Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/30c84e-e0b0-491c-971b-f1d4629ccd77/1/srN5eQjYZ5ynvDMnbuywCHdyrVA.roa
File:                     srN5eQjYZ5ynvDMnbuywCHdyrVA.roa (raw, json)
Hash identifier:          BzVcnvOAjKKeiehfrg/pANezRNUxrV87oppECKlLw2s=
Subject key identifier:   B2:B3:79:79:08:D8:67:9C:A7:BC:33:27:6E:EC:B0:08:77:72:AD:50
Certificate issuer:       /CN=906d4fbf6ddc6f5cb745a68cc6818a942eaee20e
Certificate serial:       018A8E9DA29C337CCD302CBD549726E1CEE8
Authority key identifier: 90:6D:4F:BF:6D:DC:6F:5C:B7:45:A6:8C:C6:81:8A:94:2E:AE:E2:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kG1Pv23cb1y3RaaMxoGKlC6u4g4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/30c84e-e0b0-491c-971b-f1d4629ccd77/1/srN5eQjYZ5ynvDMnbuywCHdyrVA.roa
Signing time:             Wed 13 Sep 2023 12:56:50 +0000
ROA not before:           Wed 13 Sep 2023 12:56:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212384
IP address blocks:        91.213.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8e:9d:a2:9c:33:7c:cd:30:2c:bd:54:97:26:e1:ce:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=906d4fbf6ddc6f5cb745a68cc6818a942eaee20e
        Validity
            Not Before: Sep 13 12:56:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b2b3797908d8679ca7bc33276eecb0087772ad50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:61:90:3d:91:a7:7b:00:b5:1d:05:2e:86:1b:
                    18:ae:cb:2c:06:c3:51:37:ef:d0:1f:16:04:18:1d:
                    34:c3:dc:ca:8e:7d:fb:56:cc:5f:10:fb:b7:0e:71:
                    ab:cf:d3:2f:be:18:ab:24:8a:7a:2b:30:4e:83:8a:
                    ec:af:17:a4:63:02:4f:95:4e:0d:b5:d3:94:5e:86:
                    34:d5:90:87:7f:cd:40:2c:92:03:b3:08:0a:b4:6f:
                    87:20:c0:81:43:fb:ed:a6:73:b0:fc:a0:bb:c1:18:
                    08:1f:c1:f0:e5:1a:e4:51:3b:0e:41:df:2a:ba:c3:
                    aa:53:29:0d:b6:9c:ee:a7:e2:7a:1d:18:31:45:e4:
                    9e:af:13:3f:78:3c:22:a7:82:58:6c:e2:8f:1a:33:
                    e4:bb:d2:81:12:d1:2b:77:92:c4:a4:3b:7a:8a:39:
                    71:a3:97:8c:48:15:72:41:66:9a:2f:9a:15:4d:86:
                    37:7d:46:1e:c4:56:45:53:90:4c:88:21:d0:6d:c4:
                    e0:50:c8:07:28:37:43:d0:ae:d1:9e:9f:4b:8e:13:
                    82:eb:9e:19:d4:6a:2d:fa:17:c8:37:64:ec:f8:d6:
                    ff:5f:42:50:ad:2c:3c:d6:9f:13:10:9e:cf:db:20:
                    82:63:14:d0:c7:82:ab:c3:c3:73:f7:33:2b:09:bc:
                    fa:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:B3:79:79:08:D8:67:9C:A7:BC:33:27:6E:EC:B0:08:77:72:AD:50
            X509v3 Authority Key Identifier:
