Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2TPkoI4KbvhGZABr1Rv6Qwwvees.roa
File:                     2TPkoI4KbvhGZABr1Rv6Qwwvees.roa (raw, json)
Hash identifier:          zPfqsO5D2IQg2laDGhE2bGFb0rPqn3fngiL5tsPknL8=
Subject key identifier:   D9:33:E4:A0:8E:0A:6E:F8:46:64:00:6B:D5:1B:FA:43:0C:2F:79:EB
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       0185E49A4624A30F96B4873F2F3366FD0DCF
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2TPkoI4KbvhGZABr1Rv6Qwwvees.roa
Signing time:             Tue 24 Jan 2023 16:26:33 +0000
ROA not before:           Tue 24 Jan 2023 16:26:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138687
IP address blocks:        91.242.101.0/24 maxlen: 24
                          195.138.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Feb 2023 08:18:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:9a:46:24:a3:0f:96:b4:87:3f:2f:33:66:fd:0d:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan 24 16:26:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d933e4a08e0a6ef84664006bd51bfa430c2f79eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:4e:71:95:d2:cb:b2:e4:5c:8a:f8:8f:34:a7:
                    30:f1:e8:7e:94:45:5d:89:aa:aa:be:49:54:db:d8:
                    12:4f:48:70:d8:7d:62:90:05:36:dd:6e:3c:a1:54:
                    03:dc:bf:2c:95:6a:54:ab:e7:cf:af:1b:04:3e:3f:
                    8f:a9:4e:ec:9b:37:2b:59:f0:f8:26:04:11:c1:9d:
                    95:63:f0:35:4a:d4:57:07:0e:7f:b0:f5:7a:26:bb:
                    51:bc:87:ff:05:5e:dd:80:51:70:ec:44:93:bd:b2:
                    31:9a:ab:15:d6:55:82:30:0b:61:e7:cc:d2:f9:57:
                    8c:0b:40:5f:0a:7a:b3:3f:c6:92:ba:73:f6:30:7b:
                    7e:a0:c0:23:06:64:b8:a7:9c:39:55:74:3a:d3:95:
                    90:08:43:58:b4:fd:33:b2:70:c6:2a:d4:ed:8f:59:
                    3b:45:a0:30:c5:47:5b:1e:d0:5a:d8:1f:fc:05:10:
                    36:b4:c7:a7:c4:23:59:0e:c6:7a:25:5c:d5:5a:6e:
                    19:de:9c:e5:f0:a1:bc:f4:78:6b:3e:85:f4:be:ab:
                    2b:f5:f2:a5:0e:d1:32:35:15:ca:7e:ae:5e:5b:85:
                    1a:e3:31:a9:9d:02:b4:7a:67:fc:e3:73:5a:df:37:
                    3f:4e:de:63:8f:cb:e2:77:90:10:51:7a:62:34:89:
                    1d:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:33:E4:A0:8E:0A:6E:F8:46:64:00:6B:D5:1B:FA:43:0C:2F:79:EB
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2TPkoI4KbvhGZABr1Rv6Qwwvees.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.101.0/24
                  195.138.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:2f:96:0a:ed:06:1a:3f:90:35:27:bc:d3:79:2b:03:d3:b7:
         c0:e7:f9:c8:17:11:b1:3f:b9:43:4d:ab:b6:61:70:c8:b6:b0:
         66:ec:83:4a:ce:26:14:6a:8b:fd:20:24:06:1b:19:51:f7:7c:
         a5:22:63:94:6a:57:c5:2c:38:69:38:81:12:c8:cd:36:f9:59:
         23:71:86:a3:97:ab:8b:68:8c:4c:08:14:58:92:b9:bb:a7:0a:
         2a:c9:3f:f2:19:c5:56:fe:62:67:40:e6:dd:3c:00:68:11:6d:
         9c:63:24:27:8f:61:af:d8:19:40:9e:d0:2c:18:48:ea:9b:f9:
         cb:8f:59:49:a2:a9:04:9a:d6:79:c8:9d:e1:06:dd:e5:f9:2f:
         14:40:92:b3:6a:ff:0d:d1:19:f2:26:ad:0c:b9:b6:7a:9d:50:
         c3:49:e7:d6:ae:e0:9d:0a:21:6d:2c:b4:58:75:f9:a7:ce:00:
         0a:0d:24:f6:d3:57:20:b3:4e:df:52:5e:c2:7a:f3:c2:3e:2c:
         ad:d8:9c:75:e0:f9:87:90:ce:d0:c1:de:61:72:e5:7d:52:ca:
         2a:80:dd:6e:ae:ea:9b:fe:93:b6:75:34:71:64:e6:11:bf:63:
         2a:f3:89:79:6a:f3:e6:44:a7:13:8b:ae:15:73:85:67:d3:9c:
         38:c6:41:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXkmkYkow+WtIc/LzNm/Q3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTI0MTYyNjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTMzZTRhMDhlMGE2ZWY4NDY2NDAwNmJkNTFiZmE0MzBjMmY3OWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk5xldLLsuRciviPNKcw8eh+lEVd
iaqqvklU29gST0hw2H1ikAU23W48oVQD3L8slWpUq+fPrxsEPj+PqU7smzcrWfD4
JgQRwZ2VY/A1StRXBw5/sPV6JrtRvIf/BV7dgFFw7ESTvbIxmqsV1lWCMAth58zS
+VeMC0BfCnqzP8aSunP2MHt+oMAjBmS4p5w5VXQ605WQCENYtP0zsnDGKtTtj1k7
RaAwxUdbHtBa2B/8BRA2tMenxCNZDsZ6JVzVWm4Z3pzl8KG89HhrPoX0vqsr9fKl
DtEyNRXKfq5eW4Ua4zGpnQK0emf843Na3zc/Tt5jj8vid5AQUXpiNIkdxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNkz5KCOCm74RmQAa9Ub+kMML3nrMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvMlRQa29JNEtidmhHWkFCcjFSdjZRd3d2ZWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/JlAwQA
w4puMA0GCSqGSIb3DQEBCwUAA4IBAQACL5YK7QYaP5A1J7zTeSsD07fA5/nIFxGx
P7lDTau2YXDItrBm7INKziYUaov9ICQGGxlR93ylImOUalfFLDhpOIESyM02+Vkj
cYajl6uLaIxMCBRYkrm7pwoqyT/yGcVW/mJnQObdPABoEW2cYyQnj2Gv2BlAntAs
GEjqm/nLj1lJoqkEmtZ5yJ3hBt3l+S8UQJKzav8N0RnyJq0MubZ6nVDDSefWruCd
CiFtLLRYdfmnzgAKDST201cgs07fUl7CevPCPiyt2Jx14PmHkM7Qwd5hcuV9Usoq
gN1uruqb/pO2dTRxZOYRv2Mq84l5avPmRKcTi64Vc4Vn05w4xkE4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org