Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/03c734-7598-4bd7-ae21-b204f9fcadb6/1/48yM94Z9RBJCG0W74AgcwOhWtS0.roa
File:                     48yM94Z9RBJCG0W74AgcwOhWtS0.roa (raw, json)
Hash identifier:          HdkVJI3f0ZzV12PK+2ppXE36sg9WBkudgJ082J/wdKo=
Subject key identifier:   E3:CC:8C:F7:86:7D:44:12:42:1B:45:BB:E0:08:1C:C0:E8:56:B5:2D
Certificate issuer:       /CN=901f843ac9448cb07791917b90354015ffe23db7
Certificate serial:       01856FA70A22CA696FAF25AE1E4D01ED0D18
Authority key identifier: 90:1F:84:3A:C9:44:8C:B0:77:91:91:7B:90:35:40:15:FF:E2:3D:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kB-EOslEjLB3kZF7kDVAFf_iPbc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/03c734-7598-4bd7-ae21-b204f9fcadb6/1/48yM94Z9RBJCG0W74AgcwOhWtS0.roa
Signing time:             Sun 01 Jan 2023 23:24:56 +0000
ROA not before:           Sun 01 Jan 2023 23:24:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34717
IP address blocks:        91.223.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a7:0a:22:ca:69:6f:af:25:ae:1e:4d:01:ed:0d:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=901f843ac9448cb07791917b90354015ffe23db7
        Validity
            Not Before: Jan  1 23:24:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e3cc8cf7867d4412421b45bbe0081cc0e856b52d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:fd:f4:28:aa:43:66:d9:44:2e:79:62:1b:0a:
                    52:56:73:a5:9a:46:b4:b8:6a:18:93:69:57:c0:ec:
                    64:c4:e7:a3:cc:19:ca:cb:c5:14:c2:ce:89:10:98:
                    17:05:fd:fa:bb:4a:75:4a:da:ec:2e:99:7a:6a:dc:
                    72:fb:02:03:94:1e:cb:7e:28:da:a6:1e:84:c2:16:
                    df:31:68:bd:9d:7e:90:5e:dc:6a:65:f8:0d:50:7b:
                    d7:32:69:1b:9d:80:bf:ba:aa:90:b5:c0:a2:89:15:
                    72:e4:b6:99:59:f3:45:30:3b:c4:27:57:2a:a0:4c:
                    a2:75:e9:d7:1c:08:c7:20:cb:a2:79:cd:bd:de:f7:
                    08:ad:a1:61:f8:6a:d8:d8:81:01:05:dd:36:df:0a:
                    da:38:32:a3:08:2a:2d:7b:06:d4:95:89:7a:85:aa:
                    b1:5c:13:ef:44:55:05:56:0c:c8:c9:14:be:01:98:
                    ce:29:8e:63:ff:60:b4:92:7e:fb:c8:d7:68:dc:2b:
                    e7:bf:56:30:9c:06:ea:27:d9:48:bc:6a:67:ce:7c:
                    88:93:d3:c6:23:43:3a:15:5e:4d:a9:34:48:fd:e3:
                    d2:73:fe:7b:ce:8d:d8:f5:a9:c2:12:cf:45:16:22:
                    49:c9:e9:10:3e:cb:f9:d8:dc:4d:65:54:65:5c:83:
                    43:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:CC:8C:F7:86:7D:44:12:42:1B:45:BB:E0:08:1C:C0:E8:56:B5:2D
            X509v3 Authority Key Identifier:
                keyid:90:1F:84:3A:C9:44:8C:B0:77:91:91:7B:90:35:40:15:FF:E2:3D:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kB-EOslEjLB3kZF7kDVAFf_iPbc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/03c734-7598-4bd7-ae21-b204f9fcadb6/1/48yM94Z9RBJCG0W74AgcwOhWtS0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/03c734-7598-4bd7-ae21-b204f9fcadb6/1/kB-EOslEjLB3kZF7kDVAFf_iPbc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:25:d8:93:8b:ca:65:71:38:a0:11:dd:cf:c3:3f:a5:72:86:
         77:07:a3:07:d7:13:d6:21:9b:38:34:6e:94:07:7c:a0:57:bc:
         a0:e0:3a:8a:f4:a4:ba:23:0c:d3:89:59:c3:72:03:71:9a:4e:
         6d:78:0b:f9:2b:89:93:16:a7:17:2c:6c:30:24:02:6a:77:e2:
         84:bc:21:67:39:80:8e:82:48:8d:75:ac:5d:cd:84:d1:29:54:
         2d:97:eb:88:4e:3e:df:05:c0:e2:0c:a4:12:b0:68:0b:09:fe:
         4b:3d:7e:3f:fb:12:be:57:7e:8e:81:3c:5a:3a:b6:6b:6b:0e:
         2f:f9:75:20:df:fc:be:cd:02:ce:ca:bc:bf:63:bd:25:c9:a8:
         c1:48:85:65:ad:90:88:d9:4e:6f:c5:2d:ec:41:ee:ac:76:c9:
         02:d9:7b:56:6d:87:e7:52:b5:2d:ed:49:fb:bb:46:5e:d9:f7:
         89:2e:ae:21:49:bf:3d:21:5d:dc:4c:90:92:90:58:45:9d:aa:
         3b:c5:b6:a0:6a:db:89:ff:5d:92:c8:8e:1d:c3:79:89:47:d5:
         b7:bd:c9:b2:cd:87:cf:55:19:c5:84:c0:32:ae:cd:5b:06:97:
         17:be:50:35:c5:ae:9f:80:0d:42:98:5c:6d:37:9e:38:c7:9c:
         d2:04:5d:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpwoiymlvryWuHk0B7Q0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMWY4NDNhYzk0NDhjYjA3NzkxOTE3YjkwMzU0MDE1ZmZl
MjNkYjcwHhcNMjMwMTAxMjMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2NjOGNmNzg2N2Q0NDEyNDIxYjQ1YmJlMDA4MWNjMGU4NTZiNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf30KKpDZtlELnliGwpSVnOlmka0
uGoYk2lXwOxkxOejzBnKy8UUws6JEJgXBf36u0p1StrsLpl6atxy+wIDlB7Lfija
ph6EwhbfMWi9nX6QXtxqZfgNUHvXMmkbnYC/uqqQtcCiiRVy5LaZWfNFMDvEJ1cq
oEyidenXHAjHIMuiec293vcIraFh+GrY2IEBBd023wraODKjCCotewbUlYl6haqx
XBPvRFUFVgzIyRS+AZjOKY5j/2C0kn77yNdo3Cvnv1YwnAbqJ9lIvGpnznyIk9PG
I0M6FV5NqTRI/ePSc/57zo3Y9anCEs9FFiJJyekQPsv52NxNZVRlXINDPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPMjPeGfUQSQhtFu+AIHMDoVrUtMB8GA1UdIwQY
MBaAFJAfhDrJRIywd5GRe5A1QBX/4j23MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ItRU9zbEVqTEIza1pGN2tEVkFGZl9pUGJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wM2M3MzQtNzU5OC00YmQ3LWFlMjEt
YjIwNGY5ZmNhZGI2LzEvNDh5TTk0WjlSQkpDRzBXNzRBZ2N3T2hXdFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8wM2M3MzQtNzU5OC00YmQ3LWFlMjEtYjIwNGY5ZmNhZGI2
LzEva0ItRU9zbEVqTEIza1pGN2tEVkFGZl9pUGJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+mMA0G
CSqGSIb3DQEBCwUAA4IBAQAIJdiTi8plcTigEd3Pwz+lcoZ3B6MH1xPWIZs4NG6U
B3ygV7yg4DqK9KS6IwzTiVnDcgNxmk5teAv5K4mTFqcXLGwwJAJqd+KEvCFnOYCO
gkiNdaxdzYTRKVQtl+uITj7fBcDiDKQSsGgLCf5LPX4/+xK+V36OgTxaOrZraw4v
+XUg3/y+zQLOyry/Y70lyajBSIVlrZCI2U5vxS3sQe6sdskC2XtWbYfnUrUt7Un7
u0Ze2feJLq4hSb89IV3cTJCSkFhFnao7xbagatuJ/12SyI4dw3mJR9W3vcmyzYfP
VRnFhMAyrs1bBpcXvlA1xa6fgA1CmFxtN544x5zSBF2z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:50 2024 by rpki-client on console-fra.rpki-client.org