Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/1-rhtfixCtmuhNj7PolQOPAgT_4g.roa
File:                     1-rhtfixCtmuhNj7PolQOPAgT_4g.roa (raw, json)
Hash identifier:          ztq3Msruo0pF20cuP32omOlaPhDst6LtJ5U9lSBSZbw=
Subject key identifier:   FA:B8:6D:7E:2C:42:B6:6B:A1:36:3E:CF:A2:54:0E:3C:08:13:FF:88
Certificate issuer:       /CN=1741bd7685138dc51d5a6b0cd3780f466b57fd13
Certificate serial:       01856DC1D64D0EB4CCEDA38C62AB9A88B59A
Authority key identifier: 17:41:BD:76:85:13:8D:C5:1D:5A:6B:0C:D3:78:0F:46:6B:57:FD:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F0G9doUTjcUdWmsM03gPRmtX_RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/1-rhtfixCtmuhNj7PolQOPAgT_4g.roa
Signing time:             Sun 01 Jan 2023 14:34:57 +0000
ROA not before:           Sun 01 Jan 2023 14:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13030
IP address blocks:        91.198.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:c1:d6:4d:0e:b4:cc:ed:a3:8c:62:ab:9a:88:b5:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1741bd7685138dc51d5a6b0cd3780f466b57fd13
        Validity
            Not Before: Jan  1 14:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fab86d7e2c42b66ba1363ecfa2540e3c0813ff88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:69:39:bd:aa:b5:c3:3f:e6:6d:a4:4d:c1:6a:
                    d8:7d:51:d2:40:2a:47:08:1e:e1:97:95:90:40:ce:
                    65:b4:5a:ab:2d:83:4c:7f:87:92:73:ec:55:56:4c:
                    f5:68:54:9f:f2:88:45:1a:26:16:3e:f8:ee:16:14:
                    cc:b5:ea:e0:3d:eb:dd:b3:be:4e:65:34:08:b8:ac:
                    b5:2f:ef:1a:57:33:a9:82:b9:65:9f:91:ad:65:0f:
                    62:37:bb:ca:04:c3:d4:92:9f:90:80:3f:ce:e9:ab:
                    ca:8c:d7:45:6e:80:d6:2b:f2:0b:32:55:67:82:d4:
                    4f:da:20:48:af:17:1d:35:09:bd:b9:ed:5f:f3:7a:
                    0b:db:a2:f5:37:e5:07:27:63:12:f6:19:8e:11:fa:
                    6f:c3:36:d0:24:e4:f6:ce:cb:14:5c:d9:2e:d3:d2:
                    92:3f:4a:c4:b7:ed:c4:45:76:c7:19:c6:66:2c:59:
                    ef:af:6e:88:d2:b5:d2:01:06:32:4d:1f:01:04:b2:
                    3e:0b:90:1d:16:1d:1a:7a:78:7f:ab:21:14:e7:3d:
                    04:45:19:03:b2:0f:7a:c7:3c:ee:ab:4b:96:a6:55:
                    53:7f:62:fd:05:4e:e4:57:4a:6e:0e:4f:4a:01:f1:
                    40:b4:77:53:88:dc:c1:76:b8:24:a1:fe:8d:29:fc:
                    fe:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:B8:6D:7E:2C:42:B6:6B:A1:36:3E:CF:A2:54:0E:3C:08:13:FF:88
            X509v3 Authority Key Identifier:
                keyid:17:41:BD:76:85:13:8D:C5:1D:5A:6B:0C:D3:78:0F:46:6B:57:FD:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0G9doUTjcUdWmsM03gPRmtX_RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/1-rhtfixCtmuhNj7PolQOPAgT_4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/F0G9doUTjcUdWmsM03gPRmtX_RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:7b:18:98:13:28:2a:0f:40:57:92:d6:2f:f0:7b:8a:27:a0:
