Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/Z8su73rigBpkurgWrlxBwHuDkbk.roa
File:                     Z8su73rigBpkurgWrlxBwHuDkbk.roa (raw, json)
Hash identifier:          9xeowqZNmAiAuP/8EbqytjlJ31s6dJ3oqXDgTU4KJ08=
Subject key identifier:   67:CB:2E:EF:7A:E2:80:1A:64:BA:B8:16:AE:5C:41:C0:7B:83:91:B9
Certificate issuer:       /CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
Certificate serial:       018572CCB55D5F3F191A2979ABBF007A8EDE
Authority key identifier: 79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/Z8su73rigBpkurgWrlxBwHuDkbk.roa
Signing time:             Mon 02 Jan 2023 14:04:56 +0000
ROA not before:           Mon 02 Jan 2023 14:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3303
IP address blocks:        91.198.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:b5:5d:5f:3f:19:1a:29:79:ab:bf:00:7a:8e:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
        Validity
            Not Before: Jan  2 14:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67cb2eef7ae2801a64bab816ae5c41c07b8391b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:5d:b0:d1:68:08:0c:6b:30:22:e6:ae:a8:16:
                    e2:ea:9b:a2:9e:b7:bf:50:ef:bc:4c:f7:de:42:93:
                    ca:08:7c:e2:c0:55:91:a9:46:a3:51:50:22:fd:de:
                    fd:99:8a:bb:33:7c:1e:49:fc:9e:ef:ab:58:d9:9c:
                    4f:5a:31:c5:d1:ef:e5:50:81:d9:ac:ed:49:98:50:
                    fc:90:c8:fa:82:67:ab:d3:c7:ce:ee:cf:7f:df:e6:
                    f4:6d:b7:97:1f:65:dd:74:28:72:27:3f:aa:a7:84:
                    14:8a:09:bb:d8:04:66:7f:7c:c6:2b:5d:4d:9e:f6:
                    b7:0a:07:71:82:1c:45:a8:1d:c9:db:25:db:ca:94:
                    89:74:b9:c3:33:07:91:2f:86:5f:8d:c2:e2:82:c6:
                    49:84:67:9c:41:3d:00:02:50:84:84:05:03:01:e3:
                    d4:5d:6d:6f:be:61:5b:50:2f:5f:20:c5:4a:44:e6:
                    08:97:f1:e5:b7:f7:be:c7:4c:e7:21:7d:0a:11:55:
                    4f:fb:49:1d:e1:69:8e:7d:e3:1c:34:d2:03:bd:fc:
                    61:8c:95:77:37:b1:9e:a7:ab:e2:0f:6e:99:ac:c0:
                    dd:4f:14:e4:4c:44:8d:ae:f3:96:1f:1d:1a:8f:c3:
                    fa:b1:d7:4f:13:80:d9:f9:4f:d7:b2:6b:16:4c:b4:
                    8f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:CB:2E:EF:7A:E2:80:1A:64:BA:B8:16:AE:5C:41:C0:7B:83:91:B9
            X509v3 Authority Key Identifier:
                keyid:79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/Z8su73rigBpkurgWrlxBwHuDkbk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/ec1L08m_4g3M_isZ3iMJXKJHSDU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:21:dc:5e:aa:d0:d6:f6:aa:7b:78:2f:cf:c9:c1:9a:b9:21:
         b1:92:57:1e:bd:37:c4:fc:0a:36:bd:4f:d9:e4:ed:3b:a7:84:
         7b:e5:f3:a4:4f:5e:4a:dd:8f:25:24:dd:30:b7:aa:a9:78:75:
         34:c2:63:ac:a3:bd:77:21:a7:6b:3d:b4:9a:07:38:e6:af:89:
         74:50:bc:c0:0f:95:0c:1c:86:2c:d9:18:25:4a:7b:12:7e:6f:
         07:16:83:a0:6f:77:c1:ac:30:8f:58:71:c6:07:50:f3:75:5d:
         5a:0d:a6:fe:08:5b:66:1c:39:f0:39:b4:c6:82:69:bd:19:97:
         3b:02:78:72:89:e9:02:e5:0f:45:73:14:e8:fc:15:e4:20:73:
         78:d0:a4:e9:86:b5:1e:be:e7:ec:ec:e4:e9:e9:d6:5f:a4:5e:
         8a:d2:1b:bf:5d:f8:b3:71:12:a7:a4:f3:dd:d4:38:63:24:9e:
         b6:84:8a:9d:6d:54:2c:42:1f:a2:57:42:55:6d:96:c7:99:26:
         ae:b8:20:62:7d:cc:89:74:4c:77:33:36:8b:09:49:b5:5b:76:
         6f:94:8f:7e:2e:78:1c:7f:c6:df:d1:bc:a8:3a:e8:8d:79:03:
         e2:ff:f7:e6:b9:6b:0d:86:21:bf:b8:32:84:f2:9c:0a:97:cf:
         79:37:30:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzLVdXz8ZGil5q78Aeo7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Y2Q0YmQzYzliZmUyMGRjY2ZlMmIxOWRlMjMwOTVjYTI0
NzQ4MzUwHhcNMjMwMTAyMTQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2NiMmVlZjdhZTI4MDFhNjRiYWI4MTZhZTVjNDFjMDdiODM5MWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV2w0WgIDGswIuauqBbi6puinre/
UO+8TPfeQpPKCHziwFWRqUajUVAi/d79mYq7M3weSfye76tY2ZxPWjHF0e/lUIHZ
rO1JmFD8kMj6gmer08fO7s9/3+b0bbeXH2XddChyJz+qp4QUigm72ARmf3zGK11N
nva3CgdxghxFqB3J2yXbypSJdLnDMweRL4ZfjcLigsZJhGecQT0AAlCEhAUDAePU
XW1vvmFbUC9fIMVKROYIl/Hlt/e+x0znIX0KEVVP+0kd4WmOfeMcNNIDvfxhjJV3
N7Gep6viD26ZrMDdTxTkTESNrvOWHx0aj8P6sddPE4DZ+U/XsmsWTLSPKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfLLu964oAaZLq4Fq5cQcB7g5G5MB8GA1UdIwQY
MBaAFHnNS9PJv+INzP4rGd4jCVyiR0g1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTct
MmMyYzVmYmRhMzQxLzEvWjhzdTczcmlnQnBrdXJnV3JseEJ3SHVEa2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTctMmMyYzVmYmRhMzQx
LzEvZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZIMA0G
CSqGSIb3DQEBCwUAA4IBAQBJIdxeqtDW9qp7eC/PycGauSGxklcevTfE/Ao2vU/Z
5O07p4R75fOkT15K3Y8lJN0wt6qpeHU0wmOso713IadrPbSaBzjmr4l0ULzAD5UM
HIYs2RglSnsSfm8HFoOgb3fBrDCPWHHGB1DzdV1aDab+CFtmHDnwObTGgmm9GZc7
AnhyiekC5Q9FcxTo/BXkIHN40KTphrUevufs7OTp6dZfpF6K0hu/XfizcRKnpPPd
1DhjJJ62hIqdbVQsQh+iV0JVbZbHmSauuCBifcyJdEx3MzaLCUm1W3ZvlI9+Lngc
f8bf0byoOuiNeQPi//fmuWsNhiG/uDKE8pwKl895NzBz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:24 2024 by rpki-client on console-fra.rpki-client.org