Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Q_ziQGxd5UhrnvE2311D4k55GH0.roa
File:                     Q_ziQGxd5UhrnvE2311D4k55GH0.roa (raw, json)
Hash identifier:          YOSMJox3ZM63Ii0T33fvsq4hhXsyC/NNQbtGMKnxKqc=
Subject key identifier:   43:FC:E2:40:6C:5D:E5:48:6B:9E:F1:36:DF:5D:43:E2:4E:79:18:7D
Certificate issuer:       /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial:       0188524B938CF97E9098C4541D9A40CBF526
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Q_ziQGxd5UhrnvE2311D4k55GH0.roa
Signing time:             Thu 25 May 2023 09:44:24 +0000
ROA not before:           Thu 25 May 2023 09:44:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48894
IP address blocks:        91.132.94.0/24 maxlen: 24
                          2a03:f80:386::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:52:4b:93:8c:f9:7e:90:98:c4:54:1d:9a:40:cb:f5:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
        Validity
            Not Before: May 25 09:44:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=43fce2406c5de5486b9ef136df5d43e24e79187d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:26:8d:3e:21:45:6b:b5:aa:9d:02:d9:11:45:
                    3d:1f:cf:d9:f1:31:42:71:6d:3c:7c:2b:f2:d4:44:
                    54:99:33:0b:59:6d:bc:b0:2d:9c:9e:ff:71:f5:b7:
                    28:dc:ab:65:bd:8e:8a:b8:5b:44:b8:5b:1d:0b:59:
                    7a:c4:24:24:72:a3:e5:a7:c2:6c:68:7f:02:a5:7c:
                    a1:80:3f:d6:db:b2:5c:16:af:1c:ef:ac:ed:37:96:
                    f9:2c:03:7f:6f:14:e1:d3:f9:b5:1e:39:54:8c:98:
                    7c:60:28:4c:0a:2b:d4:04:71:de:60:8d:7d:be:22:
                    72:b3:67:e2:ee:99:dc:16:b0:92:bb:6d:5e:dd:f3:
                    4d:9a:84:98:75:1e:d2:84:f2:37:a1:45:8d:b8:12:
                    44:de:db:a3:19:1d:d0:cb:30:9b:e9:fe:99:fd:15:
                    84:02:a3:fe:ed:7a:b9:61:3e:1a:06:05:c1:3c:d0:
                    fe:0f:18:0b:ea:3d:36:94:9e:c2:21:91:1e:c2:98:
                    a3:78:5a:f1:38:ec:8f:ac:ab:7e:98:6d:26:d1:f4:
                    69:a6:3e:30:dc:ef:e8:8c:ad:5e:bf:a5:1b:bb:43:
                    3b:51:00:c7:8c:b4:87:17:cb:84:f8:42:67:e3:2e:
                    17:94:f6:49:32:57:14:52:2e:ef:05:a5:5c:7b:c5:
                    9f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:FC:E2:40:6C:5D:E5:48:6B:9E:F1:36:DF:5D:43:E2:4E:79:18:7D
            X509v3 Authority Key Identifier:
                keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Q_ziQGxd5UhrnvE2311D4k55GH0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.94.0/24
                IPv6:
                  2a03:f80:386::/48

    Signature Algorithm: sha256WithRSAEncryption
         13:69:dc:93:90:04:7d:62:bb:6f:5e:5f:61:06:71:6d:70:d9:
         30:0e:21:43:1a:ba:6e:98:40:df:04:00:50:1e:06:ef:2c:b7:
         ce:26:b1:4c:66:80:0f:6c:fd:a8:91:75:b6:27:fe:a4:ff:1d:
         c8:fc:64:59:b3:8e:20:f0:56:5e:ed:f5:32:33:20:ac:e0:85:
         25:f4:02:31:de:b2:c4:ed:fc:2e:77:fc:6a:1c:7e:8b:46:86:
         1a:27:74:5b:0b:8a:4c:95:97:5d:df:9d:16:ba:e0:03:1f:ff:
         bd:cb:f5:2b:11:e7:2f:5f:ee:c7:1c:81:bf:ed:d1:8b:a9:42:
         85:78:c8:9b:72:90:1d:06:35:6a:e0:93:68:e2:e0:0b:7b:53:
         5e:cc:0a:f6:5d:b6:f8:69:d0:7c:f2:b1:23:5d:2c:e5:9e:b9:
         04:69:ac:d9:f3:8b:fe:5c:d9:7e:fc:c8:2d:65:8c:6f:ce:b6:
         02:7d:1e:2b:16:bc:a2:50:90:7b:59:a1:5e:53:c0:21:a6:ad:
         ea:7c:19:de:93:2f:26:e0:e9:ac:bb:d8:e0:61:7f:08:b0:55:
         00:89:cd:8a:2d:2e:97:ff:ac:3f:88:1d:04:02:bd:8f:b7:5b:
         ce:dc:f6:d5:6b:e3:93:8f:03:4a:a5:62:7a:06:4b:ce:71:bc:
         7a:ec:39:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhSS5OM+X6QmMRUHZpAy/UmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwNTI1MDk0NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ZjZTI0MDZjNWRlNTQ4NmI5ZWYxMzZkZjVkNDNlMjRlNzkxODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCaNPiFFa7WqnQLZEUU9H8/Z8TFC
cW08fCvy1ERUmTMLWW28sC2cnv9x9bco3KtlvY6KuFtEuFsdC1l6xCQkcqPlp8Js
aH8CpXyhgD/W27JcFq8c76ztN5b5LAN/bxTh0/m1HjlUjJh8YChMCivUBHHeYI19
viJys2fi7pncFrCSu21e3fNNmoSYdR7ShPI3oUWNuBJE3tujGR3QyzCb6f6Z/RWE
AqP+7Xq5YT4aBgXBPND+DxgL6j02lJ7CIZEewpijeFrxOOyPrKt+mG0m0fRppj4w
3O/ojK1ev6Ubu0M7UQDHjLSHF8uE+EJn4y4XlPZJMlcUUi7vBaVce8WfIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEP84kBsXeVIa57xNt9dQ+JOeRh9MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvUV96aVFHeGQ1VWhybnZFMjMxMUQ0azU1R0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW4ReMA8E
AgACMAkDBwAqAw+AA4YwDQYJKoZIhvcNAQELBQADggEBABNp3JOQBH1iu29eX2EG
cW1w2TAOIUMaum6YQN8EAFAeBu8st84msUxmgA9s/aiRdbYn/qT/Hcj8ZFmzjiDw
Vl7t9TIzIKzghSX0AjHessTt/C53/GocfotGhhondFsLikyVl13fnRa64AMf/73L
9SsR5y9f7sccgb/t0YupQoV4yJtykB0GNWrgk2ji4At7U17MCvZdtvhp0HzysSNd
LOWeuQRprNnzi/5c2X78yC1ljG/OtgJ9HisWvKJQkHtZoV5TwCGmrep8Gd6TLybg
6ay72OBhfwiwVQCJzYotLpf/rD+IHQQCvY+3W87c9tVr45OPA0qlYnoGS85xvHrs
OeE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org