Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/11cfb5-acb5-4052-9f83-5e2c9dab8403/1/RbqzY1lUjY00h9JAVejxSq3SrRM.roa
File:                     RbqzY1lUjY00h9JAVejxSq3SrRM.roa (raw, json)
Hash identifier:          AopkaarxU0cOT4srPKjl2HHbi47Dux0kmr7p1RV/92w=
Subject key identifier:   45:BA:B3:63:59:54:8D:8D:34:87:D2:40:55:E8:F1:4A:AD:D2:AD:13
Certificate issuer:       /CN=b9112c804a7f4a74ce58cc71c994f5a9d56122b1
Certificate serial:       01856C65E3A66B55C47BC3D4F429588A7B36
Authority key identifier: B9:11:2C:80:4A:7F:4A:74:CE:58:CC:71:C9:94:F5:A9:D5:61:22:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uREsgEp_SnTOWMxxyZT1qdVhIrE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/11cfb5-acb5-4052-9f83-5e2c9dab8403/1/RbqzY1lUjY00h9JAVejxSq3SrRM.roa
Signing time:             Sun 01 Jan 2023 08:14:54 +0000
ROA not before:           Sun 01 Jan 2023 08:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209467
IP address blocks:        91.217.175.0/24 maxlen: 24
                          2001:678:93c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:32:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:65:e3:a6:6b:55:c4:7b:c3:d4:f4:29:58:8a:7b:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9112c804a7f4a74ce58cc71c994f5a9d56122b1
        Validity
            Not Before: Jan  1 08:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=45bab36359548d8d3487d24055e8f14aadd2ad13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c1:0a:62:83:c4:ba:f8:fc:0c:f9:56:34:08:
                    e0:16:11:53:0b:e7:4d:52:27:70:1d:a5:32:35:fd:
                    67:51:6b:c1:d9:9d:db:6e:81:9e:cc:20:87:fb:e1:
                    c7:eb:95:31:6b:f4:28:b7:fb:be:6a:c5:f4:99:28:
                    2d:81:6e:4f:88:bd:2b:74:e9:54:e6:31:db:ac:0d:
                    7a:85:fa:89:70:ec:96:12:05:17:95:bf:75:19:55:
                    35:0d:e0:44:2c:81:68:cb:b0:31:10:09:be:49:ec:
                    87:66:c6:0b:2a:8b:95:94:99:e3:1a:26:b9:f7:e4:
                    55:b9:0f:f7:07:2b:fe:e5:38:93:6b:b2:04:b1:31:
                    90:e0:f2:66:e9:9b:5b:69:cf:ff:03:97:0f:39:6d:
                    32:bf:77:f8:11:d3:19:f9:69:6b:e8:e7:8c:d1:ca:
                    54:fb:c8:38:fa:3c:3e:30:63:d6:70:4d:92:50:16:
                    44:08:f8:f8:64:d2:e2:7b:6f:2b:7c:62:15:bd:ec:
                    70:3c:15:e7:2f:d2:fa:6d:25:26:f6:fe:59:80:15:
                    2d:dc:96:21:4d:30:97:9f:9c:85:26:96:14:d9:c9:
                    3d:f9:4b:51:59:7a:24:22:15:07:66:f5:63:4c:2b:
                    d8:92:dd:e4:66:ac:0e:9d:e5:9d:21:32:70:e2:d4:
                    51:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:BA:B3:63:59:54:8D:8D:34:87:D2:40:55:E8:F1:4A:AD:D2:AD:13
            X509v3 Authority Key Identifier:
                keyid:B9:11:2C:80:4A:7F:4A:74:CE:58:CC:71:C9:94:F5:A9:D5:61:22:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uREsgEp_SnTOWMxxyZT1qdVhIrE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/11cfb5-acb5-4052-9f83-5e2c9dab8403/1/RbqzY1lUjY00h9JAVejxSq3SrRM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/11cfb5-acb5-4052-9f83-5e2c9dab8403/1/uREsgEp_SnTOWMxxyZT1qdVhIrE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.175.0/24
