Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8gkTRjjQlWQtkNbVC26U1vDPiDM.roa
File:                     8gkTRjjQlWQtkNbVC26U1vDPiDM.roa (raw, json)
Hash identifier:          f95ZhDClgiJ5hqoU/0gBuG2nWZW/d4tLSeOX8wWllx4=
Subject key identifier:   F2:09:13:46:38:D0:95:64:2D:90:D6:D5:0B:6E:94:D6:F0:CF:88:33
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       01866DE6F2E051A93EE95FF5EA913557C9D0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8gkTRjjQlWQtkNbVC26U1vDPiDM.roa
Signing time:             Mon 20 Feb 2023 08:18:17 +0000
ROA not before:           Mon 20 Feb 2023 08:18:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138687
IP address blocks:        91.242.101.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 Mar 2023 09:18:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:6d:e6:f2:e0:51:a9:3e:e9:5f:f5:ea:91:35:57:c9:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Feb 20 08:18:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f209134638d095642d90d6d50b6e94d6f0cf8833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e9:75:4d:af:9f:7c:af:7c:6b:a1:86:5f:fb:
                    03:59:84:dd:48:76:0a:27:38:4a:34:04:e7:7d:bd:
                    99:41:3e:f5:5f:29:3a:ec:77:73:16:fc:a7:ad:ee:
                    58:4e:09:49:a9:b9:d7:32:80:08:bb:fd:6b:ea:4b:
                    32:3c:c5:08:88:90:a5:69:15:e4:6e:b7:08:39:c0:
                    64:c3:4c:50:d7:5b:ad:72:b3:a2:90:7f:1f:ff:aa:
                    10:3e:02:40:8e:06:56:a9:36:cb:69:a6:eb:d0:00:
                    80:9a:45:09:a1:3b:04:a9:20:60:e2:5f:76:4a:6a:
                    fa:73:62:76:f5:84:85:47:0e:9f:a9:09:92:0d:74:
                    e9:35:7c:f7:c5:1e:e4:d2:a5:01:b1:49:37:ea:8d:
                    4f:50:5f:b1:13:fc:92:19:f2:cc:fb:e1:d1:9f:7b:
                    de:c7:0a:38:cb:68:e0:a8:32:6c:2f:6e:66:48:d3:
                    2d:86:2d:4a:9a:53:a9:95:56:93:43:30:f6:00:03:
                    e3:82:ff:90:5b:0a:48:ee:31:83:3a:12:0e:9a:77:
                    eb:43:e3:91:32:3f:3c:52:29:be:1a:37:9e:38:ef:
                    3e:8d:86:68:d0:31:12:2e:85:24:7e:5e:e6:c0:44:
                    fb:8b:75:92:d8:8c:e6:8f:90:71:1e:8a:fc:21:ef:
                    a1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:09:13:46:38:D0:95:64:2D:90:D6:D5:0B:6E:94:D6:F0:CF:88:33
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8gkTRjjQlWQtkNbVC26U1vDPiDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:90:45:ae:2e:9b:6c:44:b8:8e:9a:7c:6f:4c:4b:82:1e:2d:
         6b:16:eb:fe:59:e8:0a:cb:d3:cd:de:80:ea:fd:35:63:fa:e7:
         18:c8:78:11:ef:3d:79:c6:74:fa:e5:6c:6e:51:9f:74:c0:a2:
         8d:05:18:af:fc:08:1f:b2:14:f2:ff:c3:cc:49:0e:32:5b:2b:
         6e:62:ac:d5:34:36:d6:a9:33:39:57:d4:2c:cd:c0:b8:ad:86:
         d3:81:db:fc:7a:a5:67:50:8d:a4:c5:92:d1:b8:d9:b3:45:fd:
         94:66:76:4a:be:23:27:42:4f:48:49:98:8b:25:bf:ef:bb:7c:
         bb:05:7b:27:d0:a6:05:6c:46:12:d3:88:a2:56:30:e9:63:80:
         0b:d7:a4:1c:cc:8a:ab:5f:7a:60:6a:e7:63:f2:40:a1:19:79:
         e1:47:e6:7d:5e:aa:f8:be:17:c6:fe:c4:9c:11:dc:74:0d:83:
         e5:e8:19:30:4d:e0:8b:1f:08:1e:5a:16:08:8c:e8:ed:ff:cb:
         ef:ef:ac:71:d4:d2:dd:6c:73:cd:3d:3e:ae:9b:28:2a:40:46:
         8a:ab:6b:17:5a:ae:d5:50:0b:4c:6a:7e:c2:95:30:cb:e8:0a:
         9d:a9:12:e0:d0:7b:db:fa:63:f1:7e:b1:1e:9b:05:a9:43:d1:
         fa:72:4b:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZt5vLgUak+6V/16pE1V8nQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMjIwMDgxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjA5MTM0NjM4ZDA5NTY0MmQ5MGQ2ZDUwYjZlOTRkNmYwY2Y4ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+l1Ta+ffK98a6GGX/sDWYTdSHYK
JzhKNATnfb2ZQT71Xyk67HdzFvynre5YTglJqbnXMoAIu/1r6ksyPMUIiJClaRXk
brcIOcBkw0xQ11utcrOikH8f/6oQPgJAjgZWqTbLaabr0ACAmkUJoTsEqSBg4l92
Smr6c2J29YSFRw6fqQmSDXTpNXz3xR7k0qUBsUk36o1PUF+xE/ySGfLM++HRn3ve
xwo4y2jgqDJsL25mSNMthi1KmlOplVaTQzD2AAPjgv+QWwpI7jGDOhIOmnfrQ+OR
Mj88Uim+GjeeOO8+jYZo0DESLoUkfl7mwET7i3WS2Izmj5BxHor8Ie+h5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIJE0Y40JVkLZDW1QtulNbwz4gzMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvOGdrVFJqalFsV1F0a05iVkMyNlUxdkRQaURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/JlMA0G
CSqGSIb3DQEBCwUAA4IBAQC0kEWuLptsRLiOmnxvTEuCHi1rFuv+WegKy9PN3oDq
/TVj+ucYyHgR7z15xnT65WxuUZ90wKKNBRiv/AgfshTy/8PMSQ4yWytuYqzVNDbW
qTM5V9QszcC4rYbTgdv8eqVnUI2kxZLRuNmzRf2UZnZKviMnQk9ISZiLJb/vu3y7
BXsn0KYFbEYS04iiVjDpY4AL16QczIqrX3pgaudj8kChGXnhR+Z9Xqr4vhfG/sSc
Edx0DYPl6BkwTeCLHwgeWhYIjOjt/8vv76xx1NLdbHPNPT6umygqQEaKq2sXWq7V
UAtMan7ClTDL6AqdqRLg0Hvb+mPxfrEemwWpQ9H6cksA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org