Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/h90nQLw9ydGtmATu9uUOmcQWsks.roa
File:                     h90nQLw9ydGtmATu9uUOmcQWsks.roa (raw, json)
Hash identifier:          +PCfSc5rLssUJZB63Y7BBzgso9L/Su9A+OTtlLrHMOk=
Subject key identifier:   87:DD:27:40:BC:3D:C9:D1:AD:98:04:EE:F6:E5:0E:99:C4:16:B2:4B
Certificate issuer:       /CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Certificate serial:       0191A2857D24D74A7703FFE3E63F50414E9C
Authority key identifier: 6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/h90nQLw9ydGtmATu9uUOmcQWsks.roa
Signing time:             Fri 30 Aug 2024 09:02:22 +0000
ROA not before:           Fri 30 Aug 2024 09:02:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42831
IP address blocks:        85.116.196.0/22 maxlen: 22
                          85.116.220.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 16 Oct 2024 11:02:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:a2:85:7d:24:d7:4a:77:03:ff:e3:e6:3f:50:41:4e:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
        Validity
            Not Before: Aug 30 09:02:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=87dd2740bc3dc9d1ad9804eef6e50e99c416b24b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:f0:3d:91:58:95:06:d2:18:79:15:83:25:2b:
                    33:01:13:d0:d2:07:1b:b0:ee:c3:13:3f:95:6e:af:
                    d4:5e:96:34:15:fc:a1:79:0c:82:52:3c:6f:66:e1:
                    76:3e:e5:6d:d9:e3:c9:f4:4f:37:3b:ef:75:98:af:
                    e0:54:1b:06:28:0e:14:e0:12:fd:b2:59:26:80:b5:
                    b4:43:40:a3:15:c7:1a:df:43:67:70:f4:fd:86:f5:
                    af:dd:1f:87:4e:7d:48:d1:ef:f9:4a:d7:e6:a8:af:
                    51:14:88:c1:0d:44:66:c2:d4:c3:54:82:43:f3:cb:
                    d7:37:d2:89:73:e1:0b:3d:36:a8:62:71:65:2f:5b:
                    59:6f:50:6b:42:fd:97:89:45:14:06:7f:93:2f:0c:
                    3f:e3:9e:b3:3e:35:85:37:57:e5:0e:66:4e:ce:2f:
                    11:9a:ca:e6:ff:7e:c1:4c:1f:22:23:f1:37:3c:a8:
                    c6:d4:32:3d:ff:72:bd:24:4a:7d:7f:df:89:55:f3:
                    21:b6:69:7b:88:42:e0:70:a7:17:fc:f2:cb:c3:43:
                    ba:ca:2d:13:9a:3d:fc:20:03:39:1a:c0:8a:22:28:
                    31:9f:8c:f0:4f:3f:ec:61:68:ae:d2:ac:cb:f7:ab:
                    22:dc:1d:d6:6d:c2:22:2b:03:5a:36:09:bf:cd:78:
                    81:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:DD:27:40:BC:3D:C9:D1:AD:98:04:EE:F6:E5:0E:99:C4:16:B2:4B
            X509v3 Authority Key Identifier:
                keyid:6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/h90nQLw9ydGtmATu9uUOmcQWsks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.116.196.0/22
                  85.116.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:4a:a1:56:f1:77:55:02:75:3f:9f:70:54:f9:77:0b:5d:75:
         19:9f:16:17:2c:a8:67:24:8e:cd:c7:44:60:61:52:ce:ba:54:
         cc:61:d4:3e:a8:6c:e2:ee:5d:7c:85:03:53:8a:b6:bb:f8:b1:
         dd:3d:8b:8e:c4:fe:3f:68:2f:a9:3f:6d:6e:03:73:31:ce:a4:
         b2:bf:21:84:8b:04:06:5c:e1:71:e7:c8:38:49:7e:3b:8f:da:
         14:7c:3c:d5:97:35:54:3c:d3:5b:f9:c1:ee:67:13:7d:fe:25:
         aa:ab:25:4b:01:97:74:23:a5:4c:29:7b:29:c4:fe:75:49:c3:
         82:45:2c:d6:53:83:ec:1a:60:cd:a1:ef:a8:39:38:1b:21:d5:
         8f:7e:8b:75:e3:25:e0:12:05:c3:fa:8f:12:1c:9e:73:0b:34:
         4b:9b:e2:12:a2:19:89:69:b0:b9:0a:6f:8a:ba:82:1e:4f:b2:
         cc:45:0d:54:b4:51:05:3d:96:a6:7d:ec:8b:af:98:58:e1:77:
         ac:d1:51:15:dc:99:80:04:83:75:0d:c4:c3:7b:e7:9e:e0:41:
         35:01:3b:14:35:e4:b1:0f:67:fb:12:f6:cf:d5:8c:a2:32:c2:
         bb:dc:cd:0d:02:26:1a:24:26:0f:3f:ca:71:d2:ee:d5:da:16:
         03:0d:d7:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGihX0k10p3A//j5j9QQU6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZDAzOTJhYzc2NjBiZDE0NjBmYTFkNTAzMWQxODQwZDAx
Yjk0MTIwHhcNMjQwODMwMDkwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2RkMjc0MGJjM2RjOWQxYWQ5ODA0ZWVmNmU1MGU5OWM0MTZiMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vA9kViVBtIYeRWDJSszARPQ0gcb
sO7DEz+Vbq/UXpY0FfyheQyCUjxvZuF2PuVt2ePJ9E83O+91mK/gVBsGKA4U4BL9
slkmgLW0Q0CjFcca30NncPT9hvWv3R+HTn1I0e/5StfmqK9RFIjBDURmwtTDVIJD
88vXN9KJc+ELPTaoYnFlL1tZb1BrQv2XiUUUBn+TLww/456zPjWFN1flDmZOzi8R
msrm/37BTB8iI/E3PKjG1DI9/3K9JEp9f9+JVfMhtml7iELgcKcX/PLLw0O6yi0T
mj38IAM5GsCKIigxn4zwTz/sYWiu0qzL96si3B3WbcIiKwNaNgm/zXiBowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIfdJ0C8PcnRrZgE7vblDpnEFrJLMB8GA1UdIwQY
MBaAFG7QOSrHZgvRRg+h1QMdGEDQG5QSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQt
ZThiYWY5ZmZhZGY4LzEvaDkwblFMdzl5ZEd0bUFUdTl1VU9tY1FXc2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQtZThiYWY5ZmZhZGY4
LzEvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVXTEAwQC
VXTcMA0GCSqGSIb3DQEBCwUAA4IBAQCHSqFW8XdVAnU/n3BU+XcLXXUZnxYXLKhn
JI7Nx0RgYVLOulTMYdQ+qGzi7l18hQNTira7+LHdPYuOxP4/aC+pP21uA3MxzqSy
vyGEiwQGXOFx58g4SX47j9oUfDzVlzVUPNNb+cHuZxN9/iWqqyVLAZd0I6VMKXsp
xP51ScOCRSzWU4PsGmDNoe+oOTgbIdWPfot14yXgEgXD+o8SHJ5zCzRLm+ISohmJ
abC5Cm+KuoIeT7LMRQ1UtFEFPZamfeyLr5hY4Xes0VEV3JmABIN1DcTDe+ee4EE1
ATsUNeSxD2f7EvbP1YyiMsK73M0NAiYaJCYPP8px0u7V2hYDDdeT
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:44:39 2024 by rpki-client on console-fra.rpki-client.org