Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/88a55d-5163-433e-b478-d8a1c3295e89/1/2ZyO88xwEZr5DUuxS8vn13yNBMY.roa
File:                     2ZyO88xwEZr5DUuxS8vn13yNBMY.roa (raw, json)
Hash identifier:          v1Qs42gPHNn3HsR2M6mrtKD98fTc/zrznK823lKB13Y=
Subject key identifier:   D9:9C:8E:F3:CC:70:11:9A:F9:0D:4B:B1:4B:CB:E7:D7:7C:8D:04:C6
Certificate issuer:       /CN=c13f17541732f57abff1294c71b533eb56746fd6
Certificate serial:       01856F149E419EF29F01F83733998D845DAE
Authority key identifier: C1:3F:17:54:17:32:F5:7A:BF:F1:29:4C:71:B5:33:EB:56:74:6F:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wT8XVBcy9Xq_8SlMcbUz61Z0b9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/88a55d-5163-433e-b478-d8a1c3295e89/1/2ZyO88xwEZr5DUuxS8vn13yNBMY.roa
Signing time:             Sun 01 Jan 2023 20:45:00 +0000
ROA not before:           Sun 01 Jan 2023 20:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42473
IP address blocks:        91.208.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:9e:41:9e:f2:9f:01:f8:37:33:99:8d:84:5d:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c13f17541732f57abff1294c71b533eb56746fd6
        Validity
            Not Before: Jan  1 20:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d99c8ef3cc70119af90d4bb14bcbe7d77c8d04c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ec:da:c3:35:89:7b:46:8d:02:a4:86:cd:0a:
                    d9:e4:80:6f:c7:9c:d3:99:5d:34:79:0d:9a:d5:04:
                    93:bc:f2:ca:e6:26:cf:47:c4:41:00:3f:d4:96:9e:
                    58:52:9e:7a:3e:05:c2:c0:cc:00:fa:d6:94:a2:3c:
                    95:03:b1:23:b2:ee:c2:fe:7e:10:36:2e:53:51:eb:
                    22:61:38:ac:1e:e8:25:dc:5e:a7:a0:07:02:fe:2c:
                    3e:77:9a:23:98:62:1e:19:06:4c:7b:65:02:bc:bf:
                    dc:d2:af:7c:7e:b7:e2:5a:1e:20:07:e5:d6:d5:d9:
                    05:4a:69:37:d9:9a:90:a5:92:f2:4e:88:e7:ea:07:
                    9b:e1:86:b0:ad:22:92:54:10:6b:32:65:d2:4f:6e:
                    ec:84:1f:3e:f1:7b:73:f3:bf:97:f1:55:98:43:f0:
                    ac:c4:9d:00:5e:73:9b:00:e5:6a:2a:66:69:44:52:
                    7f:e6:55:67:98:4b:09:90:8c:0b:ce:9e:60:ba:1f:
                    74:be:78:72:60:1c:2e:41:15:59:6a:bc:f3:50:49:
                    40:cc:a3:d8:ee:86:c0:e1:cf:8e:21:e8:c8:f5:39:
                    96:96:91:bd:6f:4c:f1:ae:a4:89:35:96:bb:34:1c:
                    88:e9:9e:2e:3f:2e:53:3d:70:23:3e:67:fc:59:64:
                    31:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:9C:8E:F3:CC:70:11:9A:F9:0D:4B:B1:4B:CB:E7:D7:7C:8D:04:C6
            X509v3 Authority Key Identifier:
                keyid:C1:3F:17:54:17:32:F5:7A:BF:F1:29:4C:71:B5:33:EB:56:74:6F:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wT8XVBcy9Xq_8SlMcbUz61Z0b9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/88a55d-5163-433e-b478-d8a1c3295e89/1/2ZyO88xwEZr5DUuxS8vn13yNBMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/88a55d-5163-433e-b478-d8a1c3295e89/1/wT8XVBcy9Xq_8SlMcbUz61Z0b9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:ac:18:d4:37:d0:de:90:e0:dc:a6:22:c7:6f:fb:2f:4a:53:
         08:7e:ec:31:bb:01:03:fc:ed:d8:40:4c:d9:6e:31:2e:f4:eb:
         57:33:80:95:c5:9b:3d:06:2a:f2:8f:a9:12:69:14:85:84:1e:
         dd:48:9f:54:42:42:db:43:dc:b8:14:97:9b:36:b3:b6:d2:59:
         83:6b:92:16:b2:3d:87:7f:c4:cb:ea:63:c7:00:2a:e3:0a:70:
         1c:3c:ec:06:c6:e6:8f:bf:4c:dc:fd:4e:b1:a6:68:55:bb:aa:
         31:25:4e:51:ec:ef:b1:46:02:cf:da:49:d6:ec:62:a2:53:c8:
         95:e3:19:c9:87:97:96:d0:e2:30:5c:88:f4:21:0b:12:6b:f8:
         c5:88:52:70:39:af:9d:2c:91:cb:d7:23:0d:b7:ce:48:53:30:
         8d:0c:8d:00:e4:7a:84:4c:37:ad:1b:2b:7f:51:75:e8:f0:2a:
         10:ac:dd:14:a0:ca:67:b6:17:ea:42:72:4f:84:6a:1c:89:6b:
         5f:0d:11:c9:b3:4d:0b:e4:18:99:e6:bd:fc:c0:ff:63:95:1e:
         ff:54:a2:aa:fb:f9:ce:47:4b:06:03:90:6f:8c:85:50:aa:3a:
         32:c4:ee:b2:af:81:ec:ec:b7:c1:34:96:71:4f:93:ee:74:19:
         e6:ca:29:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFJ5BnvKfAfg3M5mNhF2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxM2YxNzU0MTczMmY1N2FiZmYxMjk0YzcxYjUzM2ViNTY3
NDZmZDYwHhcNMjMwMTAxMjA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTljOGVmM2NjNzAxMTlhZjkwZDRiYjE0YmNiZTdkNzdjOGQwNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+zawzWJe0aNAqSGzQrZ5IBvx5zT
mV00eQ2a1QSTvPLK5ibPR8RBAD/Ulp5YUp56PgXCwMwA+taUojyVA7Ejsu7C/n4Q
Ni5TUesiYTisHugl3F6noAcC/iw+d5ojmGIeGQZMe2UCvL/c0q98frfiWh4gB+XW
1dkFSmk32ZqQpZLyTojn6geb4YawrSKSVBBrMmXST27shB8+8Xtz87+X8VWYQ/Cs
xJ0AXnObAOVqKmZpRFJ/5lVnmEsJkIwLzp5guh90vnhyYBwuQRVZarzzUElAzKPY
7obA4c+OIejI9TmWlpG9b0zxrqSJNZa7NByI6Z4uPy5TPXAjPmf8WWQxgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmcjvPMcBGa+Q1LsUvL59d8jQTGMB8GA1UdIwQY
MBaAFME/F1QXMvV6v/EpTHG1M+tWdG/WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1Q4WFZCY3k5WHFfOFNsTWNiVXo2MVowYjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS84OGE1NWQtNTE2My00MzNlLWI0Nzgt
ZDhhMWMzMjk1ZTg5LzEvMlp5Tzg4eHdFWnI1RFV1eFM4dm4xM3lOQk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS84OGE1NWQtNTE2My00MzNlLWI0NzgtZDhhMWMzMjk1ZTg5
LzEvd1Q4WFZCY3k5WHFfOFNsTWNiVXo2MVowYjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DZMA0G
CSqGSIb3DQEBCwUAA4IBAQCArBjUN9DekODcpiLHb/svSlMIfuwxuwED/O3YQEzZ
bjEu9OtXM4CVxZs9Biryj6kSaRSFhB7dSJ9UQkLbQ9y4FJebNrO20lmDa5IWsj2H
f8TL6mPHACrjCnAcPOwGxuaPv0zc/U6xpmhVu6oxJU5R7O+xRgLP2knW7GKiU8iV
4xnJh5eW0OIwXIj0IQsSa/jFiFJwOa+dLJHL1yMNt85IUzCNDI0A5HqETDetGyt/
UXXo8CoQrN0UoMpnthfqQnJPhGociWtfDRHJs00L5BiZ5r38wP9jlR7/VKKq+/nO
R0sGA5BvjIVQqjoyxO6yr4Hs7LfBNJZxT5PudBnmyinG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:52 2024 by rpki-client on console-fra.rpki-client.org