Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/99a01f-bb52-4712-94d0-bf924a825f58/1/bOyV55Tz-x7Y5lkcV1nQ_iMaSSo.roa
File:                     bOyV55Tz-x7Y5lkcV1nQ_iMaSSo.roa (raw, json)
Hash identifier:          86dZqVavY4GnLBsZPA4sFO7XFQOdwPVOpxB3e/GKm6Y=
Subject key identifier:   6C:EC:95:E7:94:F3:FB:1E:D8:E6:59:1C:57:59:D0:FE:23:1A:49:2A
Certificate issuer:       /CN=13b9b21c0081d23c4a21f60a084a75cb5f95bea2
Certificate serial:       018A660688152C6A03E135CCAEFF28E60F01
Authority key identifier: 13:B9:B2:1C:00:81:D2:3C:4A:21:F6:0A:08:4A:75:CB:5F:95:BE:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E7myHACB0jxKIfYKCEp1y1-VvqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/99a01f-bb52-4712-94d0-bf924a825f58/1/bOyV55Tz-x7Y5lkcV1nQ_iMaSSo.roa
Signing time:             Tue 05 Sep 2023 15:46:58 +0000
ROA not before:           Tue 05 Sep 2023 15:46:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3257
IP address blocks:        91.222.220.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:66:06:88:15:2c:6a:03:e1:35:cc:ae:ff:28:e6:0f:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13b9b21c0081d23c4a21f60a084a75cb5f95bea2
        Validity
            Not Before: Sep  5 15:46:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6cec95e794f3fb1ed8e6591c5759d0fe231a492a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:20:64:71:dd:67:4b:fc:1a:44:b9:53:5f:66:
                    8e:c2:b5:c3:61:5f:65:c0:43:ea:0f:f2:2f:70:06:
                    ea:1a:87:06:44:17:1a:54:a7:38:75:bc:96:a2:2c:
                    db:cb:5b:41:ec:a4:ca:b0:9c:b9:49:bf:69:90:0b:
                    5a:f8:10:a8:3c:4c:dd:f6:1c:b9:25:ac:16:6a:4d:
                    37:a7:99:48:db:d6:0f:70:df:1c:5e:b4:d7:ab:65:
                    17:ed:78:4d:22:4b:46:8c:bf:e2:8e:ae:4a:e2:21:
                    77:4d:dc:95:e3:50:dc:84:0b:48:63:38:86:cf:4b:
                    47:dc:09:cf:de:c7:c4:74:1e:d4:95:7b:ac:e4:49:
                    a3:1f:12:c3:19:d2:6c:0c:9e:26:4e:c2:3c:33:28:
                    e0:2e:78:c0:e8:f2:f3:23:44:86:48:d7:ab:1a:b9:
                    fd:4f:5e:fe:38:e9:21:ba:bc:df:4c:8e:e7:a3:ee:
                    32:03:81:1b:d9:92:64:52:39:be:96:06:70:01:1d:
                    71:61:e3:66:ab:05:83:ff:46:bc:a0:88:43:e6:48:
                    ba:9d:44:2d:5c:ff:de:86:6f:fe:20:52:72:f5:b0:
                    ff:9d:54:2e:a1:1c:bc:3e:1a:4a:f5:57:fc:c3:de:
                    3c:90:7d:e7:c0:40:91:35:c1:69:66:0f:f0:34:4f:
                    99:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:EC:95:E7:94:F3:FB:1E:D8:E6:59:1C:57:59:D0:FE:23:1A:49:2A
            X509v3 Authority Key Identifier:
