Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/rbl8nwugGleCtyH00EoTB9TsZKY.roa
File:                     rbl8nwugGleCtyH00EoTB9TsZKY.roa (raw, json)
Hash identifier:          QENPRv4O0Ns1B/i+cRsuthJ/rr2ZtsPLnner6PgNIww=
Subject key identifier:   AD:B9:7C:9F:0B:A0:1A:57:82:B7:21:F4:D0:4A:13:07:D4:EC:64:A6
Certificate issuer:       /CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Certificate serial:       01856B255973E6D50679B3F6D9BC5E27FAEC
Authority key identifier: D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/rbl8nwugGleCtyH00EoTB9TsZKY.roa
Signing time:             Sun 01 Jan 2023 02:24:47 +0000
ROA not before:           Sun 01 Jan 2023 02:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        91.208.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:25:59:73:e6:d5:06:79:b3:f6:d9:bc:5e:27:fa:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
        Validity
            Not Before: Jan  1 02:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=adb97c9f0ba01a5782b721f4d04a1307d4ec64a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:40:17:58:fa:e0:ce:22:1a:5d:4e:d9:c7:06:
                    c0:99:3a:5d:83:37:c0:b3:f0:2a:70:53:4d:99:a0:
                    20:f7:55:32:7a:90:4c:b6:09:ef:91:4b:b3:15:0f:
                    e4:e7:c0:39:58:1e:1b:62:a1:c5:eb:31:08:e7:04:
                    f8:c2:62:25:91:69:65:e7:3e:eb:81:1b:38:93:f4:
                    3e:4f:45:fe:52:e1:a8:2c:b7:7d:6c:c6:5d:ca:46:
                    5c:3e:c0:b3:e2:bf:b4:99:94:c3:33:91:4a:62:c8:
                    6f:9c:4c:01:2a:c5:33:9b:6a:6c:36:4b:89:8c:89:
                    13:92:bd:55:4a:0b:d0:31:10:9c:4d:d8:09:66:d9:
                    4c:19:24:63:91:6f:ff:85:3e:d9:77:51:98:1b:79:
                    f4:53:77:b1:e7:11:47:09:8a:9a:d1:86:92:02:03:
                    d2:1c:93:14:1c:ce:57:da:2b:13:7f:35:74:04:c5:
                    71:4f:98:3c:e2:7d:3c:a0:0a:a0:91:8b:99:4b:10:
                    35:80:4b:fc:db:26:4e:57:89:9d:86:ba:c1:e2:5e:
                    34:ab:f6:23:98:1d:77:92:a0:b2:1c:a1:98:bd:fd:
                    52:cf:af:0c:48:22:50:32:f0:8d:ed:d5:fd:3b:6d:
                    9d:63:8e:75:f5:bd:4f:df:c4:45:51:82:da:5f:1f:
                    42:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:B9:7C:9F:0B:A0:1A:57:82:B7:21:F4:D0:4A:13:07:D4:EC:64:A6
            X509v3 Authority Key Identifier:
                keyid:D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/rbl8nwugGleCtyH00EoTB9TsZKY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:cf:c6:8a:98:bb:9f:32:56:67:6c:1a:cf:ff:a0:af:cb:25:
         34:c3:86:c6:5e:ee:1d:a3:f5:ab:c0:3d:cb:8e:3b:91:4c:9b:
         2f:e6:bd:8d:35:05:7a:e9:ca:06:e6:42:fb:a5:bb:1c:11:a5:
         3e:01:0c:40:51:35:18:a4:67:cb:7e:bc:0a:3b:5a:f5:56:3d:
         8d:73:44:ed:6e:97:cb:e7:c0:70:34:d6:a2:18:95:9f:d6:df:
         d4:56:f7:05:ff:e7:af:8a:18:bf:1e:bd:8a:9f:77:49:09:76:
         c0:9f:e8:46:a9:e0:9c:8c:4d:40:30:6e:f4:a9:39:c5:ab:30:
         d7:e4:fc:af:65:f5:4a:98:1d:d1:59:09:0d:78:9c:8a:24:9e:
         b2:ec:d1:05:d3:30:8b:4d:dc:33:b7:90:57:3f:8c:26:b6:46:
         72:e8:5d:35:5d:f4:cf:44:d6:4e:ec:27:55:ba:57:c5:62:ba:
         ad:26:b0:9e:2b:ff:71:5e:9b:03:95:48:f1:15:0d:34:b3:77:
         79:0b:1f:d9:32:88:eb:e8:fe:32:b0:5d:6c:4e:f2:30:0e:cd:
         f2:f8:0e:37:48:d1:9f:3a:81:65:57:ef:6f:1d:56:24:78:9a:
         3a:a4:1c:1d:bc:93:51:cc:7f:8e:46:9c:b5:7d:4d:23:db:67:
         49:e5:10:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrJVlz5tUGebP22bxeJ/rsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZGJhYTFiNTJmM2E3MzI4OWZmNzY4YWNiN2JhYTdmMzg3
Zjk1NWYwHhcNMjMwMTAxMDIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGI5N2M5ZjBiYTAxYTU3ODJiNzIxZjRkMDRhMTMwN2Q0ZWM2NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUAXWPrgziIaXU7ZxwbAmTpdgzfA
s/AqcFNNmaAg91UyepBMtgnvkUuzFQ/k58A5WB4bYqHF6zEI5wT4wmIlkWll5z7r
gRs4k/Q+T0X+UuGoLLd9bMZdykZcPsCz4r+0mZTDM5FKYshvnEwBKsUzm2psNkuJ
jIkTkr1VSgvQMRCcTdgJZtlMGSRjkW//hT7Zd1GYG3n0U3ex5xFHCYqa0YaSAgPS
HJMUHM5X2isTfzV0BMVxT5g84n08oAqgkYuZSxA1gEv82yZOV4mdhrrB4l40q/Yj
mB13kqCyHKGYvf1Sz68MSCJQMvCN7dX9O22dY4519b1P38RFUYLaXx9CVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK25fJ8LoBpXgrch9NBKEwfU7GSmMB8GA1UdIwQY
MBaAFNbbqhtS86cyif92ist7qn84f5VfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQt
ZmFiODNkNDAzNTU4LzEvcmJsOG53dWdHbGVDdHlIMDBFb1RCOVRzWktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQtZmFiODNkNDAzNTU4
LzEvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AVMA0G
CSqGSIb3DQEBCwUAA4IBAQCRz8aKmLufMlZnbBrP/6CvyyU0w4bGXu4do/WrwD3L
jjuRTJsv5r2NNQV66coG5kL7pbscEaU+AQxAUTUYpGfLfrwKO1r1Vj2Nc0TtbpfL
58BwNNaiGJWf1t/UVvcF/+evihi/Hr2Kn3dJCXbAn+hGqeCcjE1AMG70qTnFqzDX
5PyvZfVKmB3RWQkNeJyKJJ6y7NEF0zCLTdwzt5BXP4wmtkZy6F01XfTPRNZO7CdV
ulfFYrqtJrCeK/9xXpsDlUjxFQ00s3d5Cx/ZMojr6P4ysF1sTvIwDs3y+A43SNGf
OoFlV+9vHVYkeJo6pBwdvJNRzH+ORpy1fU0j22dJ5RCi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:10 2024 by rpki-client on console-fra.rpki-client.org