Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/f9f773-121e-450d-b606-98bf4289df3b/1/SQHgLenDzhb3zdySbNKrWCwDXIo.roa
File:                     SQHgLenDzhb3zdySbNKrWCwDXIo.roa (raw, json)
Hash identifier:          CD2zO2WkxEmKDDzuIMAQaRDcsrj7EuBcgzsHijzdua0=
Subject key identifier:   49:01:E0:2D:E9:C3:CE:16:F7:CD:DC:92:6C:D2:AB:58:2C:03:5C:8A
Certificate issuer:       /CN=e6a4cb74cf524c18121d53b532c03c06f4ad6be6
Certificate serial:       01856D417E29AA1D51F220F9220434B01EF9
Authority key identifier: E6:A4:CB:74:CF:52:4C:18:12:1D:53:B5:32:C0:3C:06:F4:AD:6B:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5qTLdM9STBgSHVO1MsA8BvSta-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/f9f773-121e-450d-b606-98bf4289df3b/1/SQHgLenDzhb3zdySbNKrWCwDXIo.roa
Signing time:             Sun 01 Jan 2023 12:14:46 +0000
ROA not before:           Sun 01 Jan 2023 12:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48388
IP address blocks:        91.209.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:41:7e:29:aa:1d:51:f2:20:f9:22:04:34:b0:1e:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6a4cb74cf524c18121d53b532c03c06f4ad6be6
        Validity
            Not Before: Jan  1 12:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4901e02de9c3ce16f7cddc926cd2ab582c035c8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5b:46:62:d8:21:ba:83:a9:6e:7f:f3:09:6d:
                    3a:38:64:be:05:6d:ea:06:70:f3:65:3c:30:36:86:
                    27:46:5d:2a:24:46:c0:54:e7:3f:99:0b:28:3d:f5:
                    f3:1d:09:a8:a5:ae:a3:d3:0a:80:6b:ca:95:6a:19:
                    f0:e7:fd:eb:87:f2:92:90:7d:d1:93:e7:76:39:57:
                    2f:9e:5b:d6:5b:35:4d:b1:28:95:ef:bb:e7:ca:01:
                    bd:37:9f:d5:be:6f:62:40:8a:7d:08:ab:09:91:71:
                    9b:f9:c5:16:84:ab:33:e9:fa:51:c6:23:fe:ec:c0:
                    fc:de:3b:81:97:2f:34:fa:8b:50:7d:53:4d:40:92:
                    2d:92:db:41:04:e4:99:30:c4:f4:fb:84:8a:f5:13:
                    fd:40:5a:bc:96:ce:f0:fe:04:88:fe:2d:95:95:0a:
                    34:29:da:f0:76:35:51:fc:74:81:15:75:82:df:3b:
                    82:5c:ec:bc:30:22:44:28:d2:c3:1f:20:8a:ce:61:
                    04:3e:10:b5:30:ad:0e:08:a2:08:83:49:12:26:a9:
                    94:27:23:e1:15:0f:bb:bf:67:d3:19:7d:2d:07:20:
                    cc:c2:93:9a:f3:95:5c:a7:57:09:89:88:c2:71:9c:
                    70:bf:02:ec:7d:66:25:f7:70:44:fe:90:9f:36:b3:
                    56:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:01:E0:2D:E9:C3:CE:16:F7:CD:DC:92:6C:D2:AB:58:2C:03:5C:8A
            X509v3 Authority Key Identifier:
                keyid:E6:A4:CB:74:CF:52:4C:18:12:1D:53:B5:32:C0:3C:06:F4:AD:6B:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5qTLdM9STBgSHVO1MsA8BvSta-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f9f773-121e-450d-b606-98bf4289df3b/1/SQHgLenDzhb3zdySbNKrWCwDXIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f9f773-121e-450d-b606-98bf4289df3b/1/5qTLdM9STBgSHVO1MsA8BvSta-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:86:b2:2d:10:03:fb:2c:da:24:52:9a:02:79:de:35:28:71:
         8b:b1:52:13:21:c5:87:c1:f3:e9:d3:dc:b7:eb:34:b4:65:d2:
         d8:d4:ea:f9:01:c9:7f:fa:cc:cf:5f:86:cc:a9:9c:f0:6c:af:
         62:33:ae:f7:48:62:8a:85:55:93:33:bf:97:1b:e0:1b:1d:8f:
         2d:f1:e3:ca:83:b0:ab:8c:a1:5c:3c:10:35:8c:4c:6c:2e:3e:
         09:28:a1:88:60:c5:9a:e9:24:70:35:f8:13:0b:28:e1:c3:aa:
         a6:00:b8:11:aa:62:97:e6:53:6c:e8:23:0b:98:de:94:6d:63:
         1d:ee:83:16:49:88:0d:cc:5c:98:d2:7c:66:f6:29:98:97:d5:
         76:02:c4:3c:1e:a6:96:af:be:29:a5:e4:17:5e:42:55:8e:d1:
         c9:b5:dd:22:6e:39:19:29:fc:a4:45:46:3c:2d:07:5c:dc:46:
         10:c1:41:e2:41:71:b1:03:04:d2:c4:08:dd:ec:98:c8:00:d8:
         2a:2c:16:b2:3d:43:de:25:c2:f1:90:66:20:ac:dd:9d:4c:33:
         1e:10:9a:62:ee:c2:8e:5a:d5:45:5c:29:cf:89:e0:ca:0a:eb:
         4a:d9:f1:d8:aa:4b:9e:c6:20:20:c0:ef:1d:89:0a:b4:8d:0c:
         52:7e:56:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQX4pqh1R8iD5IgQ0sB75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YTRjYjc0Y2Y1MjRjMTgxMjFkNTNiNTMyYzAzYzA2ZjRh
ZDZiZTYwHhcNMjMwMTAxMTIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTAxZTAyZGU5YzNjZTE2ZjdjZGRjOTI2Y2QyYWI1ODJjMDM1YzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFtGYtghuoOpbn/zCW06OGS+BW3q
BnDzZTwwNoYnRl0qJEbAVOc/mQsoPfXzHQmopa6j0wqAa8qVahnw5/3rh/KSkH3R
k+d2OVcvnlvWWzVNsSiV77vnygG9N5/Vvm9iQIp9CKsJkXGb+cUWhKsz6fpRxiP+
7MD83juBly80+otQfVNNQJItkttBBOSZMMT0+4SK9RP9QFq8ls7w/gSI/i2VlQo0
KdrwdjVR/HSBFXWC3zuCXOy8MCJEKNLDHyCKzmEEPhC1MK0OCKIIg0kSJqmUJyPh
FQ+7v2fTGX0tByDMwpOa85Vcp1cJiYjCcZxwvwLsfWYl93BE/pCfNrNWWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkB4C3pw84W983ckmzSq1gsA1yKMB8GA1UdIwQY
MBaAFOaky3TPUkwYEh1TtTLAPAb0rWvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXFUTGRNOVNUQmdTSFZPMU1zQThCdlN0YS1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mOWY3NzMtMTIxZS00NTBkLWI2MDYt
OThiZjQyODlkZjNiLzEvU1FIZ0xlbkR6aGIzemR5U2JOS3JXQ3dEWElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mOWY3NzMtMTIxZS00NTBkLWI2MDYtOThiZjQyODlkZjNi
LzEvNXFUTGRNOVNUQmdTSFZPMU1zQThCdlN0YS1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GEMA0G
CSqGSIb3DQEBCwUAA4IBAQBKhrItEAP7LNokUpoCed41KHGLsVITIcWHwfPp09y3
6zS0ZdLY1Or5Acl/+szPX4bMqZzwbK9iM673SGKKhVWTM7+XG+AbHY8t8ePKg7Cr
jKFcPBA1jExsLj4JKKGIYMWa6SRwNfgTCyjhw6qmALgRqmKX5lNs6CMLmN6UbWMd
7oMWSYgNzFyY0nxm9imYl9V2AsQ8HqaWr74ppeQXXkJVjtHJtd0ibjkZKfykRUY8
LQdc3EYQwUHiQXGxAwTSxAjd7JjIANgqLBayPUPeJcLxkGYgrN2dTDMeEJpi7sKO
WtVFXCnPieDKCutK2fHYqkuexiAgwO8diQq0jQxSflZD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:07 2024 by rpki-client on console-fra.rpki-client.org