Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/JtQ9FlxBgXFEP_B6xc61FGQQoqQ.roa
File:                     JtQ9FlxBgXFEP_B6xc61FGQQoqQ.roa (raw, json)
Hash identifier:          T33IGdDpNH2SGOqm809gWsLlwwN0M2abwMpK0J6fP+A=
Subject key identifier:   26:D4:3D:16:5C:41:81:71:44:3F:F0:7A:C5:CE:B5:14:64:10:A2:A4
Certificate issuer:       /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial:       018CC7275E62CAC90F397E59C735D0E4C04D
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/JtQ9FlxBgXFEP_B6xc61FGQQoqQ.roa
Signing time:             Mon 01 Jan 2024 22:31:35 +0000
ROA not before:           Mon 01 Jan 2024 22:31:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44774
IP address blocks:        91.237.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 28 Jan 2024 09:37:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:5e:62:ca:c9:0f:39:7e:59:c7:35:d0:e4:c0:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
        Validity
            Not Before: Jan  1 22:31:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=26d43d165c418171443ff07ac5ceb5146410a2a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:09:ac:ed:fc:96:c6:39:38:98:b3:71:62:99:
                    8e:ae:e4:83:59:df:af:16:92:95:ef:01:43:c9:d0:
                    8e:b5:20:df:84:e5:16:37:9d:03:bd:7f:59:84:5e:
                    94:4e:56:5c:c7:ab:51:0d:2a:c6:1d:c1:f8:db:8e:
                    f1:db:9f:fb:50:57:92:e6:a0:99:04:4c:6c:ea:b9:
                    d7:12:98:fe:9b:ba:53:eb:2f:e7:44:2e:3a:30:98:
                    c0:07:99:f5:c0:dc:df:51:8a:ef:d9:10:7a:3c:53:
                    b9:18:59:cc:d1:57:30:03:92:f3:ba:e8:73:45:75:
                    81:00:7e:92:5c:5f:55:3c:41:2a:6c:58:91:01:73:
                    a7:27:8a:0b:99:fb:d0:a1:37:e1:80:55:9c:8a:c3:
                    25:c2:82:fe:0d:e0:04:52:05:03:1c:3d:60:03:d5:
                    ac:8f:1e:77:27:96:38:00:90:b0:60:58:a5:33:ca:
                    2c:20:42:a0:71:0c:13:9b:21:21:04:73:2b:32:08:
                    a1:e1:5f:df:40:3e:89:55:77:b5:df:4f:73:92:49:
                    02:85:8a:53:f5:5b:6d:57:b7:9a:90:94:e0:46:ec:
                    1b:9e:ba:a1:e6:d8:b4:5a:d1:f2:0a:1e:34:bf:8f:
                    b9:1f:16:df:9a:6e:96:54:6c:94:14:e1:57:86:e9:
                    27:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:D4:3D:16:5C:41:81:71:44:3F:F0:7A:C5:CE:B5:14:64:10:A2:A4
            X509v3 Authority Key Identifier:
                keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/JtQ9FlxBgXFEP_B6xc61FGQQoqQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:1b:b2:b3:51:06:47:bc:b3:95:56:12:73:8f:a7:be:70:d7:
         83:a3:d0:3d:ab:c0:76:b1:94:06:0c:ac:04:87:6c:0e:eb:7c:
         91:37:09:8b:47:eb:77:bb:2f:5c:66:ed:5e:a6:05:ac:7a:cb:
         6f:40:14:a2:12:28:60:1b:6b:db:15:e9:b6:71:a2:fb:db:a6:
         36:0b:2e:35:28:6d:f6:71:95:35:96:9e:c0:98:a4:69:12:6d:
         c1:75:fe:02:96:5b:5d:d6:40:61:ef:5d:14:ba:32:53:e0:97:
         4c:ad:cf:b5:98:07:9b:7b:57:a4:0a:4f:d0:c5:b2:6a:f4:06:
         e3:3f:ef:8f:9b:43:fc:83:47:94:34:6a:67:e9:2d:8e:20:dc:
         82:51:5b:91:c9:1a:c1:6b:2e:bc:8b:62:7a:70:1b:40:af:02:
         dd:94:bc:66:7c:ef:f8:10:eb:2b:44:0d:ac:01:3b:6a:26:e8:
         85:b7:4d:5f:c7:16:db:57:7d:ce:33:99:6f:8d:4b:e3:bb:97:
         e8:9a:fa:4a:5b:36:99:ca:70:28:2d:f6:16:77:5c:8e:a5:3d:
         c6:f6:7d:c0:0b:2b:db:91:e2:0a:11:fc:e7:48:b1:98:29:28:
         ea:50:18:12:75:df:0a:08:72:a4:a6:e6:55:92:f1:82:6d:7f:
         02:18:31:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ15iyskPOX5ZxzXQ5MBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ0M2QxNjVjNDE4MTcxNDQzZmYwN2FjNWNlYjUxNDY0MTBhMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gms7fyWxjk4mLNxYpmOruSDWd+v
FpKV7wFDydCOtSDfhOUWN50DvX9ZhF6UTlZcx6tRDSrGHcH4247x25/7UFeS5qCZ
BExs6rnXEpj+m7pT6y/nRC46MJjAB5n1wNzfUYrv2RB6PFO5GFnM0VcwA5Lzuuhz
RXWBAH6SXF9VPEEqbFiRAXOnJ4oLmfvQoTfhgFWcisMlwoL+DeAEUgUDHD1gA9Ws
jx53J5Y4AJCwYFilM8osIEKgcQwTmyEhBHMrMgih4V/fQD6JVXe1309zkkkChYpT
9VttV7eakJTgRuwbnrqh5ti0WtHyCh40v4+5Hxbfmm6WVGyUFOFXhuknRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbUPRZcQYFxRD/wesXOtRRkEKKkMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvSnRROUZseEJnWEZFUF9CNnhjNjFGR1FRb3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+21MA0G
CSqGSIb3DQEBCwUAA4IBAQANG7KzUQZHvLOVVhJzj6e+cNeDo9A9q8B2sZQGDKwE
h2wO63yRNwmLR+t3uy9cZu1epgWsestvQBSiEihgG2vbFem2caL726Y2Cy41KG32
cZU1lp7AmKRpEm3Bdf4Clltd1kBh710UujJT4JdMrc+1mAebe1ekCk/QxbJq9Abj
P++Pm0P8g0eUNGpn6S2OINyCUVuRyRrBay68i2J6cBtArwLdlLxmfO/4EOsrRA2s
ATtqJuiFt01fxxbbV33OM5lvjUvju5fomvpKWzaZynAoLfYWd1yOpT3G9n3ACyvb
keIKEfznSLGYKSjqUBgSdd8KCHKkpuZVkvGCbX8CGDEo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org