67c:28c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:ad:53:c7:09:0f:32:b9:1a:4e:0c:0a:88:c0:22:a7:10:2f:
         64:42:a6:8d:8a:50:af:8a:3e:a4:57:8e:b2:61:38:ef:84:c6:
         05:b9:5c:1e:17:98:d7:70:97:fa:e3:fe:50:fb:56:10:d3:8b:
         de:ab:28:80:b2:69:ff:b4:17:cf:bd:e7:2d:43:76:4e:54:0d:
         05:ce:67:f3:7a:07:32:46:36:6b:ab:48:ac:80:c7:de:8a:f8:
         79:80:c1:e7:ac:dc:a9:45:b8:62:8b:e1:67:a4:c4:b9:a6:8a:
         a6:5b:77:23:bd:68:25:be:44:f3:40:98:32:c8:b9:f1:42:cd:
         17:b6:98:8c:56:57:6c:29:1b:06:8c:ea:e1:40:58:72:a1:53:
         d5:dd:e2:80:96:86:79:43:9d:b3:6f:5f:81:82:fd:9e:a0:b7:
         d0:99:c3:1a:0d:d2:93:a0:71:70:b4:c4:2c:85:8e:27:ca:7a:
         ae:26:23:74:2c:d7:f5:0c:56:68:70:c4:d2:58:4a:14:a3:45:
         84:71:d8:b2:b4:c8:00:ce:87:3c:b9:25:62:4d:38:4b:c3:33:
         b3:d1:a0:3c:c7:c7:12:95:09:99:5e:6a:c2:44:50:62:fc:44:
         06:0d:ac:51:df:ed:ef:53:3e:fb:d6:4b:75:f2:bb:bb:11:cb:
         8d:99:3b:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVupqI75YzwdVatioBvD8zFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTRlNTcxMGE0NjUzNmJlZjJhZjM2YmY2M2YxOTQwYmMz
N2JkNDIwHhcNMjMwMTAxMTg0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzYxZDU5OGRkZDZhYTEwNDFlMGJjYmI2YWRlMTY0OGRhN2QyY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR8OefyIpLWSxLiysUqMqRS/oIEH
oQN3lG/NKmurTZMbPwLL6XrzhfriQ8JKan8r/tddhwfdgLMG1ci3MC2VAroV9yrm
eSVxeYgk/J8440nkvtZqRwymi7HBvUP9o/vQfzx5frxzmpFZ6jGHywVZV4kbDlU+
+t5K8DH0XKCHMYyLolBpQOvePpzNNEKff4F2U64ovFDRtTPJiIWJqAmp2lwArCuo
dtY7jL1qBKZeuQUqgM41v109I81WZmPRwCQRNZ5/3nYMI1wdJaPDy51hy3mUJxmY
1zmL+gRkQG1ey/Qf+RTRSDohUGkaap7s+EIpOLwd3i+mk60NwXtVxRp/WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGxh1Zjd1qoQQeC8u2reFkjafSyuMB8GA1UdIwQY
MBaAFFqk5XEKRlNr7yrza/Y/GUC8N71CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FUbGNRcEdVMnZ2S3ZOcjlqOFpRTHczdlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xZGQ4MWMtNjY1ZS00Yjc2LTkxZmIt
NDRkYzUyYTE5Y2U1LzEvYkdIVm1OM1dxaEJCNEx5N2F0NFdTTnA5TEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xZGQ4MWMtNjY1ZS00Yjc2LTkxZmItNDRkYzUyYTE5Y2U1
LzEvV3FUbGNRcEdVMnZ2S3ZOcjlqOFpRTHczdlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+1gMA8E
AgACMAkDBwAgAQZ8KMAwDQYJKoZIhvcNAQELBQADggEBAIytU8cJDzK5Gk4MCojA
IqcQL2RCpo2KUK+KPqRXjrJhOO+ExgW5XB4XmNdwl/rj/lD7VhDTi96rKICyaf+0
F8+95y1Ddk5UDQXOZ/N6BzJGNmurSKyAx96K+HmAwees3KlFuGKL4WekxLmmiqZb
dyO9aCW+RPNAmDLIufFCzRe2mIxWV2wpGwaM6uFAWHKhU9Xd4oCWhnlDnbNvX4GC
/Z6gt9CZwxoN0pOgcXC0xCyFjifKeq4mI3Qs1/UMVmhwxNJYShSjRYRx2LK0yADO
hzy5JWJNOEvDM7PRoDzHxxKVCZleasJEUGL8RAYNrFHf7e9TPvvWS3Xyu7sRy42Z
O6c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:05 2024 by rpki-client on console-fra.rpki-client.org