Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/x_hWeqyEjV4IafXfwY9N-Z3bYLc.roa
File:                     x_hWeqyEjV4IafXfwY9N-Z3bYLc.roa (raw, json)
Hash identifier:          IlM7eZApHKa7qFlvV0TiVsGrClemSdf2YAAsdfjGP1k=
Subject key identifier:   C7:F8:56:7A:AC:84:8D:5E:08:69:F5:DF:C1:8F:4D:F9:9D:DB:60:B7
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       0188E3E998ED6D13CAA55ED9975CEC9974C9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/x_hWeqyEjV4IafXfwY9N-Z3bYLc.roa
Signing time:             Thu 22 Jun 2023 16:21:57 +0000
ROA not before:           Thu 22 Jun 2023 16:21:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     54903
IP address blocks:        91.242.83.0/24 maxlen: 24
                          91.242.81.0/24 maxlen: 24
                          91.242.100.0/23 maxlen: 23
                          91.242.107.0/24 maxlen: 24
                          91.242.108.0/22 maxlen: 22
                          91.242.64.0/22 maxlen: 22
                          91.242.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e3:e9:98:ed:6d:13:ca:a5:5e:d9:97:5c:ec:99:74:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jun 22 16:21:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c7f8567aac848d5e0869f5dfc18f4df99ddb60b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:7f:0a:c2:d2:2a:9c:19:bf:dc:32:13:33:d9:
                    76:ba:58:8f:5a:c4:3b:09:27:58:22:18:55:6b:56:
                    9d:13:77:5c:c9:54:ac:70:cb:7c:06:47:ab:9b:e8:
                    ff:ab:71:7a:0d:7b:64:d0:4c:d6:f0:7d:d7:48:2c:
                    8d:b3:55:f2:14:f7:1c:eb:9f:b4:f8:13:0b:ea:24:
                    58:0d:45:c6:eb:1f:8e:17:52:72:76:7e:2d:19:65:
                    51:49:5b:e6:6d:c7:d1:cd:b3:fc:62:da:ef:80:43:
                    1d:86:88:60:2f:07:9c:e5:57:29:14:f7:c8:a3:c9:
                    c4:65:33:64:45:ae:33:3c:85:4b:19:23:92:5c:c3:
                    5a:08:8b:17:dd:68:50:b9:be:4d:da:72:e9:71:91:
                    5e:2c:cf:09:35:4b:14:5b:37:b9:16:cd:8b:7f:57:
                    a1:48:96:ef:88:12:0b:2d:3d:2c:9f:66:3b:9c:fe:
                    ef:ad:59:bf:2a:a9:e4:ad:c6:26:1d:3c:5e:a0:79:
                    80:65:7e:5a:a2:f5:46:c1:ce:71:9c:ec:99:f9:6f:
                    ea:19:28:5a:66:de:8d:fa:81:6f:dd:64:41:1e:5a:
                    08:bf:01:e1:45:8d:ab:7a:a4:61:21:f8:80:66:b7:
                    5c:3e:66:bd:66:06:b9:0d:7e:87:ff:e1:fd:30:eb:
                    bf:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:F8:56:7A:AC:84:8D:5E:08:69:F5:DF:C1:8F:4D:F9:9D:DB:60:B7
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/x_hWeqyEjV4IafXfwY9N-Z3bYLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.64.0/22
                  91.242.71.0/24
                  91.242.81.0/24
                  91.242.83.0/24
                  91.242.100.0/23
                  91.242.107.0-91.242.111.255

    Signature Algorithm: sha256WithRSAEncryption
         3b:21:7c:7c:fc:49:fe:b7:60:62:34:6c:a4:e1:2b:db:bc:2c:
         b6:ff:d1:ee:78:ea:10:92:37:02:d7:e7:dc:62:1b:68:55:d4:
         d6:85:4c:06:90:ad:0b:a6:4e:d0:dc:39:cc:4c:39:af:f4:78:
         23:06:86:14:34:63:89:07:56:8c:21:25:8f:c6:02:e1:ac:b1:
         b0:09:c8:6d:2a:7b:a2:09:96:fd:ca:56:4f:0f:86:b3:d0:5d:
         ac:cb:e6:56:ee:ea:d7:32:31:ab:3f:2f:b8:87:f2:ce:02:d8:
         14:51:09:53:55:dd:36:60:f6:4e:15:bf:19:b2:de:f9:92:d1:
         ea:30:6a:b6:ea:ab:4e:5a:1b:15:a5:df:91:0f:94:3a:9a:bf:
         07:61:e3:04:d9:79:ea:1c:07:f2:09:d4:14:7e:f5:05:b9:7c:
         77:59:09:73:f9:ff:a3:4b:76:13:73:e0:e9:32:3c:a4:7c:ce:
         6e:48:5a:68:4e:d1:56:35:9a:8e:14:12:78:de:2b:91:ec:a3:
         d9:0a:57:39:c5:8c:08:0a:1a:93:c0:46:95:1a:4f:47:cf:ed:
         42:4d:a7:a2:8b:42:f3:41:d6:f4:50:d4:43:fd:2e:9d:96:57:
         77:1a:1e:2c:24:83:2c:67:22:97:55:c7:75:eb:60:38:97:96:
         a4:b2:03:37
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYjj6ZjtbRPKpV7Zl1zsmXTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNjIyMTYyMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y4NTY3YWFjODQ4ZDVlMDg2OWY1ZGZjMThmNGRmOTlkZGI2MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj38KwtIqnBm/3DITM9l2uliPWsQ7
CSdYIhhVa1adE3dcyVSscMt8Bkerm+j/q3F6DXtk0EzW8H3XSCyNs1XyFPcc65+0
+BML6iRYDUXG6x+OF1Jydn4tGWVRSVvmbcfRzbP8YtrvgEMdhohgLwec5VcpFPfI
o8nEZTNkRa4zPIVLGSOSXMNaCIsX3WhQub5N2nLpcZFeLM8JNUsUWze5Fs2Lf1eh
SJbviBILLT0sn2Y7nP7vrVm/KqnkrcYmHTxeoHmAZX5aovVGwc5xnOyZ+W/qGSha
Zt6N+oFv3WRBHloIvwHhRY2reqRhIfiAZrdcPma9Zga5DX6H/+H9MOu/mwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMf4VnqshI1eCGn138GPTfmd22C3MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEveF9oV2VxeUVqVjRJYWZYZndZOU4tWjNiWUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCW/JAAwQA
W/JHAwQAW/JRAwQAW/JTAwQBW/JkMAwDBABb8msDBARb8mAwDQYJKoZIhvcNAQEL
BQADggEBADshfHz8Sf63YGI0bKThK9u8LLb/0e546hCSNwLX59xiG2hV1NaFTAaQ
rQumTtDcOcxMOa/0eCMGhhQ0Y4kHVowhJY/GAuGssbAJyG0qe6IJlv3KVk8PhrPQ
XazL5lbu6tcyMas/L7iH8s4C2BRRCVNV3TZg9k4Vvxmy3vmS0eowarbqq05aGxWl
35EPlDqavwdh4wTZeeocB/IJ1BR+9QW5fHdZCXP5/6NLdhNz4OkyPKR8zm5IWmhO
0VY1mo4UEnjeK5Hso9kKVznFjAgKGpPARpUaT0fP7UJNp6KLQvNB1vRQ1EP9Lp2W
V3caHiwkgyxnIpdVx3XrYDiXlqSyAzc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org