Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2C8cfqSr0VscLc07VF5hUYFqlwU.roa
File:                     2C8cfqSr0VscLc07VF5hUYFqlwU.roa (raw, json)
Hash identifier:          j3jUNnKpA6PiJiXFCbqyV5yzjANBmsiV+4aob6gnt9o=
Subject key identifier:   D8:2F:1C:7E:A4:AB:D1:5B:1C:2D:CD:3B:54:5E:61:51:81:6A:97:05
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       018677BE7B61A30687BE763AF653180C4CA9
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2C8cfqSr0VscLc07VF5hUYFqlwU.roa
Signing time:             Wed 22 Feb 2023 06:10:17 +0000
ROA not before:           Wed 22 Feb 2023 06:10:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211237
IP address blocks:        91.250.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 10:45:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:77:be:7b:61:a3:06:87:be:76:3a:f6:53:18:0c:4c:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Feb 22 06:10:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d82f1c7ea4abd15b1c2dcd3b545e6151816a9705
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:24:6d:29:af:bd:b2:6b:42:6b:52:ae:7a:ba:
                    12:41:9b:e1:66:ed:86:69:61:0b:28:11:1a:6f:ef:
                    5d:ed:9b:3a:19:31:97:8b:0f:9f:89:6c:0c:69:b6:
                    fa:a2:2f:18:17:2a:b4:ef:ec:be:5e:82:19:eb:26:
                    62:2e:d5:f1:c6:d4:48:4c:68:d7:eb:78:50:76:63:
                    64:11:6d:c7:f6:4e:73:40:c9:d4:17:e6:a1:b8:ad:
                    56:f9:90:99:3f:12:e2:81:78:42:54:a0:5b:40:52:
                    5d:b6:1c:09:9a:00:b0:f7:56:18:59:55:53:e8:0e:
                    de:9d:1a:8f:b9:9b:7c:20:89:af:c6:f8:3d:81:b3:
                    cf:c8:c5:7d:2c:00:00:5b:3d:8e:bf:39:42:be:c1:
                    2e:a8:c1:ff:66:76:f7:e6:f8:39:cf:ad:96:77:45:
                    05:67:bd:18:3b:98:ce:8d:e4:d9:a8:28:a9:3e:7f:
                    8a:96:c1:fd:bb:1e:18:21:0e:33:5b:54:8e:25:17:
                    8a:57:11:e1:e2:dc:7d:6d:2c:ec:6c:a7:3c:65:c6:
                    2f:f8:ae:7d:26:57:4f:e4:d6:01:32:da:b9:5f:02:
                    01:f5:30:64:b1:b6:9d:9e:0b:ed:6e:ec:28:a4:89:
                    1f:8e:b5:9d:12:10:e4:8a:9d:11:58:b2:02:6d:f7:
                    45:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:2F:1C:7E:A4:AB:D1:5B:1C:2D:CD:3B:54:5E:61:51:81:6A:97:05
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2C8cfqSr0VscLc07VF5hUYFqlwU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.250.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:2b:4b:af:6c:2a:ac:f1:76:8f:c9:ef:c1:56:26:a7:72:ca:
         e0:28:42:dc:c7:8e:8e:e1:5a:eb:ed:78:8c:74:eb:48:fe:81:
         15:ff:e5:ff:94:5f:0c:41:74:be:79:be:11:9f:6e:81:c1:8d:
         82:93:4a:1a:fd:4b:40:1e:4f:88:fb:ce:92:a3:8c:27:df:23:
         dc:99:0a:16:7a:96:85:86:bb:44:ee:75:15:f9:a4:09:3a:dd:
         0c:8b:28:90:0c:e9:71:bb:2f:3e:5c:4d:7b:fd:5e:42:ad:e4:
         9a:f0:d3:66:b5:c7:f0:99:98:22:b0:5b:5c:aa:f4:2f:0c:89:
         31:12:8f:48:cf:93:ac:20:7d:cb:46:97:bd:39:7e:d4:ed:1d:
         e0:0e:c8:07:d2:53:a2:7d:a3:46:62:7e:a4:ca:0e:f5:3c:e2:
         35:c5:4a:4b:35:36:ba:ed:60:1f:a8:a7:96:8a:99:b3:60:c1:
         00:52:9a:3d:25:92:1c:e8:e0:ce:72:33:e5:78:86:aa:2d:ea:
         ab:4d:37:7a:87:c2:7b:c4:6a:56:ec:5e:37:02:9f:bf:99:ee:
         1e:cf:c6:a6:e6:2c:67:d9:ca:fc:ba:1c:2f:e4:ee:23:a8:3a:
         14:60:df:57:bc:d6:0c:fa:a5:05:57:a2:46:0e:a2:b0:35:ff:
         91:d6:90:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ3vnthowaHvnY69lMYDEypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMjIyMDYxMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODJmMWM3ZWE0YWJkMTViMWMyZGNkM2I1NDVlNjE1MTgxNmE5NzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSRtKa+9smtCa1KueroSQZvhZu2G
aWELKBEab+9d7Zs6GTGXiw+fiWwMabb6oi8YFyq07+y+XoIZ6yZiLtXxxtRITGjX
63hQdmNkEW3H9k5zQMnUF+ahuK1W+ZCZPxLigXhCVKBbQFJdthwJmgCw91YYWVVT
6A7enRqPuZt8IImvxvg9gbPPyMV9LAAAWz2OvzlCvsEuqMH/Znb35vg5z62Wd0UF
Z70YO5jOjeTZqCipPn+KlsH9ux4YIQ4zW1SOJReKVxHh4tx9bSzsbKc8ZcYv+K59
JldP5NYBMtq5XwIB9TBksbadngvtbuwopIkfjrWdEhDkip0RWLICbfdFNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgvHH6kq9FbHC3NO1ReYVGBapcFMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMkM4Y2ZxU3IwVnNjTGMwN1ZGNWhVWUZxbHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/r0MA0G
CSqGSIb3DQEBCwUAA4IBAQBoK0uvbCqs8XaPye/BViancsrgKELcx46O4Vrr7XiM
dOtI/oEV/+X/lF8MQXS+eb4Rn26BwY2Ck0oa/UtAHk+I+86So4wn3yPcmQoWepaF
hrtE7nUV+aQJOt0MiyiQDOlxuy8+XE17/V5CreSa8NNmtcfwmZgisFtcqvQvDIkx
Eo9Iz5OsIH3LRpe9OX7U7R3gDsgH0lOifaNGYn6kyg71POI1xUpLNTa67WAfqKeW
ipmzYMEAUpo9JZIc6ODOcjPleIaqLeqrTTd6h8J7xGpW7F43Ap+/me4ez8am5ixn
2cr8uhwv5O4jqDoUYN9XvNYM+qUFV6JGDqKwNf+R1pDb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org