         fb:c6:6a:d1:a5:e2:21:57:93:e9:e1:e7:e1:10:2a:f8:ef:46:
         e7:e0:0e:95:fa:37:6d:0a:c4:31:c7:0b:0e:6d:e1:d5:13:73:
         4b:82:bf:6f:f3:cf:2c:67:38:e1:88:eb:bb:87:a9:a7:5f:34:
         d2:ba:2f:73:bc:c0:8f:d8:65:2c:17:42:c0:e6:f1:95:6f:2c:
         2c:74:ae:31:5b:69:8b:21:25:51:58:1e:75:d9:e5:9d:b7:5b:
         dd:23:72:9e:f2:5d:2c:2e:73:9b:8e:b0:85:f6:2c:49:90:25:
         0b:19:7e:de:4e:02:73:d7:12:fe:62:c0:57:a7:36:22:b1:89:
         0a:78:70:77:c3:8c:f6:8d:c3:36:ba:ca:a3:12:7d:e7:4f:02:
         65:23:a0:6b:99:94:ed:a4:15:a2:6f:fd:cd:2a:ce:61:c9:3f:
         c8:74:9a:ac:2f:a5:ad:60:98:44:01:07:5f:da:f1:aa:92:78:
         ad:5e:8e:03:f2:9c:3c:65:07:15:e9:5a:f7:8f:17:1c:28:05:
         b2:e8:b3:61:63:67:ef:42:71:83:1a:0f:a8:96:f2:52:71:03:
         c8:36:7e:5c:cc:3b:7b:ab:c1:ce:0a:33:8f:d7:12:f1:84:46:
         e4:7b:77:6f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtwdZNDrTM7aOMYquaiLWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDFiZDc2ODUxMzhkYzUxZDVhNmIwY2QzNzgwZjQ2NmI1
N2ZkMTMwHhcNMjMwMTAxMTQzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWI4NmQ3ZTJjNDJiNjZiYTEzNjNlY2ZhMjU0MGUzYzA4MTNmZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmk5vaq1wz/mbaRNwWrYfVHSQCpH
CB7hl5WQQM5ltFqrLYNMf4eSc+xVVkz1aFSf8ohFGiYWPvjuFhTMtergPevds75O
ZTQIuKy1L+8aVzOpgrlln5GtZQ9iN7vKBMPUkp+QgD/O6avKjNdFboDWK/ILMlVn
gtRP2iBIrxcdNQm9ue1f83oL26L1N+UHJ2MS9hmOEfpvwzbQJOT2zssUXNku09KS
P0rEt+3ERXbHGcZmLFnvr26I0rXSAQYyTR8BBLI+C5AdFh0aenh/qyEU5z0ERRkD
sg96xzzuq0uWplVTf2L9BU7kV0puDk9KAfFAtHdTiNzBdrgkof6NKfz+8QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPq4bX4sQrZroTY+z6JUDjwIE/+IMB8GA1UdIwQY
MBaAFBdBvXaFE43FHVprDNN4D0ZrV/0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBHOWRvVVRqY1VkV21zTTAzZ1BSbXRYX1JNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kZjI5MmQtOTU5Yi00ZWFkLTkzNDgt
MjlmMDlkODkzYWU3LzEvMS1yaHRmaXhDdG11aE5qN1BvbFFPUEFnVF80Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWEvZGYyOTJkLTk1OWItNGVhZC05MzQ4LTI5ZjA5ZDg5M2Fl
Ny8xL0YwRzlkb1VUamNVZFdtc00wM2dQUm10WF9STS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvGmjAN
BgkqhkiG9w0BAQsFAAOCAQEAg3sYmBMoKg9AV5LWL/B7iieg+8Zq0aXiIVeT6eHn
4RAq+O9G5+AOlfo3bQrEMccLDm3h1RNzS4K/b/PPLGc44Yjru4epp1800rovc7zA
j9hlLBdCwObxlW8sLHSuMVtpiyElUVgeddnlnbdb3SNynvJdLC5zm46whfYsSZAl
Cxl+3k4Cc9cS/mLAV6c2IrGJCnhwd8OM9o3DNrrKoxJ9508CZSOga5mU7aQVom/9
zSrOYck/yHSarC+lrWCYRAEHX9rxqpJ4rV6OA/KcPGUHFela948XHCgFsuizYWNn
70JxgxoPqJbyUnEDyDZ+XMw7e6vBzgozj9cS8YRG5Ht3bw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:24 2024 by rpki-client on console-fra.rpki-client.org