Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/K5q3tv7_dE_vFDZbyPlw9E_u_t4.roa
File:                     K5q3tv7_dE_vFDZbyPlw9E_u_t4.roa (raw, json)
Hash identifier:          Lmz553y799gWDDmodlDC5thS8cgItA6l0Q2EUG7uLvs=
Subject key identifier:   2B:9A:B7:B6:FE:FF:74:4F:EF:14:36:5B:C8:F9:70:F4:4F:EE:FE:DE
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CE96CF4C1962139CE434E30C6140229BC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/K5q3tv7_dE_vFDZbyPlw9E_u_t4.roa
Signing time:             Mon 08 Jan 2024 14:14:41 +0000
ROA not before:           Mon 08 Jan 2024 14:14:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215987
IP address blocks:        185.254.37.0/24 maxlen: 24
                          141.98.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 13:59:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e9:6c:f4:c1:96:21:39:ce:43:4e:30:c6:14:02:29:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  8 14:14:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2b9ab7b6feff744fef14365bc8f970f44feefede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:6b:4a:ac:51:0a:fa:ac:ad:9f:f5:c3:16:b7:
                    75:ae:5b:bc:e7:97:65:21:d6:43:3b:e3:e7:0a:fa:
                    57:29:ba:e6:8d:06:b8:c1:55:4d:f4:f3:63:aa:7e:
                    d0:ba:76:b0:2e:aa:49:df:1f:42:0d:cc:19:4d:58:
                    fd:e5:77:3f:eb:92:2f:ad:93:07:08:38:d2:20:5e:
                    d8:6a:d1:4a:43:2d:42:26:6b:fa:d4:a9:1d:02:76:
                    ef:27:9e:4b:76:7b:0d:c3:16:b3:5a:f6:ec:68:eb:
                    f9:f1:ff:24:03:77:cd:f0:26:7c:18:8e:cc:23:8c:
                    ff:95:a8:30:45:16:43:58:c4:f2:3a:8a:49:16:25:
                    dc:70:07:28:13:a9:9b:c1:db:15:df:67:56:0c:8a:
                    e1:99:f8:ca:99:46:23:a6:05:6b:25:b1:52:cc:eb:
                    2d:ee:45:ff:d8:85:0f:14:7d:ad:40:50:34:6b:b9:
                    65:fc:3d:89:40:42:c3:f7:53:27:87:11:50:70:f1:
                    77:b5:ee:d3:0b:b9:5f:f6:17:e5:41:f4:b6:fd:3b:
                    f9:ce:18:84:f0:a0:4b:48:97:18:93:1e:8d:85:44:
                    37:80:ae:ce:b1:5f:3c:97:02:4e:a7:e4:5f:9d:74:
                    aa:82:85:4a:65:33:9d:59:6c:19:0b:e9:f3:c1:e9:
                    5e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:9A:B7:B6:FE:FF:74:4F:EF:14:36:5B:C8:F9:70:F4:4F:EE:FE:DE
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/K5q3tv7_dE_vFDZbyPlw9E_u_t4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.7.0/24
                  185.254.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:9b:2e:79:72:0c:cf:2a:b3:e3:51:2e:38:f4:ab:f3:23:68:
         bb:2f:c3:dc:68:b8:db:8c:24:b9:b8:2b:cf:10:f4:9e:80:e7:
         08:48:68:d4:25:5b:21:3e:30:ef:ba:cf:b8:49:50:f4:00:2e:
         48:47:73:6f:42:69:bf:88:b7:eb:20:30:a6:83:9f:21:d0:8c:
         9e:b7:86:ef:95:40:de:41:f0:e6:0d:f5:c7:e0:c1:4d:17:47:
         e7:24:22:e9:1e:fc:1a:c1:f9:03:ac:27:60:6f:29:e7:c0:72:
         99:cc:55:f5:98:f5:02:95:11:54:a7:be:e1:4c:a9:72:90:22:
         38:7e:23:39:1a:f8:80:0f:75:06:cc:fc:da:8c:fe:b5:a8:3a:
         4f:fe:91:87:be:d4:52:37:e3:4d:32:dc:03:84:35:9f:6d:77:
         45:a8:92:35:da:e4:40:24:b0:57:ed:ab:32:aa:4f:8d:da:92:
         9f:1e:16:34:30:5a:2c:63:90:74:13:98:43:8e:61:59:29:ab:
         b2:e0:cb:1a:48:fb:31:a7:34:31:9b:3b:38:6c:70:c9:9f:d1:
         ab:ff:c7:ab:3d:f7:5c:48:80:55:91:d2:f3:4f:d2:8f:a5:61:
         4e:38:67:92:9e:cb:d0:37:4e:bc:ef:b1:0a:06:d3:af:33:ad:
         7c:c9:f4:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzpbPTBliE5zkNOMMYUAim8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTA4MTQxNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjlhYjdiNmZlZmY3NDRmZWYxNDM2NWJjOGY5NzBmNDRmZWVmZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWtKrFEK+qytn/XDFrd1rlu855dl
IdZDO+PnCvpXKbrmjQa4wVVN9PNjqn7QunawLqpJ3x9CDcwZTVj95Xc/65IvrZMH
CDjSIF7YatFKQy1CJmv61KkdAnbvJ55LdnsNwxazWvbsaOv58f8kA3fN8CZ8GI7M
I4z/lagwRRZDWMTyOopJFiXccAcoE6mbwdsV32dWDIrhmfjKmUYjpgVrJbFSzOst
7kX/2IUPFH2tQFA0a7ll/D2JQELD91MnhxFQcPF3te7TC7lf9hflQfS2/Tv5zhiE
8KBLSJcYkx6NhUQ3gK7OsV88lwJOp+RfnXSqgoVKZTOdWWwZC+nzweleBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCuat7b+/3RP7xQ2W8j5cPRP7v7eMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSzVxM3R2N19kRV92RkRaYnlQbHc5RV91X3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjWIHAwQA
uf4lMA0GCSqGSIb3DQEBCwUAA4IBAQAHmy55cgzPKrPjUS449KvzI2i7L8PcaLjb
jCS5uCvPEPSegOcISGjUJVshPjDvus+4SVD0AC5IR3NvQmm/iLfrIDCmg58h0Iye
t4bvlUDeQfDmDfXH4MFNF0fnJCLpHvwawfkDrCdgbynnwHKZzFX1mPUClRFUp77h
TKlykCI4fiM5GviAD3UGzPzajP61qDpP/pGHvtRSN+NNMtwDhDWfbXdFqJI12uRA
JLBX7asyqk+N2pKfHhY0MFosY5B0E5hDjmFZKauy4MsaSPsxpzQxmzs4bHDJn9Gr
/8erPfdcSIBVkdLzT9KPpWFOOGeSnsvQN06877EKBtOvM618yfQi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org