Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/yPJPlebTXrAKkW1LZVeYqbYjM_Q.roa
File:                     yPJPlebTXrAKkW1LZVeYqbYjM_Q.roa (raw, json)
Hash identifier:          ToG+0tXtbYrIPFNwr5m5k/Qjfeec7j9mtetjX1yn11Y=
Subject key identifier:   C8:F2:4F:95:E6:D3:5E:B0:0A:91:6D:4B:65:57:98:A9:B6:23:33:F4
Certificate issuer:       /CN=0dd2f8e0dea1387daf9035d2cdf4eb8c93ad89cc
Certificate serial:       01856DD40600928F48D0A2BA0C504904B347
Authority key identifier: 0D:D2:F8:E0:DE:A1:38:7D:AF:90:35:D2:CD:F4:EB:8C:93:AD:89:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdL44N6hOH2vkDXSzfTrjJOticw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/yPJPlebTXrAKkW1LZVeYqbYjM_Q.roa
Signing time:             Sun 01 Jan 2023 14:54:49 +0000
ROA not before:           Sun 01 Jan 2023 14:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13209
IP address blocks:        91.217.82.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:06:00:92:8f:48:d0:a2:ba:0c:50:49:04:b3:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dd2f8e0dea1387daf9035d2cdf4eb8c93ad89cc
        Validity
            Not Before: Jan  1 14:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c8f24f95e6d35eb00a916d4b655798a9b62333f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8f:c1:7b:33:fb:16:2a:87:7a:c5:84:75:de:
                    70:03:4a:03:5c:3b:6b:8a:58:c8:76:91:c3:e6:01:
                    fd:db:d1:de:c2:87:71:a1:ac:87:de:ea:9c:4e:f3:
                    d8:76:c7:4c:b7:96:0c:54:73:20:48:cf:04:43:3d:
                    2b:35:d8:f9:fe:c9:1b:8b:65:ec:d3:45:fe:6e:7f:
                    e9:c8:d0:f5:63:ab:13:cd:60:ad:cc:ba:09:9f:af:
                    15:80:e7:6a:db:ac:16:7e:41:48:3d:5a:a3:80:f0:
                    fb:eb:f0:5d:d6:90:7f:59:53:c8:7e:39:b1:0a:95:
                    0c:fa:e6:aa:ac:df:2a:8a:9f:e5:0b:94:37:10:59:
                    41:99:0e:67:ca:af:4e:96:3b:c9:2c:47:22:ab:2d:
                    1e:35:75:1e:45:a1:25:77:b7:9d:21:b5:64:ce:94:
                    62:77:40:23:59:d4:12:70:b3:24:d5:3d:f4:43:bf:
                    14:ba:bd:ed:67:ae:29:68:d0:38:4a:55:ba:f4:ba:
                    a5:02:ed:b0:4e:b7:21:aa:0f:4f:41:ac:dd:e1:e2:
                    98:f7:81:e4:a5:d8:98:d2:aa:27:ce:a9:48:4f:d0:
                    2a:7d:98:0f:bd:bd:af:6f:ec:86:6f:9b:45:a7:5f:
                    32:ea:5c:cb:da:bf:50:e3:7a:c3:e7:24:34:f0:2a:
                    28:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:F2:4F:95:E6:D3:5E:B0:0A:91:6D:4B:65:57:98:A9:B6:23:33:F4
            X509v3 Authority Key Identifier:
                keyid:0D:D2:F8:E0:DE:A1:38:7D:AF:90:35:D2:CD:F4:EB:8C:93:AD:89:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdL44N6hOH2vkDXSzfTrjJOticw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/yPJPlebTXrAKkW1LZVeYqbYjM_Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/DdL44N6hOH2vkDXSzfTrjJOticw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9f:ce:a7:ee:05:d8:dc:a4:e4:2a:af:4d:11:69:52:1c:7c:df:
         c7:8c:16:27:70:a7:e2:22:ad:ec:5f:07:e8:af:6a:a4:c6:01:
         9e:7e:65:16:24:5e:f1:61:b4:77:d7:06:99:3f:f1:9b:63:47:
         8d:5b:a5:09:70:08:a9:79:06:fb:bb:9f:a0:a5:10:81:7a:66:
         dc:41:e3:f0:ba:3b:99:d0:7f:d9:ca:9c:12:ad:63:17:0b:e4:
         f7:97:81:09:aa:2f:2a:35:3f:5b:50:0d:ab:e4:4f:fc:dd:3e:
         32:1c:ef:2b:3f:83:28:11:b2:c1:63:01:e9:4f:ed:f4:2d:b7:
         ac:14:2c:48:2d:95:e8:39:0e:87:02:6c:e9:e2:5e:cb:c8:fe:
         f4:fd:44:d7:96:b0:b2:52:d6:26:4a:18:87:14:37:89:01:ca:
         da:e3:2d:b1:a9:b6:4f:1c:cd:aa:18:86:62:cb:ab:a2:5b:9c:
         83:84:2c:3e:b2:36:88:e6:e6:49:99:7b:04:3c:4d:33:24:78:
         09:43:39:9d:43:c4:9b:ff:a3:37:78:66:a0:88:f3:c4:8a:7b:
         a4:98:e9:b7:49:15:37:39:13:f4:70:98:55:e4:fc:1c:53:e2:
         02:09:71:31:f2:4e:a9:17:e6:2f:7f:4a:aa:d7:61:12:40:66:
         88:aa:c8:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1AYAko9I0KK6DFBJBLNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDJmOGUwZGVhMTM4N2RhZjkwMzVkMmNkZjRlYjhjOTNh
ZDg5Y2MwHhcNMjMwMTAxMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGYyNGY5NWU2ZDM1ZWIwMGE5MTZkNGI2NTU3OThhOWI2MjMzM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo/BezP7FiqHesWEdd5wA0oDXDtr
iljIdpHD5gH929HewodxoayH3uqcTvPYdsdMt5YMVHMgSM8EQz0rNdj5/skbi2Xs
00X+bn/pyND1Y6sTzWCtzLoJn68VgOdq26wWfkFIPVqjgPD76/Bd1pB/WVPIfjmx
CpUM+uaqrN8qip/lC5Q3EFlBmQ5nyq9OljvJLEciqy0eNXUeRaEld7edIbVkzpRi
d0AjWdQScLMk1T30Q78Uur3tZ64paNA4SlW69LqlAu2wTrchqg9PQazd4eKY94Hk
pdiY0qonzqlIT9AqfZgPvb2vb+yGb5tFp18y6lzL2r9Q43rD5yQ08Coo6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjyT5Xm016wCpFtS2VXmKm2IzP0MB8GA1UdIwQY
MBaAFA3S+ODeoTh9r5A10s3064yTrYnMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRMNDRONmhPSDJ2a0RYU3pmVHJqSk90aWN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kM2Q0NjYtZDk1MS00YzUyLWIzMzAt
YWE4NDg1Y2YzMDY4LzEveVBKUGxlYlRYckFLa1cxTFpWZVlxYllqTV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kM2Q0NjYtZDk1MS00YzUyLWIzMzAtYWE4NDg1Y2YzMDY4
LzEvRGRMNDRONmhPSDJ2a0RYU3pmVHJqSk90aWN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9lSMA0G
CSqGSIb3DQEBCwUAA4IBAQCfzqfuBdjcpOQqr00RaVIcfN/HjBYncKfiIq3sXwfo
r2qkxgGefmUWJF7xYbR31waZP/GbY0eNW6UJcAipeQb7u5+gpRCBembcQePwujuZ
0H/ZypwSrWMXC+T3l4EJqi8qNT9bUA2r5E/83T4yHO8rP4MoEbLBYwHpT+30Lbes
FCxILZXoOQ6HAmzp4l7LyP70/UTXlrCyUtYmShiHFDeJAcra4y2xqbZPHM2qGIZi
y6uiW5yDhCw+sjaI5uZJmXsEPE0zJHgJQzmdQ8Sb/6M3eGagiPPEinukmOm3SRU3
ORP0cJhV5PwcU+ICCXEx8k6pF+Yvf0qq12ESQGaIqsip
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:58 2024 by rpki-client on console-fra.rpki-client.org