Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a9tIn_ZM_4ZezVQU0H7J1So_bE4.roa
File:                     a9tIn_ZM_4ZezVQU0H7J1So_bE4.roa (raw, json)
Hash identifier:          +l4lA6xtRq++2fxo838Y90bp5QYK1l9nMQX+kpY2vNA=
Subject key identifier:   6B:DB:48:9F:F6:4C:FF:86:5E:CD:54:14:D0:7E:C9:D5:2A:3F:6C:4E
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018CC2DB3D2B55B215E4BDB8F5B2B622E234
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a9tIn_ZM_4ZezVQU0H7J1So_bE4.roa
Signing time:             Mon 01 Jan 2024 02:29:57 +0000
ROA not before:           Mon 01 Jan 2024 02:29:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209982
IP address blocks:        194.35.52.0/22 maxlen: 22
                          91.239.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Nov 2024 17:17:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:3d:2b:55:b2:15:e4:bd:b8:f5:b2:b6:22:e2:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  1 02:29:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6bdb489ff64cff865ecd5414d07ec9d52a3f6c4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:31:24:16:bd:a5:98:3d:88:cf:43:70:cd:b4:
                    27:3b:99:4b:f6:ed:92:4a:c9:30:46:7b:24:51:12:
                    c5:9c:12:66:3a:27:55:79:5a:63:02:be:e5:22:1c:
                    4e:fe:a7:1b:ad:a4:38:36:ac:61:c2:54:7e:ee:94:
                    f3:4d:de:d9:2a:89:f7:84:ac:44:b5:51:b1:25:5d:
                    fd:e4:3c:57:5a:03:bf:20:d4:3b:72:a4:fe:f5:6c:
                    6f:75:28:53:61:b1:89:6a:c5:db:9c:79:77:a7:c7:
                    d0:f7:a1:f1:90:e9:3a:6c:c5:29:90:af:6b:cf:87:
                    99:bf:d2:96:fc:5e:54:4f:b6:98:8e:83:8f:1f:6e:
                    d2:5f:23:5b:7e:a1:57:67:3a:75:d5:ba:52:07:b0:
                    76:c4:aa:21:a3:0c:40:72:90:c0:e4:22:83:56:93:
                    a5:9c:12:cd:1d:82:68:fc:22:6a:f2:28:ef:f0:6b:
                    2b:ef:2b:4e:0b:44:9e:36:65:ef:0a:ee:98:9b:e9:
                    69:18:cd:23:bd:c8:b0:a0:42:40:bf:65:39:1b:08:
                    b4:6f:bd:23:73:db:6d:d0:c8:14:78:bb:da:89:ce:
                    68:3c:82:0e:94:c0:52:6f:3a:28:41:40:5e:bc:0c:
                    47:92:aa:6e:7f:45:89:3f:a1:0e:a5:b0:67:ca:c7:
                    4e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:DB:48:9F:F6:4C:FF:86:5E:CD:54:14:D0:7E:C9:D5:2A:3F:6C:4E
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a9tIn_ZM_4ZezVQU0H7J1So_bE4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.59.0/24
                  194.35.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:ed:fa:65:01:11:29:55:eb:39:52:29:14:3a:34:f5:c6:af:
         95:f5:d2:43:7a:bd:de:7a:81:c9:1d:a3:23:0e:c8:77:5a:a1:
         7e:99:f7:db:e7:de:c5:5e:6b:af:39:cc:a9:74:43:fb:32:d9:
         5d:9d:79:d9:42:9f:c2:88:5c:ea:a7:41:63:3c:91:dc:7a:2f:
         f9:72:39:73:b1:93:62:42:a2:e4:36:8b:30:45:0e:13:93:2a:
         2f:19:b3:d4:50:c5:3c:82:77:49:cb:f7:24:1f:a4:87:49:8f:
         23:20:14:31:cf:2f:35:69:39:a9:fd:1e:1e:d7:6c:b2:15:06:
         ab:7c:c5:5e:a8:89:a8:e0:86:a0:62:ca:10:4c:5d:5f:1c:02:
         1a:a1:55:b5:a5:f8:9c:fe:e5:d6:4b:fc:50:73:f0:13:bb:ad:
         4b:54:b6:66:89:a3:7a:70:d8:e7:44:8d:06:17:ec:12:09:87:
         7b:fd:64:de:87:b6:8e:74:19:3c:3c:ff:db:fd:8a:9c:d9:e5:
         8a:77:82:08:25:5f:1f:ff:f9:89:e4:6c:9c:b4:7d:3d:df:7a:
         7c:08:2a:29:4d:99:56:23:81:1a:f3:e4:6b:b1:84:c7:76:1d:
         10:5e:ff:f6:91:7b:1e:8b:96:95:14:80:86:3c:8c:10:51:4d:
         67:08:75:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2z0rVbIV5L249bK2IuI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRiNDg5ZmY2NGNmZjg2NWVjZDU0MTRkMDdlYzlkNTJhM2Y2YzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTEkFr2lmD2Iz0NwzbQnO5lL9u2S
SskwRnskURLFnBJmOidVeVpjAr7lIhxO/qcbraQ4NqxhwlR+7pTzTd7ZKon3hKxE
tVGxJV395DxXWgO/INQ7cqT+9WxvdShTYbGJasXbnHl3p8fQ96HxkOk6bMUpkK9r
z4eZv9KW/F5UT7aYjoOPH27SXyNbfqFXZzp11bpSB7B2xKohowxAcpDA5CKDVpOl
nBLNHYJo/CJq8ijv8Gsr7ytOC0SeNmXvCu6Ym+lpGM0jvciwoEJAv2U5Gwi0b70j
c9tt0MgUeLvaic5oPIIOlMBSbzooQUBevAxHkqpuf0WJP6EOpbBnysdOmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGvbSJ/2TP+GXs1UFNB+ydUqP2xOMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYTl0SW5fWk1fNFplelZRVTBIN0oxU29fYkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+87AwQC
wiM0MA0GCSqGSIb3DQEBCwUAA4IBAQBP7fplAREpVes5UikUOjT1xq+V9dJDer3e
eoHJHaMjDsh3WqF+mffb597FXmuvOcypdEP7MtldnXnZQp/CiFzqp0FjPJHcei/5
cjlzsZNiQqLkNoswRQ4TkyovGbPUUMU8gndJy/ckH6SHSY8jIBQxzy81aTmp/R4e
12yyFQarfMVeqImo4IagYsoQTF1fHAIaoVW1pfic/uXWS/xQc/ATu61LVLZmiaN6
cNjnRI0GF+wSCYd7/WTeh7aOdBk8PP/b/Yqc2eWKd4IIJV8f//mJ5GyctH0933p8
CCopTZlWI4Ea8+RrsYTHdh0QXv/2kXsei5aVFICGPIwQUU1nCHXZ
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:49 2024 by rpki-client on console-ams.rpki-client.org