Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/e2UntpvCuZGKuHdcTrn2aYTsVbE.roa
File:                     e2UntpvCuZGKuHdcTrn2aYTsVbE.roa (raw, json)
Hash identifier:          0ILtv1X7gO2MTbySnec6VedZq6u06wU0aFvByfZAQ3o=
Subject key identifier:   7B:65:27:B6:9B:C2:B9:91:8A:B8:77:5C:4E:B9:F6:69:84:EC:55:B1
Certificate issuer:       /CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Certificate serial:       01857079AB419A352BE21FBB5926F98038D1
Authority key identifier: D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/e2UntpvCuZGKuHdcTrn2aYTsVbE.roa
Signing time:             Mon 02 Jan 2023 03:14:59 +0000
ROA not before:           Mon 02 Jan 2023 03:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13094
IP address blocks:        91.221.180.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:ab:41:9a:35:2b:e2:1f:bb:59:26:f9:80:38:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
        Validity
            Not Before: Jan  2 03:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b6527b69bc2b9918ab8775c4eb9f66984ec55b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:d6:d8:47:8b:5f:cd:82:22:38:89:d5:8d:8a:
                    38:67:ea:55:16:39:e7:a6:ff:5f:81:70:10:29:3c:
                    c7:dd:8d:96:77:7b:2b:d0:f4:e1:c1:ac:e4:16:9a:
                    f0:22:08:7e:fa:dc:fd:ce:03:27:6f:4d:c4:2a:24:
                    86:a9:32:54:f9:a4:7a:3c:2c:42:9f:08:47:58:97:
                    cb:05:c5:91:18:d3:c3:ad:01:7f:89:01:7e:93:3a:
                    10:62:38:cd:92:b1:d9:d1:94:7e:90:38:77:38:8f:
                    29:fb:40:40:b1:0d:8b:6d:62:78:f6:82:53:44:28:
                    0d:c3:f3:b1:78:b7:6a:e4:30:f6:6c:90:1b:59:20:
                    f9:f4:82:95:89:ad:d2:1c:f2:fe:33:5a:3f:97:40:
                    fb:81:84:24:66:61:cc:f9:c4:5a:d8:58:59:ff:50:
                    02:2f:ed:75:80:c3:5e:a4:c3:bc:3b:8b:d2:7a:17:
                    91:29:e4:b7:f6:ee:ef:a2:5a:2f:4a:e6:e5:62:eb:
                    dc:37:dc:ff:ff:12:83:17:3e:20:91:53:aa:03:2b:
                    df:58:44:e4:67:0b:af:66:64:f4:83:cb:e4:d1:38:
                    1d:39:6b:58:47:e8:f4:10:78:44:03:10:f7:50:fd:
                    ef:cd:37:6f:e6:d7:57:c1:3f:b1:9a:ba:c6:f3:8e:
                    27:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:65:27:B6:9B:C2:B9:91:8A:B8:77:5C:4E:B9:F6:69:84:EC:55:B1
            X509v3 Authority Key Identifier:
                keyid:D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/e2UntpvCuZGKuHdcTrn2aYTsVbE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/0SO41GITRmfsap0eFU5cfwWWZiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.221.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         26:3b:d0:3b:62:36:00:61:ec:ef:c6:81:f5:37:75:41:b3:a4:
