Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bTsxHrwt57gMXckvrRkIKCkk42U.roa
File:                     bTsxHrwt57gMXckvrRkIKCkk42U.roa (raw, json)
Hash identifier:          6VT30MP9G1R2FfnCnQQmtS+e3sLtYiG9T/XkyidB6zs=
Subject key identifier:   6D:3B:31:1E:BC:2D:E7:B8:0C:5D:C9:2F:AD:19:08:28:29:24:E3:65
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7BC0E81248B4B16BFE0C484FC10EC
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bTsxHrwt57gMXckvrRkIKCkk42U.roa
Signing time:             Mon 02 Jan 2023 08:44:56 +0000
ROA not before:           Mon 02 Jan 2023 08:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207246
IP address blocks:        91.242.98.0/24 maxlen: 24
                          91.242.104.0/24 maxlen: 24
                          91.242.76.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:bc:0e:81:24:8b:4b:16:bf:e0:c4:84:fc:10:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6d3b311ebc2de7b80c5dc92fad1908282924e365
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ff:7d:eb:4a:98:ef:34:19:cd:1d:03:eb:a1:
                    cf:61:65:5f:30:c0:71:72:9d:43:71:15:0a:be:7c:
                    dd:4f:f3:62:2b:57:29:07:a6:c7:bc:ff:a7:16:a1:
                    c8:ce:14:2a:ee:13:d5:55:6e:2a:4c:80:d1:43:e0:
                    ff:0b:a3:fc:13:bf:bd:b9:49:11:52:78:25:5a:28:
                    11:25:42:4b:ae:20:ce:11:2e:4b:da:bb:c8:25:4c:
                    2b:e2:db:34:75:ff:53:30:d4:e8:e7:6a:4d:ba:69:
                    aa:ee:1c:01:a9:1f:fc:e1:11:bc:b1:2e:36:e3:dd:
                    c4:e1:ed:51:4a:fa:d1:f0:ab:c8:6b:3f:96:6e:48:
                    94:bc:c3:bb:55:96:5a:7e:46:55:6d:f5:48:6e:ff:
                    42:59:62:0f:cc:9d:11:2b:70:b4:23:28:80:f4:1c:
                    a9:aa:40:ff:61:32:8f:0d:8d:1c:c5:48:2e:7d:27:
                    c1:11:fc:f3:1e:e9:e4:b3:ef:86:6b:8a:40:ce:5b:
                    58:f5:fb:cd:91:27:04:19:fc:ff:48:5f:9b:69:3d:
                    d0:74:d3:cf:db:19:35:56:43:63:4c:b3:a8:c4:91:
                    9f:0a:69:45:1f:83:5a:c7:ec:73:0f:81:28:9e:6d:
                    bb:75:d3:de:4c:de:d4:38:c5:0e:b3:62:06:36:4e:
                    94:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:3B:31:1E:BC:2D:E7:B8:0C:5D:C9:2F:AD:19:08:28:29:24:E3:65
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bTsxHrwt57gMXckvrRkIKCkk42U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.76.0/23
                  91.242.98.0/24
                  91.242.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:fb:4d:19:9a:9e:f6:9c:f4:db:37:dc:fb:0a:b5:1c:e8:34:
         a4:76:23:b3:31:e6:ba:4e:c9:83:02:44:01:25:9c:3b:38:b5:
         d5:87:89:3d:00:3d:2e:61:41:2f:45:4e:08:5b:f4:af:f3:9e:
         7b:17:23:59:b8:32:8b:5f:34:54:68:a9:89:d9:87:49:df:e9:
         d5:dd:1d:66:ca:b3:18:1a:35:76:72:a3:f2:ae:ef:44:fa:e7:
         42:6b:45:89:16:ce:74:f5:6c:b2:3c:a9:a3:4c:06:0f:8c:51:
         8d:5a:70:87:12:a8:94:9b:5b:24:5d:89:69:f2:ea:b5:f4:58:
         41:d1:a3:e2:a0:a4:0e:b4:fb:05:de:b1:ff:d9:51:b7:57:75:
         29:32:73:37:e8:2e:1c:4d:15:ee:da:41:21:72:2b:0f:2e:f8:
         54:e4:53:4c:a9:de:aa:79:b8:24:f3:3a:73:1f:ce:15:0e:11:
         c9:17:35:00:6f:31:85:b6:2e:6f:22:99:5a:6f:43:75:75:ec:
         f4:9d:5d:1f:01:d2:43:a4:28:3e:7b:f8:2c:fc:97:72:86:3c:
         b6:6e:8a:fe:e3:89:77:45:2a:f9:83:99:d3:57:27:86:b3:cb:
         18:62:35:f4:30:27:40:7a:4d:f3:92:7f:b0:00:f7:3c:2b:57:
         de:24:86:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxp7wOgSSLSxa/4MSE/BDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDNiMzExZWJjMmRlN2I4MGM1ZGM5MmZhZDE5MDgyODI5MjRlMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/9960qY7zQZzR0D66HPYWVfMMBx
cp1DcRUKvnzdT/NiK1cpB6bHvP+nFqHIzhQq7hPVVW4qTIDRQ+D/C6P8E7+9uUkR
UnglWigRJUJLriDOES5L2rvIJUwr4ts0df9TMNTo52pNummq7hwBqR/84RG8sS42
493E4e1RSvrR8KvIaz+WbkiUvMO7VZZafkZVbfVIbv9CWWIPzJ0RK3C0IyiA9Byp
qkD/YTKPDY0cxUgufSfBEfzzHunks++Ga4pAzltY9fvNkScEGfz/SF+baT3QdNPP
2xk1VkNjTLOoxJGfCmlFH4Nax+xzD4Eonm27ddPeTN7UOMUOs2IGNk6UYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG07MR68Lee4DF3JL60ZCCgpJONlMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYlRzeEhyd3Q1N2dNWGNrdnJSa0lLQ2trNDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW/JMAwQA
W/JiAwQAW/JoMA0GCSqGSIb3DQEBCwUAA4IBAQBA+00Zmp72nPTbN9z7CrUc6DSk
diOzMea6TsmDAkQBJZw7OLXVh4k9AD0uYUEvRU4IW/Sv8557FyNZuDKLXzRUaKmJ
2YdJ3+nV3R1myrMYGjV2cqPyru9E+udCa0WJFs509WyyPKmjTAYPjFGNWnCHEqiU
m1skXYlp8uq19FhB0aPioKQOtPsF3rH/2VG3V3UpMnM36C4cTRXu2kEhcisPLvhU
5FNMqd6qebgk8zpzH84VDhHJFzUAbzGFti5vIplab0N1dez0nV0fAdJDpCg+e/gs
/Jdyhjy2bor+44l3RSr5g5nTVyeGs8sYYjX0MCdAek3zkn+wAPc8K1feJIaM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org