Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0qEs6Ut5ELXEVyh0y_ZH7YPLptw.roa
File:                     0qEs6Ut5ELXEVyh0y_ZH7YPLptw.roa (raw, json)
Hash identifier:          +igUqtHbVg+YKCPiexHwwuv6ke/9LYvvLT0fiddABfE=
Subject key identifier:   D2:A1:2C:E9:4B:79:10:B5:C4:57:28:74:CB:F6:47:ED:83:CB:A6:DC
Certificate issuer:       /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial:       018EADA3C294E2A33D12EFBCD92153BF5000
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0qEs6Ut5ELXEVyh0y_ZH7YPLptw.roa
Signing time:             Fri 05 Apr 2024 09:42:54 +0000
ROA not before:           Fri 05 Apr 2024 09:42:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        91.210.145.0/24 maxlen: 24
                          212.23.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 May 2024 01:13:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:ad:a3:c2:94:e2:a3:3d:12:ef:bc:d9:21:53:bf:50:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
        Validity
            Not Before: Apr  5 09:42:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d2a12ce94b7910b5c4572874cbf647ed83cba6dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:ac:64:12:52:eb:ea:f7:01:76:b2:3d:c8:8a:
                    52:9a:37:0c:16:76:63:c6:cb:c0:f4:9a:1c:b7:bf:
                    f5:09:16:a1:4a:22:71:46:c2:a8:44:63:f1:82:6b:
                    6a:11:bd:6b:53:61:df:b1:61:e1:53:e0:29:8e:a4:
                    5e:61:82:36:a7:0e:34:fe:c9:31:95:26:99:50:43:
                    4b:39:57:9e:c2:e2:08:76:75:77:85:7a:22:35:b1:
                    9b:a9:6e:3e:f8:9c:56:ca:77:d5:8c:f6:5d:f6:d4:
                    d0:7f:1e:d1:4e:79:39:81:33:0b:9f:1b:e8:97:63:
                    7e:17:cb:fc:c7:bb:6c:be:97:82:32:74:bf:3f:01:
                    17:12:6c:74:04:5b:17:e0:7e:f8:38:0d:05:cc:f7:
                    b9:65:27:db:ac:fa:e2:6e:8c:2c:e5:89:70:03:c9:
                    ca:6c:5d:c3:40:21:e4:8e:be:16:ee:13:74:e9:88:
                    3a:f6:50:ed:5e:dc:f5:dd:e1:95:0e:cb:f7:65:31:
                    97:b2:5e:1f:fb:ec:09:d6:52:7c:73:10:da:b2:67:
                    ee:01:03:3b:92:18:71:cd:c1:01:07:0d:cc:c1:0d:
                    67:80:99:a2:2e:55:48:12:bb:d0:f9:8e:1e:15:30:
                    1d:42:04:0a:8d:cb:be:3c:6a:ff:25:ab:de:d3:94:
                    48:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:A1:2C:E9:4B:79:10:B5:C4:57:28:74:CB:F6:47:ED:83:CB:A6:DC
            X509v3 Authority Key Identifier:
                keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0qEs6Ut5ELXEVyh0y_ZH7YPLptw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.210.145.0/24
                  212.23.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:ca:a3:10:19:3a:4c:ab:24:42:68:e3:85:e6:e1:dc:e4:d6:
         a5:de:99:1f:f2:84:50:dc:69:11:8a:66:4d:c9:19:7c:cf:c9:
         64:ab:9b:10:e8:71:e9:86:bf:05:95:79:61:ac:de:5c:50:1a:
         a6:f0:65:ed:64:03:9e:11:e1:62:a3:cf:cc:8f:15:ba:8e:68:
         4e:b0:8a:4a:9b:87:f1:16:23:82:82:c8:db:90:c2:5a:21:82:
         e7:b0:71:55:d1:77:b7:8d:3d:a9:5a:eb:54:7d:11:25:b8:d1:
         59:06:fa:b5:77:8b:52:52:e2:d6:df:af:92:60:e2:12:0a:1e:
         a6:af:27:aa:79:7c:56:7d:53:e8:fd:f0:be:bc:6e:24:99:5f:
         4f:ed:11:75:70:93:f6:eb:e1:8c:7e:49:2d:93:17:76:01:12:
         1d:ff:95:1e:f0:d3:88:17:78:ff:cd:db:28:30:e1:c8:10:85:
         e3:8f:4a:d8:5b:eb:2e:3e:51:28:71:14:cf:78:10:d6:ca:76:
         43:60:59:b1:25:61:71:94:92:69:b2:98:88:06:3d:f3:17:8a:
         46:a5:ef:46:cf:72:37:91:71:b2:c1:56:ed:9e:91:ee:6f:27:
         c3:5f:64:a2:c5:74:76:b3:fd:fd:63:d2:5f:3d:5f:2e:85:5b:
         1d:3c:08:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6to8KU4qM9Eu+82SFTv1AAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDA1MDk0MjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmExMmNlOTRiNzkxMGI1YzQ1NzI4NzRjYmY2NDdlZDgzY2JhNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqxkElLr6vcBdrI9yIpSmjcMFnZj
xsvA9Joct7/1CRahSiJxRsKoRGPxgmtqEb1rU2HfsWHhU+ApjqReYYI2pw40/skx
lSaZUENLOVeewuIIdnV3hXoiNbGbqW4++JxWynfVjPZd9tTQfx7RTnk5gTMLnxvo
l2N+F8v8x7tsvpeCMnS/PwEXEmx0BFsX4H74OA0FzPe5ZSfbrPribows5YlwA8nK
bF3DQCHkjr4W7hN06Yg69lDtXtz13eGVDsv3ZTGXsl4f++wJ1lJ8cxDasmfuAQM7
khhxzcEBBw3MwQ1ngJmiLlVIErvQ+Y4eFTAdQgQKjcu+PGr/Jave05RIUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNKhLOlLeRC1xFcodMv2R+2Dy6bcMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMHFFczZVdDVFTFhFVnloMHlfWkg3WVBMcHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9KRAwQA
1BfOMA0GCSqGSIb3DQEBCwUAA4IBAQBcyqMQGTpMqyRCaOOF5uHc5Nal3pkf8oRQ
3GkRimZNyRl8z8lkq5sQ6HHphr8FlXlhrN5cUBqm8GXtZAOeEeFio8/MjxW6jmhO
sIpKm4fxFiOCgsjbkMJaIYLnsHFV0Xe3jT2pWutUfREluNFZBvq1d4tSUuLW36+S
YOISCh6mryeqeXxWfVPo/fC+vG4kmV9P7RF1cJP26+GMfkktkxd2ARId/5Ue8NOI
F3j/zdsoMOHIEIXjj0rYW+suPlEocRTPeBDWynZDYFmxJWFxlJJpspiIBj3zF4pG
pe9Gz3I3kXGywVbtnpHubyfDX2SixXR2s/39Y9JfPV8uhVsdPAhv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org