Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b5559e-950b-48f4-a2ab-b26f1a70af0d/1/yspJwhkTGSWXNatCQA0Ctav2NW8.roa
File:                     yspJwhkTGSWXNatCQA0Ctav2NW8.roa (raw, json)
Hash identifier:          2NtdCZ0DwFRF3O9Og9z9imWC782A2G/e6SCFpnF49eU=
Subject key identifier:   CA:CA:49:C2:19:13:19:25:97:35:AB:42:40:0D:02:B5:AB:F6:35:6F
Certificate issuer:       /CN=e31722d79bff4384a597cb544d9e7974490d8734
Certificate serial:       01869F148C023D37C12F2A10BD5C272B4BE6
Authority key identifier: E3:17:22:D7:9B:FF:43:84:A5:97:CB:54:4D:9E:79:74:49:0D:87:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xci15v_Q4Sll8tUTZ55dEkNhzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/b5559e-950b-48f4-a2ab-b26f1a70af0d/1/yspJwhkTGSWXNatCQA0Ctav2NW8.roa
Signing time:             Wed 01 Mar 2023 21:29:29 +0000
ROA not before:           Wed 01 Mar 2023 21:29:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        91.239.53.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9f:14:8c:02:3d:37:c1:2f:2a:10:bd:5c:27:2b:4b:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31722d79bff4384a597cb544d9e7974490d8734
        Validity
            Not Before: Mar  1 21:29:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=caca49c2191319259735ab42400d02b5abf6356f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:9f:6e:a9:26:be:ef:82:6f:4a:80:8b:ff:f0:
                    53:8f:98:11:a5:44:29:72:1d:32:c4:3a:5c:f1:95:
                    07:e5:ed:54:b6:5c:36:62:75:3b:fc:dd:18:59:1c:
                    dd:db:bf:3c:cc:3d:3d:7d:18:05:29:6c:8b:21:65:
                    83:a3:fe:39:98:cf:e2:0a:3e:c2:ff:e4:4c:8b:57:
                    2c:b7:7a:ae:b8:22:0b:a8:ab:75:72:d2:fd:18:e6:
                    9d:d5:fa:ff:3e:7f:9b:de:9b:46:a5:43:f3:33:e0:
                    3a:fe:11:2d:dc:1a:09:2d:bd:83:a2:3d:f0:e5:25:
                    06:82:59:47:36:33:27:83:48:f6:d4:28:d2:f8:40:
                    a1:bf:2d:06:a1:66:b5:b7:53:ff:24:d2:d0:f7:f1:
                    17:5a:e7:7f:a9:e2:ff:3c:82:ca:29:df:82:e1:8a:
                    12:f2:69:d7:e0:3e:02:86:e0:c3:ee:34:04:f1:f4:
                    48:ec:16:ca:89:8e:b5:7b:c6:97:eb:ec:c7:8e:92:
                    41:4b:fb:3b:65:a0:23:ea:8e:40:dc:7a:20:88:9f:
                    8f:f0:90:1d:c7:47:91:f7:2d:03:99:f9:9d:00:e2:
                    03:ab:83:b4:55:f5:28:e9:c0:31:2d:16:c5:52:dc:
                    0d:73:aa:db:33:78:97:37:b4:a0:61:e8:61:9b:24:
                    84:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:CA:49:C2:19:13:19:25:97:35:AB:42:40:0D:02:B5:AB:F6:35:6F
            X509v3 Authority Key Identifier:
                keyid:E3:17:22:D7:9B:FF:43:84:A5:97:CB:54:4D:9E:79:74:49:0D:87:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xci15v_Q4Sll8tUTZ55dEkNhzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b5559e-950b-48f4-a2ab-b26f1a70af0d/1/yspJwhkTGSWXNatCQA0Ctav2NW8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b5559e-950b-48f4-a2ab-b26f1a70af0d/1/4xci15v_Q4Sll8tUTZ55dEkNhzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:86:7f:75:7c:ea:28:df:6e:2d:c4:94:7a:fb:cb:36:17:99:
         7d:32:c8:b3:e2:0d:bf:37:22:3f:38:c1:3c:61:8a:7f:c0:65:
         03:72:5c:76:74:5e:0f:81:08:63:c8:5b:92:bb:44:a1:3a:73:
         db:85:cd:6a:f3:5c:7c:95:21:70:20:51:8c:e2:86:05:4c:65:
         66:ca:ba:18:78:78:36:95:35:da:5f:ce:1c:83:1e:ec:7a:fe:
         2a:2d:48:5a:25:9b:b5:dc:9f:35:15:9d:9a:0d:13:8b:88:89:
         e9:97:55:a4:77:bc:ac:eb:58:3c:13:3e:5c:e4:b2:63:0e:1a:
         5e:06:08:d8:26:80:2b:6e:9e:85:7c:6c:8d:7c:4f:18:d8:a4:
         99:c3:b0:ed:cd:96:6d:0f:cc:ac:48:9e:4b:e1:0c:bf:b4:70:
         55:01:14:6e:8e:95:67:89:c6:6e:74:6c:7a:93:c9:1c:b1:08:
         e9:fe:1e:e5:e9:78:a0:13:2c:d5:07:46:a0:59:7d:6f:c0:a6:
         25:87:a6:f6:78:f3:35:3c:8a:42:64:82:5d:4b:64:dd:45:22:
         9e:51:73:df:95:33:40:49:72:2c:43:10:96:43:1e:51:b4:80:
         17:a0:32:f8:32:58:d8:9b:25:7b:04:da:ff:82:4b:e4:fc:5e:
         56:cd:bf:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYafFIwCPTfBLyoQvVwnK0vmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTcyMmQ3OWJmZjQzODRhNTk3Y2I1NDRkOWU3OTc0NDkw
ZDg3MzQwHhcNMjMwMzAxMjEyOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNhNDljMjE5MTMxOTI1OTczNWFiNDI0MDBkMDJiNWFiZjYzNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj59uqSa+74JvSoCL//BTj5gRpUQp
ch0yxDpc8ZUH5e1Utlw2YnU7/N0YWRzd2788zD09fRgFKWyLIWWDo/45mM/iCj7C
/+RMi1cst3quuCILqKt1ctL9GOad1fr/Pn+b3ptGpUPzM+A6/hEt3BoJLb2Doj3w
5SUGgllHNjMng0j21CjS+EChvy0GoWa1t1P/JNLQ9/EXWud/qeL/PILKKd+C4YoS
8mnX4D4ChuDD7jQE8fRI7BbKiY61e8aX6+zHjpJBS/s7ZaAj6o5A3HogiJ+P8JAd
x0eR9y0DmfmdAOIDq4O0VfUo6cAxLRbFUtwNc6rbM3iXN7SgYehhmySELQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrKScIZExkllzWrQkANArWr9jVvMB8GA1UdIwQY
MBaAFOMXIteb/0OEpZfLVE2eeXRJDYc0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhjaTE1dl9RNFNsbDh0VVRaNTVkRWtOaHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iNTU1OWUtOTUwYi00OGY0LWEyYWIt
YjI2ZjFhNzBhZjBkLzEveXNwSndoa1RHU1dYTmF0Q1FBMEN0YXYyTlc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iNTU1OWUtOTUwYi00OGY0LWEyYWItYjI2ZjFhNzBhZjBk
LzEvNHhjaTE1dl9RNFNsbDh0VVRaNTVkRWtOaHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+81MA0G
CSqGSIb3DQEBCwUAA4IBAQCKhn91fOoo324txJR6+8s2F5l9Msiz4g2/NyI/OME8
YYp/wGUDclx2dF4PgQhjyFuSu0ShOnPbhc1q81x8lSFwIFGM4oYFTGVmyroYeHg2
lTXaX84cgx7sev4qLUhaJZu13J81FZ2aDROLiInpl1Wkd7ys61g8Ez5c5LJjDhpe
BgjYJoArbp6FfGyNfE8Y2KSZw7DtzZZtD8ysSJ5L4Qy/tHBVARRujpVnicZudGx6
k8kcsQjp/h7l6XigEyzVB0agWX1vwKYlh6b2ePM1PIpCZIJdS2TdRSKeUXPflTNA
SXIsQxCWQx5RtIAXoDL4MljYmyV7BNr/gkvk/F5Wzb+o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:41 2024 by rpki-client on console-ams.rpki-client.org