                keyid:13:B9:B2:1C:00:81:D2:3C:4A:21:F6:0A:08:4A:75:CB:5F:95:BE:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7myHACB0jxKIfYKCEp1y1-VvqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/99a01f-bb52-4712-94d0-bf924a825f58/1/bOyV55Tz-x7Y5lkcV1nQ_iMaSSo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/99a01f-bb52-4712-94d0-bf924a825f58/1/E7myHACB0jxKIfYKCEp1y1-VvqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.222.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:29:b5:96:08:bf:d0:0f:50:79:6a:50:d9:4f:1d:74:b5:46:
         59:ea:65:56:f9:29:01:b1:c8:c2:93:2b:59:c6:cb:33:14:33:
         a9:7a:1e:23:64:bf:6e:a9:59:f2:8a:d0:f4:66:5a:a6:1a:72:
         14:24:4f:23:d1:58:ac:4c:0c:a3:ff:fb:be:55:e6:66:21:15:
         8f:55:03:6f:32:ef:f1:62:b4:16:fe:62:f1:ed:aa:33:2b:06:
         f6:fa:d7:47:8c:3b:80:4f:a8:5a:8f:8e:14:11:8f:7d:3f:67:
         26:5d:ea:c2:72:bd:98:b5:e6:f8:98:42:94:67:ee:c0:b7:9a:
         b5:92:2f:d4:9a:2f:9e:34:33:90:a6:6e:9d:48:1b:9d:2f:18:
         21:d8:30:44:92:31:b6:ed:5b:dc:db:e9:e3:ee:b8:c0:3e:5c:
         11:87:50:53:5e:d5:2b:e0:d9:d4:42:1c:12:dd:1b:d6:df:66:
         50:d1:c9:5b:0c:a3:31:29:90:ed:16:ea:b4:fd:a8:0c:87:f3:
         c2:e6:ba:67:8e:ff:5f:81:5c:96:8c:a0:00:66:a9:75:82:21:
         e3:e1:ce:68:a5:56:28:b9:42:d4:02:51:e8:3a:21:e5:83:bc:
         f8:52:27:2e:1e:5f:78:93:9e:b6:fc:78:c0:91:c6:8b:0d:cf:
         f0:56:32:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpmBogVLGoD4TXMrv8o5g8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjliMjFjMDA4MWQyM2M0YTIxZjYwYTA4NGE3NWNiNWY5
NWJlYTIwHhcNMjMwOTA1MTU0NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2VjOTVlNzk0ZjNmYjFlZDhlNjU5MWM1NzU5ZDBmZTIzMWE0OTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSBkcd1nS/waRLlTX2aOwrXDYV9l
wEPqD/IvcAbqGocGRBcaVKc4dbyWoizby1tB7KTKsJy5Sb9pkAta+BCoPEzd9hy5
JawWak03p5lI29YPcN8cXrTXq2UX7XhNIktGjL/ijq5K4iF3TdyV41DchAtIYziG
z0tH3AnP3sfEdB7UlXus5EmjHxLDGdJsDJ4mTsI8MyjgLnjA6PLzI0SGSNerGrn9
T17+OOkhurzfTI7no+4yA4Eb2ZJkUjm+lgZwAR1xYeNmqwWD/0a8oIhD5ki6nUQt
XP/ehm/+IFJy9bD/nVQuoRy8PhpK9Vf8w948kH3nwECRNcFpZg/wNE+ZgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzsleeU8/se2OZZHFdZ0P4jGkkqMB8GA1UdIwQY
MBaAFBO5shwAgdI8SiH2CghKdctflb6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdteUhBQ0IwanhLSWZZS0NFcDF5MS1WdnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85OWEwMWYtYmI1Mi00NzEyLTk0ZDAt
YmY5MjRhODI1ZjU4LzEvYk95VjU1VHoteDdZNWxrY1YxblFfaU1hU1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85OWEwMWYtYmI1Mi00NzEyLTk0ZDAtYmY5MjRhODI1ZjU4
LzEvRTdteUhBQ0IwanhLSWZZS0NFcDF5MS1WdnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW97cMA0G
CSqGSIb3DQEBCwUAA4IBAQBsKbWWCL/QD1B5alDZTx10tUZZ6mVW+SkBscjCkytZ
xsszFDOpeh4jZL9uqVnyitD0ZlqmGnIUJE8j0VisTAyj//u+VeZmIRWPVQNvMu/x
YrQW/mLx7aozKwb2+tdHjDuAT6haj44UEY99P2cmXerCcr2Yteb4mEKUZ+7At5q1
ki/Umi+eNDOQpm6dSBudLxgh2DBEkjG27Vvc2+nj7rjAPlwRh1BTXtUr4NnUQhwS
3RvW32ZQ0clbDKMxKZDtFuq0/agMh/PC5rpnjv9fgVyWjKAAZql1giHj4c5opVYo
uULUAlHoOiHlg7z4UicuHl94k562/HjAkcaLDc/wVjLr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:57 2024 by rpki-client on console-ams.rpki-client.org