                IPv6:
                  2001:678:93c::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:0c:eb:2a:7d:a6:9e:ff:cb:6c:ac:ad:c4:b8:8e:2e:94:02:
         5a:bb:8e:57:b1:20:ca:63:9c:aa:a3:4d:ed:c8:b1:6d:f1:a9:
         e6:46:a4:6a:77:f4:16:e1:71:f4:dd:0a:5a:d4:fa:37:5d:4f:
         c8:56:41:77:73:1d:96:be:90:11:39:15:1b:39:a2:d6:a0:67:
         54:fd:d9:8f:06:c9:e2:1f:5a:a0:ae:ef:bb:b6:48:26:9a:db:
         fc:b4:de:c0:23:70:10:05:ad:ba:16:cc:30:07:88:09:2c:8c:
         82:ca:97:dd:23:e7:ea:fc:4d:39:d5:ba:49:22:8a:c0:ec:4a:
         ad:5f:82:6c:71:2c:11:d2:42:ec:32:a6:df:7f:55:82:8d:03:
         3b:ef:64:15:7b:8f:28:af:26:7d:57:93:72:70:a4:7d:a3:1d:
         bd:41:1a:00:54:6f:cd:15:a9:76:bd:ad:a7:97:d9:a0:02:0f:
         9f:70:df:46:07:a3:4a:f1:90:9d:e1:b3:b0:40:67:b4:17:76:
         3d:96:a4:74:e9:94:ba:02:e3:12:13:97:44:90:11:c6:83:8e:
         db:c1:ff:b4:80:24:a6:f5:44:4b:9c:21:de:60:00:98:e6:80:
         bd:d9:cb:4f:52:2e:04:50:dd:c0:e2:9f:d9:b9:17:9e:f5:17:
         2c:10:65:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsZeOma1XEe8PU9ClYins2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTEyYzgwNGE3ZjRhNzRjZTU4Y2M3MWM5OTRmNWE5ZDU2
MTIyYjEwHhcNMjMwMTAxMDgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWJhYjM2MzU5NTQ4ZDhkMzQ4N2QyNDA1NWU4ZjE0YWFkZDJhZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisEKYoPEuvj8DPlWNAjgFhFTC+dN
UidwHaUyNf1nUWvB2Z3bboGezCCH++HH65Uxa/Qot/u+asX0mSgtgW5PiL0rdOlU
5jHbrA16hfqJcOyWEgUXlb91GVU1DeBELIFoy7AxEAm+SeyHZsYLKouVlJnjGia5
9+RVuQ/3Byv+5TiTa7IEsTGQ4PJm6Ztbac//A5cPOW0yv3f4EdMZ+Wlr6OeM0cpU
+8g4+jw+MGPWcE2SUBZECPj4ZNLie28rfGIVvexwPBXnL9L6bSUm9v5ZgBUt3JYh
TTCXn5yFJpYU2ck9+UtRWXokIhUHZvVjTCvYkt3kZqwOneWdITJw4tRRgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEW6s2NZVI2NNIfSQFXo8Uqt0q0TMB8GA1UdIwQY
MBaAFLkRLIBKf0p0zljMccmU9anVYSKxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJFc2dFcF9TblRPV014eHlaVDFxZFZoSXJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xMWNmYjUtYWNiNS00MDUyLTlmODMt
NWUyYzlkYWI4NDAzLzEvUmJxelkxbFVqWTAwaDlKQVZlanhTcTNTclJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xMWNmYjUtYWNiNS00MDUyLTlmODMtNWUyYzlkYWI4NDAz
LzEvdVJFc2dFcF9TblRPV014eHlaVDFxZFZoSXJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9mvMA8E
AgACMAkDBwAgAQZ4CTwwDQYJKoZIhvcNAQELBQADggEBACAM6yp9pp7/y2ysrcS4
ji6UAlq7jlexIMpjnKqjTe3IsW3xqeZGpGp39BbhcfTdClrU+jddT8hWQXdzHZa+
kBE5FRs5otagZ1T92Y8GyeIfWqCu77u2SCaa2/y03sAjcBAFrboWzDAHiAksjILK
l90j5+r8TTnVukkiisDsSq1fgmxxLBHSQuwypt9/VYKNAzvvZBV7jyivJn1Xk3Jw
pH2jHb1BGgBUb80VqXa9raeX2aACD59w30YHo0rxkJ3hs7BAZ7QXdj2WpHTplLoC
4xITl0SQEcaDjtvB/7SAJKb1REucId5gAJjmgL3Zy09SLgRQ3cDin9m5F571FywQ
ZfM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:35 2024 by rpki-client on console-ams.rpki-client.org