Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/orfquSb7Susl3zvMLi9dJRXdANA.roa
File:                     orfquSb7Susl3zvMLi9dJRXdANA.roa (raw, json)
Hash identifier:          ie0sZy6bYVde5NHt2rJsv34gGMpwVaotNlIylGucByo=
Subject key identifier:   A2:B7:EA:B9:26:FB:4A:EB:25:DF:3B:CC:2E:2F:5D:25:15:DD:00:D0
Certificate issuer:       /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial:       0185734CAB1B7BBEA4E040C9F6AB10CBC39C
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/orfquSb7Susl3zvMLi9dJRXdANA.roa
Signing time:             Mon 02 Jan 2023 16:24:42 +0000
ROA not before:           Mon 02 Jan 2023 16:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4546
IP address blocks:        213.41.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:4c:ab:1b:7b:be:a4:e0:40:c9:f6:ab:10:cb:c3:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
        Validity
            Not Before: Jan  2 16:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2b7eab926fb4aeb25df3bcc2e2f5d2515dd00d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:74:e9:c1:e5:a8:28:27:c5:c8:93:4c:e6:05:
                    4e:d8:ee:b5:51:2c:70:07:42:4e:96:df:13:02:5b:
                    25:1d:ae:16:96:2e:44:19:fc:87:e8:33:93:87:70:
                    f0:85:b9:3c:90:9c:ee:bc:60:8b:96:a2:ca:98:bf:
                    28:0e:be:44:58:bd:40:3f:bd:f3:43:aa:a7:63:93:
                    88:de:cd:8b:f7:71:db:0c:ae:73:78:0e:6f:35:dc:
                    d0:97:a2:c1:d7:88:1d:7a:78:0e:0b:c1:24:70:9a:
                    41:14:8e:e2:98:58:b3:5a:b1:4f:d5:3a:23:5b:c2:
                    ff:e3:31:ad:5e:46:3c:5e:7c:3b:54:15:3d:1d:4f:
                    ca:b7:4b:67:e0:9c:60:3e:7b:d2:60:69:4d:f7:86:
                    40:11:01:c5:20:19:8e:f9:f6:ae:1c:92:d0:3a:ec:
                    73:9b:cd:f6:b4:64:21:50:4e:cd:3c:a1:86:d8:c9:
                    0f:f7:ff:38:28:74:36:9d:55:83:9e:7d:e9:39:88:
                    31:ed:62:96:a6:e4:cd:37:be:8a:da:00:5c:05:81:
                    a5:da:1b:61:94:c1:43:33:af:cd:17:41:a7:00:42:
                    c3:b6:e6:ec:5f:0b:96:ed:6d:19:57:31:7f:a7:a9:
                    dd:27:e4:72:c5:20:a8:95:4c:dc:7f:56:e1:3f:ac:
                    40:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:B7:EA:B9:26:FB:4A:EB:25:DF:3B:CC:2E:2F:5D:25:15:DD:00:D0
            X509v3 Authority Key Identifier:
                keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/orfquSb7Susl3zvMLi9dJRXdANA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.41.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:c3:d3:67:38:75:5a:08:4d:1f:73:d1:7e:b9:78:d6:b1:63:
         bb:5e:11:df:56:eb:41:29:ee:f3:e4:1c:15:de:9c:0e:dc:80:
         6e:9f:6a:9c:11:e4:51:b7:40:ff:2f:96:3d:52:9c:2b:cb:d1:
         4c:7e:01:84:05:46:41:c5:c4:82:aa:14:2c:7c:04:7d:2a:3f:
         fa:d2:fc:c7:06:5d:eb:f4:ce:8f:0a:5e:4a:71:46:c4:5d:b9:
         af:b3:f3:e8:33:ae:ec:63:db:61:5a:ac:f9:18:86:c3:dd:a7:
         43:9d:24:50:45:a0:3d:fa:61:26:57:ab:16:45:4a:bd:52:fb:
         25:1f:00:c4:f1:39:41:87:a1:8b:2b:d3:74:cd:f4:1b:b1:f6:
         c2:8d:f3:ca:9d:9b:cf:a1:33:4f:50:9b:34:b5:fe:0d:1f:40:
         3a:31:19:a1:32:6c:2d:13:46:0a:d9:02:97:5f:54:00:1a:19:
         f3:9d:ec:b8:cc:e5:cf:f4:bb:22:44:c7:89:9d:68:96:56:54:
         30:be:95:45:ad:82:15:e2:67:79:fc:63:81:b4:71:9c:07:d2:
         b9:09:88:51:7c:76:29:3f:c5:d3:18:7e:e7:8b:23:f4:02:aa:
         fd:32:59:a0:28:fb:bd:05:24:99:e5:31:45:cf:5a:45:cc:c6:
         18:6b:9e:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTKsbe76k4EDJ9qsQy8OcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI3ZWFiOTI2ZmI0YWViMjVkZjNiY2MyZTJmNWQyNTE1ZGQwMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3TpweWoKCfFyJNM5gVO2O61USxw
B0JOlt8TAlslHa4Wli5EGfyH6DOTh3Dwhbk8kJzuvGCLlqLKmL8oDr5EWL1AP73z
Q6qnY5OI3s2L93HbDK5zeA5vNdzQl6LB14gdengOC8EkcJpBFI7imFizWrFP1Toj
W8L/4zGtXkY8Xnw7VBU9HU/Kt0tn4JxgPnvSYGlN94ZAEQHFIBmO+fauHJLQOuxz
m832tGQhUE7NPKGG2MkP9/84KHQ2nVWDnn3pOYgx7WKWpuTNN76K2gBcBYGl2hth
lMFDM6/NF0GnAELDtubsXwuW7W0ZVzF/p6ndJ+RyxSColUzcf1bhP6xAEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKK36rkm+0rrJd87zC4vXSUV3QDQMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvb3JmcXVTYjdTdXNsM3p2TUxpOWRKUlhkQU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1SlbMA0G
CSqGSIb3DQEBCwUAA4IBAQB2w9NnOHVaCE0fc9F+uXjWsWO7XhHfVutBKe7z5BwV
3pwO3IBun2qcEeRRt0D/L5Y9Upwry9FMfgGEBUZBxcSCqhQsfAR9Kj/60vzHBl3r
9M6PCl5KcUbEXbmvs/PoM67sY9thWqz5GIbD3adDnSRQRaA9+mEmV6sWRUq9Uvsl
HwDE8TlBh6GLK9N0zfQbsfbCjfPKnZvPoTNPUJs0tf4NH0A6MRmhMmwtE0YK2QKX
X1QAGhnzney4zOXP9LsiRMeJnWiWVlQwvpVFrYIV4md5/GOBtHGcB9K5CYhRfHYp
P8XTGH7niyP0Aqr9MlmgKPu9BSSZ5TFFz1pFzMYYa54O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:28 2024 by rpki-client on console-ams.rpki-client.org