                keyid:90:6D:4F:BF:6D:DC:6F:5C:B7:45:A6:8C:C6:81:8A:94:2E:AE:E2:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kG1Pv23cb1y3RaaMxoGKlC6u4g4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/30c84e-e0b0-491c-971b-f1d4629ccd77/1/srN5eQjYZ5ynvDMnbuywCHdyrVA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/30c84e-e0b0-491c-971b-f1d4629ccd77/1/kG1Pv23cb1y3RaaMxoGKlC6u4g4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:e1:af:e7:c8:38:1d:ea:05:01:67:42:a3:ad:b8:b9:47:b7:
         c9:b0:ff:27:9d:56:83:f6:27:4b:ca:89:0b:03:6d:71:27:4a:
         bf:52:7d:22:21:5e:b4:ac:ea:dc:cf:7a:dd:72:a4:d2:0d:ec:
         dc:a1:67:e2:ee:3c:e3:64:7b:85:00:41:d8:64:e6:b2:f1:b7:
         0a:bc:6e:71:75:1c:dc:8d:f0:29:9b:d1:ab:11:21:4f:b0:ad:
         cf:d3:b9:c3:db:bd:fd:37:40:00:de:e4:89:13:2a:0a:21:f8:
         33:15:75:42:a7:d6:f0:66:fd:c8:2e:61:be:13:ba:55:07:f1:
         66:3c:b0:18:e3:70:07:f7:14:f0:f1:8a:e3:0d:56:b3:f0:fe:
         77:e4:1a:a5:6c:aa:be:b4:9d:39:6c:6b:16:28:3d:ab:7c:e8:
         e7:9f:a4:61:66:e8:45:19:57:9a:87:b2:50:8a:ef:d4:fc:ab:
         e5:2d:88:b1:29:bf:1a:2b:ff:f2:29:12:e6:99:35:f1:d7:35:
         b7:00:dc:73:e7:82:68:dd:19:1a:19:87:64:88:4b:a5:00:55:
         18:83:d9:15:4e:a4:b5:3d:51:09:49:3e:bd:28:04:2d:a8:a0:
         b8:17:06:8b:16:74:0c:aa:2d:65:bc:a3:59:70:20:9f:c3:ec:
         1e:f9:7a:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqOnaKcM3zNMCy9VJcm4c7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNmQ0ZmJmNmRkYzZmNWNiNzQ1YTY4Y2M2ODE4YTk0MmVh
ZWUyMGUwHhcNMjMwOTEzMTI1NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmIzNzk3OTA4ZDg2NzljYTdiYzMzMjc2ZWVjYjAwODc3NzJhZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmGQPZGnewC1HQUuhhsYrsssBsNR
N+/QHxYEGB00w9zKjn37VsxfEPu3DnGrz9MvvhirJIp6KzBOg4rsrxekYwJPlU4N
tdOUXoY01ZCHf81ALJIDswgKtG+HIMCBQ/vtpnOw/KC7wRgIH8Hw5RrkUTsOQd8q
usOqUykNtpzup+J6HRgxReSerxM/eDwip4JYbOKPGjPku9KBEtErd5LEpDt6ijlx
o5eMSBVyQWaaL5oVTYY3fUYexFZFU5BMiCHQbcTgUMgHKDdD0K7Rnp9LjhOC654Z
1Got+hfIN2Ts+Nb/X0JQrSw81p8TEJ7P2yCCYxTQx4Krw8Nz9zMrCbz6MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKzeXkI2Gecp7wzJ27ssAh3cq1QMB8GA1UdIwQY
MBaAFJBtT79t3G9ct0WmjMaBipQuruIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0cxUHYyM2NiMXkzUmFhTXhvR0tsQzZ1NGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zMGM4NGUtZTBiMC00OTFjLTk3MWIt
ZjFkNDYyOWNjZDc3LzEvc3JONWVRallaNXludkRNbmJ1eXdDSGR5clZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zMGM4NGUtZTBiMC00OTFjLTk3MWItZjFkNDYyOWNjZDc3
LzEva0cxUHYyM2NiMXkzUmFhTXhvR0tsQzZ1NGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9WtMA0G
CSqGSIb3DQEBCwUAA4IBAQBB4a/nyDgd6gUBZ0Kjrbi5R7fJsP8nnVaD9idLyokL
A21xJ0q/Un0iIV60rOrcz3rdcqTSDezcoWfi7jzjZHuFAEHYZOay8bcKvG5xdRzc
jfApm9GrESFPsK3P07nD2739N0AA3uSJEyoKIfgzFXVCp9bwZv3ILmG+E7pVB/Fm
PLAY43AH9xTw8YrjDVaz8P535BqlbKq+tJ05bGsWKD2rfOjnn6RhZuhFGVeah7JQ
iu/U/KvlLYixKb8aK//yKRLmmTXx1zW3ANxz54Jo3RkaGYdkiEulAFUYg9kVTqS1
PVEJST69KAQtqKC4FwaLFnQMqi1lvKNZcCCfw+we+Xom
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:51 2024 by rpki-client on console-fra.rpki-client.org