         8f:a4:0b:62:80:f9:fa:45:5c:c4:61:37:0f:84:fc:e0:21:e0:
         08:d2:9c:90:a4:37:33:67:c0:a2:da:55:88:93:2f:6d:cc:0b:
         08:38:74:3e:f5:9a:c8:13:5b:80:39:0c:54:14:ac:95:89:d3:
         ed:bd:88:81:41:1c:39:4d:f2:e5:06:6c:d7:64:7c:c3:cc:2e:
         f3:df:c9:08:c8:c8:a3:f3:78:9c:cf:a0:b3:39:20:a4:94:2f:
         92:54:88:13:f4:c1:b3:88:e3:63:39:62:bb:a8:2d:d4:3b:53:
         53:72:9e:4e:ba:3a:5a:f6:da:8d:47:77:8a:6d:fb:37:c5:3d:
         2e:5d:61:4b:97:da:4f:b3:62:a4:1f:42:70:69:59:43:82:cb:
         a4:8b:af:12:f1:2d:55:40:3f:ca:69:ca:f4:e5:24:95:f4:2f:
         aa:4d:25:1f:c3:81:80:18:cb:6e:f0:8f:ba:94:1e:41:56:61:
         19:39:b9:b5:d7:7f:cb:12:26:04:36:f1:8b:e8:7c:2f:22:33:
         df:b2:fc:f2:d8:b6:6b:cf:90:87:ec:97:f7:17:02:c0:92:c9:
         2b:7e:a4:d0:6f:36:05:d1:ef:45:b6:8f:72:e6:97:79:a4:65:
         fb:28:6f:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweatBmjUr4h+7WSb5gDjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMjNiOGQ0NjIxMzQ2NjdlYzZhOWQxZTE1NGU1YzdmMDU5
NjY2MmMwHhcNMjMwMTAyMDMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjY1MjdiNjliYzJiOTkxOGFiODc3NWM0ZWI5ZjY2OTg0ZWM1NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNbYR4tfzYIiOInVjYo4Z+pVFjnn
pv9fgXAQKTzH3Y2Wd3sr0PThwazkFprwIgh++tz9zgMnb03EKiSGqTJU+aR6PCxC
nwhHWJfLBcWRGNPDrQF/iQF+kzoQYjjNkrHZ0ZR+kDh3OI8p+0BAsQ2LbWJ49oJT
RCgNw/OxeLdq5DD2bJAbWSD59IKVia3SHPL+M1o/l0D7gYQkZmHM+cRa2FhZ/1AC
L+11gMNepMO8O4vSeheRKeS39u7volovSublYuvcN9z//xKDFz4gkVOqAyvfWETk
ZwuvZmT0g8vk0TgdOWtYR+j0EHhEAxD3UP3vzTdv5tdXwT+xmrrG844nhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHtlJ7abwrmRirh3XE659mmE7FWxMB8GA1UdIwQY
MBaAFNEjuNRiE0Zn7GqdHhVOXH8FlmYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFNPNDFHSVRSbWZzYXAwZUZVNWNmd1dXWml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZDkwM2YtMTgzMS00ZDAzLWFhYjQt
ODFhZjdjNjU3ZTA1LzEvZTJVbnRwdkN1WkdLdUhkY1RybjJhWVRzVmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZDkwM2YtMTgzMS00ZDAzLWFhYjQtODFhZjdjNjU3ZTA1
LzEvMFNPNDFHSVRSbWZzYXAwZUZVNWNmd1dXWml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW920MA0G
CSqGSIb3DQEBCwUAA4IBAQAmO9A7YjYAYezvxoH1N3VBs6SPpAtigPn6RVzEYTcP
hPzgIeAI0pyQpDczZ8Ci2lWIky9tzAsIOHQ+9ZrIE1uAOQxUFKyVidPtvYiBQRw5
TfLlBmzXZHzDzC7z38kIyMij83icz6CzOSCklC+SVIgT9MGziONjOWK7qC3UO1NT
cp5Oujpa9tqNR3eKbfs3xT0uXWFLl9pPs2KkH0JwaVlDgsuki68S8S1VQD/Kacr0
5SSV9C+qTSUfw4GAGMtu8I+6lB5BVmEZObm113/LEiYENvGL6HwvIjPfsvzy2LZr
z5CH7Jf3FwLAkskrfqTQbzYF0e9Fto9y5pd5pGX7KG8V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:17 2024 by rpki-client on console-ams.rpki-client.org