Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/amAxoUhcovHlhukeOlGtM8gChwI.roa
File:                     amAxoUhcovHlhukeOlGtM8gChwI.roa (raw, json)
Hash identifier:          oZhTbICRGYvXmHyOhiyRDA+IEME3Eto3FPll6uV1DJA=
Subject key identifier:   6A:60:31:A1:48:5C:A2:F1:E5:86:E9:1E:3A:51:AD:33:C8:02:87:02
Certificate issuer:       /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial:       01856F14AA3250C612A5AD71E594BD2192B3
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/amAxoUhcovHlhukeOlGtM8gChwI.roa
Signing time:             Sun 01 Jan 2023 20:45:03 +0000
ROA not before:           Sun 01 Jan 2023 20:45:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49617
IP address blocks:        91.215.60.0/23 maxlen: 23
                          91.215.60.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 24 Oct 2023 16:13:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:aa:32:50:c6:12:a5:ad:71:e5:94:bd:21:92:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
        Validity
            Not Before: Jan  1 20:45:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a6031a1485ca2f1e586e91e3a51ad33c8028702
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:b6:47:4c:8c:9e:6c:3e:2c:01:a1:aa:ec:16:
                    35:ff:40:75:55:05:5e:e7:5a:a1:76:ff:e2:5a:c3:
                    63:fa:1a:00:20:67:de:1b:cb:7d:04:e5:67:25:39:
                    5d:97:bd:90:d5:85:6a:2f:9b:5a:b3:dc:af:36:2f:
                    20:fd:32:6b:3a:c6:df:d7:a4:db:77:b7:9d:4e:88:
                    f5:20:a7:05:b5:1b:76:c0:a7:19:e8:8f:c9:9a:e7:
                    fd:9d:70:1d:1e:d9:d6:47:ad:d5:36:a9:1e:57:95:
                    7b:64:86:56:cb:a1:9b:66:78:59:35:86:91:2d:ac:
                    dd:0f:77:31:e7:31:df:41:b9:00:72:5a:dd:ab:9e:
                    6b:19:41:c6:4b:cb:dd:82:d9:07:27:a7:05:ba:9d:
                    72:91:89:9e:89:b3:b4:90:0a:e3:6f:f5:32:53:0d:
                    44:7f:ef:09:b9:90:c1:e5:f3:df:ef:18:9c:36:88:
                    19:cf:a0:91:3e:56:5c:95:7c:6d:77:17:ea:4f:b2:
                    9c:2a:1e:d7:0a:dc:28:d5:1a:f2:c3:04:cb:c9:9e:
                    ed:2c:ec:8d:b6:ba:08:2b:4e:07:b2:11:27:82:57:
                    d0:e6:36:29:6c:70:63:5b:26:b2:a2:78:70:a6:2b:
                    fc:0c:e4:d4:36:fd:1d:90:87:28:7a:2a:e4:23:f6:
                    9b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:60:31:A1:48:5C:A2:F1:E5:86:E9:1E:3A:51:AD:33:C8:02:87:02
            X509v3 Authority Key Identifier:
                keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/amAxoUhcovHlhukeOlGtM8gChwI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.215.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:53:02:9a:ac:aa:22:be:1e:ad:ea:04:40:b4:18:16:c1:16:
         36:81:b7:0f:5d:d4:5c:9e:09:30:09:09:3f:8c:a1:75:9e:23:
         61:39:84:aa:15:98:03:66:28:f0:0a:0c:90:91:49:ec:ac:c5:
         fe:48:6d:a1:2c:91:22:f9:f9:e1:18:e1:df:04:f3:10:98:18:
         db:cf:12:73:03:97:6b:e2:33:c7:21:ca:de:59:28:b0:fd:d0:
         5f:bf:45:e1:dc:c4:36:91:ec:ae:b2:6b:e5:31:16:23:82:8f:
         05:af:a9:4d:1a:3d:6d:e8:83:4a:a7:18:2e:e3:92:53:1c:83:
         bf:0a:75:ca:23:d7:3e:d1:99:97:03:39:0b:31:56:86:2a:22:
         49:f9:38:45:46:22:64:0b:ff:6e:e9:71:26:95:49:89:64:e2:
         0a:38:37:99:43:9b:70:9e:15:60:14:e3:47:e3:92:27:7c:e9:
         7a:f9:7e:4d:8f:2b:3f:81:21:78:3e:64:0c:97:71:23:dc:51:
         4e:89:22:26:d2:a7:d1:cd:5b:37:a5:61:ff:17:62:88:2a:7d:
         65:b4:42:f1:03:5b:00:95:4c:5a:d3:ae:c1:f7:0c:43:23:cb:
         d7:9b:b4:ad:69:8d:08:e7:0a:d3:cb:e8:d2:10:85:53:d5:8b:
         c3:55:83:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFKoyUMYSpa1x5ZS9IZKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTYwMzFhMTQ4NWNhMmYxZTU4NmU5MWUzYTUxYWQzM2M4MDI4NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57ZHTIyebD4sAaGq7BY1/0B1VQVe
51qhdv/iWsNj+hoAIGfeG8t9BOVnJTldl72Q1YVqL5tas9yvNi8g/TJrOsbf16Tb
d7edToj1IKcFtRt2wKcZ6I/Jmuf9nXAdHtnWR63VNqkeV5V7ZIZWy6GbZnhZNYaR
LazdD3cx5zHfQbkAclrdq55rGUHGS8vdgtkHJ6cFup1ykYmeibO0kArjb/UyUw1E
f+8JuZDB5fPf7xicNogZz6CRPlZclXxtdxfqT7KcKh7XCtwo1RrywwTLyZ7tLOyN
troIK04HshEnglfQ5jYpbHBjWyayonhwpiv8DOTUNv0dkIcoeirkI/abnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpgMaFIXKLx5YbpHjpRrTPIAocCMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvYW1BeG9VaGNvdkhsaHVrZU9sR3RNOGdDaHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9c8MA0G
CSqGSIb3DQEBCwUAA4IBAQADUwKarKoivh6t6gRAtBgWwRY2gbcPXdRcngkwCQk/
jKF1niNhOYSqFZgDZijwCgyQkUnsrMX+SG2hLJEi+fnhGOHfBPMQmBjbzxJzA5dr
4jPHIcreWSiw/dBfv0Xh3MQ2keyusmvlMRYjgo8Fr6lNGj1t6INKpxgu45JTHIO/
CnXKI9c+0ZmXAzkLMVaGKiJJ+ThFRiJkC/9u6XEmlUmJZOIKODeZQ5twnhVgFONH
45InfOl6+X5Njys/gSF4PmQMl3Ej3FFOiSIm0qfRzVs3pWH/F2KIKn1ltELxA1sA
lUxa067B9wxDI8vXm7StaY0I5wrTy+jSEIVT1YvDVYOI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org