Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bFIq12HsSrxhupK7O-6f22Y0kIQ.roa
File:                     bFIq12HsSrxhupK7O-6f22Y0kIQ.roa (raw, json)
Hash identifier:          VuY/vTvePhvlnFlQ/0ftnNMpoztQ+IrewG/tSxoqc4U=
Subject key identifier:   6C:52:2A:D7:61:EC:4A:BC:61:BA:92:BB:3B:EE:9F:DB:66:34:90:84
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       0189B2D2F62F18BDF7C104D16A7E259D7A4D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bFIq12HsSrxhupK7O-6f22Y0kIQ.roa
Signing time:             Tue 01 Aug 2023 20:38:37 +0000
ROA not before:           Tue 01 Aug 2023 20:38:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398436
IP address blocks:        91.242.108.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b2:d2:f6:2f:18:bd:f7:c1:04:d1:6a:7e:25:9d:7a:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Aug  1 20:38:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c522ad761ec4abc61ba92bb3bee9fdb66349084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4e:fd:3c:57:36:16:04:3b:e6:46:69:fa:d2:
                    8a:ef:e4:b7:47:0b:67:69:2d:40:3f:17:2d:a0:76:
                    94:ee:96:ff:41:47:f0:50:e9:7e:5f:7d:85:55:73:
                    0f:a5:03:d2:18:e7:5f:b6:59:5c:ee:c0:80:76:da:
                    7b:ae:30:e9:4c:62:29:a6:dd:01:41:2b:63:9a:0c:
                    0d:91:a6:3b:e7:20:a2:d4:97:be:4e:0c:18:31:2f:
                    42:91:e9:4b:32:47:b1:68:c9:9f:4d:fe:d5:e1:4e:
                    a6:e1:70:bd:8e:b1:73:6b:23:75:77:c8:be:38:41:
                    2c:c2:a3:91:66:c0:69:80:f4:6f:2f:d5:71:a8:0f:
                    67:13:ec:6e:ef:8e:99:8e:47:04:78:2a:da:ff:18:
                    2f:5a:bd:c0:40:4c:3d:f8:1c:32:66:5a:da:96:eb:
                    28:7e:76:b7:ba:3d:cd:ab:e8:57:4e:40:de:36:16:
                    cd:0e:20:14:e1:07:6a:a3:e3:f8:a0:dd:07:e6:e9:
                    e8:3c:25:78:cb:6b:80:bb:ee:d8:ff:a4:65:92:23:
                    cc:a1:2b:43:9d:1a:b9:27:e9:34:5f:27:c8:6c:ed:
                    e4:23:ff:ac:a0:b4:78:38:31:78:18:ec:99:a0:32:
                    e7:cf:cd:24:f4:27:e4:f3:cf:49:1b:05:a8:92:8c:
                    59:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:52:2A:D7:61:EC:4A:BC:61:BA:92:BB:3B:EE:9F:DB:66:34:90:84
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bFIq12HsSrxhupK7O-6f22Y0kIQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:f5:6f:08:a7:f6:4c:ff:0e:76:30:be:dc:4d:6f:75:87:6b:
         bf:4a:4b:c9:58:ce:79:9d:25:44:30:c1:e4:cf:38:64:19:a8:
         c6:69:c5:5a:62:42:6a:f4:e5:99:99:ff:c9:c3:30:00:2e:a9:
         e1:28:df:05:52:e0:2f:29:a1:0d:bd:3e:53:5d:85:e5:17:4c:
         68:6c:7a:f5:98:bd:36:77:c2:3f:d7:d7:cb:2a:fe:29:37:4f:
         5a:ee:2e:41:56:86:fa:e3:26:a9:59:94:57:f4:46:d2:d6:52:
         f0:ca:83:a7:a9:f5:04:43:d3:29:ae:a6:65:93:18:0c:08:05:
         3e:fc:3b:97:ab:0f:12:e4:b2:1d:72:55:42:31:a1:45:e7:f6:
         02:93:20:aa:0e:0a:c9:51:a3:9f:93:1f:ea:fa:2b:67:13:c7:
         6e:b7:60:74:76:5f:56:c5:b2:ff:0a:9d:fb:ec:28:5a:14:3a:
         d8:c4:ad:e6:a8:bd:ca:b4:0c:36:0e:d3:94:33:4f:17:5f:d2:
         f3:d4:d1:84:ff:05:d9:1e:9e:1a:59:e9:2e:c0:15:17:01:2d:
         cb:bd:f7:a2:48:9d:8a:03:db:99:fd:75:6b:65:07:72:0a:14:
         9e:3f:46:94:51:8b:16:ac:ce:5e:93:68:d0:1f:9e:91:b9:a8:
         8a:55:df:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmy0vYvGL33wQTRan4lnXpNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODAxMjAzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzUyMmFkNzYxZWM0YWJjNjFiYTkyYmIzYmVlOWZkYjY2MzQ5MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk79PFc2FgQ75kZp+tKK7+S3Rwtn
aS1APxctoHaU7pb/QUfwUOl+X32FVXMPpQPSGOdftllc7sCAdtp7rjDpTGIppt0B
QStjmgwNkaY75yCi1Je+TgwYMS9CkelLMkexaMmfTf7V4U6m4XC9jrFzayN1d8i+
OEEswqORZsBpgPRvL9VxqA9nE+xu746ZjkcEeCra/xgvWr3AQEw9+BwyZlraluso
fna3uj3Nq+hXTkDeNhbNDiAU4Qdqo+P4oN0H5unoPCV4y2uAu+7Y/6RlkiPMoStD
nRq5J+k0XyfIbO3kI/+soLR4ODF4GOyZoDLnz80k9Cfk889JGwWokoxZOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxSKtdh7Eq8YbqSuzvun9tmNJCEMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYkZJcTEySHNTcnhodXBLN08tNmYyMlkwa0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW/JsMA0G
CSqGSIb3DQEBCwUAA4IBAQBa9W8Ip/ZM/w52ML7cTW91h2u/SkvJWM55nSVEMMHk
zzhkGajGacVaYkJq9OWZmf/JwzAALqnhKN8FUuAvKaENvT5TXYXlF0xobHr1mL02
d8I/19fLKv4pN09a7i5BVob64yapWZRX9EbS1lLwyoOnqfUEQ9MprqZlkxgMCAU+
/DuXqw8S5LIdclVCMaFF5/YCkyCqDgrJUaOfkx/q+itnE8dut2B0dl9WxbL/Cp37
7ChaFDrYxK3mqL3KtAw2DtOUM08XX9Lz1NGE/wXZHp4aWekuwBUXAS3LvfeiSJ2K
A9uZ/XVrZQdyChSeP0aUUYsWrM5ek2jQH56RuaiKVd8r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org