Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/nqFbU8dDlHw5Hdkzu-LIIt4Afy4.roa
File:                     nqFbU8dDlHw5Hdkzu-LIIt4Afy4.roa (raw, json)
Hash identifier:          I0GhTOGY8SOcgdp8yEiZZWCWHK8TgrK4UvtUGvV5rDY=
Subject key identifier:   9E:A1:5B:53:C7:43:94:7C:39:1D:D9:33:BB:E2:C8:22:DE:00:7F:2E
Certificate issuer:       /CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Certificate serial:       01856D9D0DA52237A8283682CE491EF85705
Authority key identifier: B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/nqFbU8dDlHw5Hdkzu-LIIt4Afy4.roa
Signing time:             Sun 01 Jan 2023 13:54:47 +0000
ROA not before:           Sun 01 Jan 2023 13:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39775
IP address blocks:        91.204.16.0/22 maxlen: 24
                          81.90.208.0/20 maxlen: 24
                          185.149.124.0/22 maxlen: 24
                          185.190.0.0/22 maxlen: 24
                          62.192.32.0/19 maxlen: 24
                          2a02:1378::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:9d:0d:a5:22:37:a8:28:36:82:ce:49:1e:f8:57:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
        Validity
            Not Before: Jan  1 13:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9ea15b53c743947c391dd933bbe2c822de007f2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:15:4a:0c:8d:65:20:62:0a:79:c3:c4:9a:eb:
                    3a:68:b5:95:5a:5c:53:ef:58:f8:0b:5f:26:2a:d4:
                    85:85:33:d6:40:30:f7:1d:cf:9f:bc:0a:25:94:7d:
                    04:39:e0:db:cd:0f:34:93:fe:7d:34:3e:16:0a:33:
                    88:9c:f4:74:e4:71:67:43:3e:53:d7:98:96:3d:8e:
                    ed:3a:bd:9a:26:d8:ab:47:9b:68:71:85:e7:b1:4d:
                    6b:97:f3:c8:5b:46:fb:9e:2c:6c:ca:65:f3:12:2a:
                    6f:a7:c6:ea:db:af:1c:3b:bc:1a:98:29:1e:ae:b9:
                    8e:3a:34:9c:2e:19:d4:a1:ff:33:0a:18:3c:7d:1a:
                    ad:44:ff:00:9d:76:44:87:98:f9:df:75:77:d6:df:
                    63:46:8b:73:fc:77:0e:86:9f:57:07:23:bd:dd:81:
                    64:f5:a1:f6:f1:7a:b6:46:45:f0:f0:c3:51:85:00:
                    7e:3d:84:06:d7:e7:de:59:0f:c3:f6:8f:0f:04:1f:
                    86:bc:ad:5c:df:78:e1:e9:3e:75:7b:93:74:50:0f:
                    27:b0:f9:45:c0:c0:16:90:21:54:be:87:15:a2:51:
                    4a:9d:6d:4e:45:c9:3f:3a:55:84:a7:f0:64:e9:be:
                    ce:45:5d:f9:3e:84:2c:5a:ef:01:e2:21:ad:15:78:
                    a1:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:A1:5B:53:C7:43:94:7C:39:1D:D9:33:BB:E2:C8:22:DE:00:7F:2E
            X509v3 Authority Key Identifier:
                keyid:B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/nqFbU8dDlHw5Hdkzu-LIIt4Afy4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.192.32.0/19
                  81.90.208.0/20
                  91.204.16.0/22
                  185.149.124.0/22
                  185.190.0.0/22
                IPv6:
                  2a02:1378::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:76:41:7d:67:01:23:24:cd:07:1e:0b:9b:7c:eb:ca:41:c4:
         d4:9c:dd:1d:ef:a6:25:9e:22:37:97:5e:e9:d8:f8:28:88:04:
         13:77:12:55:7c:3b:8e:ab:aa:41:3a:04:42:0f:c5:8b:ff:f5:
         11:c4:c2:3b:c2:32:cf:67:85:26:e4:2a:bf:a5:45:9a:09:91:
         92:4a:64:a9:ab:f5:d3:9e:55:3c:2c:a1:01:d4:18:b1:18:74:
         ec:8f:09:80:d1:6b:a0:76:ef:25:de:7a:68:42:68:8d:60:93:
         41:ca:25:60:93:48:b2:ed:03:cc:e8:9e:03:d2:d2:94:a2:82:
         83:16:11:eb:e8:5d:35:4e:bd:80:00:d8:40:5c:49:ae:66:76:
         1e:ca:3a:cf:16:6d:36:32:8a:64:76:c4:29:e8:d7:34:5b:4f:
         d8:70:d7:ee:da:88:53:34:0b:46:68:0a:b3:8d:c5:5c:40:dc:
         ea:c7:d8:d5:09:05:57:b4:c2:46:2a:a2:e5:f1:c1:1c:ce:47:
         62:4e:63:05:32:22:62:87:b3:1a:f5:17:d3:1b:35:05:e7:16:
         d6:42:cb:53:d3:da:9d:b7:89:8a:12:32:c7:c3:0b:df:6c:0e:
         2e:93:c5:61:ba:0c:38:6f:a9:5a:8d:cc:8f:2d:d6:39:dc:84:
         50:21:ce:8c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVtnQ2lIjeoKDaCzkke+FcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OGQxZjZlMzM2YTdjODEzNTE5NDFiYzBiOWRlYTM5ZDdk
NzY0ZGIwHhcNMjMwMTAxMTM1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWExNWI1M2M3NDM5NDdjMzkxZGQ5MzNiYmUyYzgyMmRlMDA3ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRVKDI1lIGIKecPEmus6aLWVWlxT
71j4C18mKtSFhTPWQDD3Hc+fvAollH0EOeDbzQ80k/59ND4WCjOInPR05HFnQz5T
15iWPY7tOr2aJtirR5tocYXnsU1rl/PIW0b7nixsymXzEipvp8bq268cO7wamCke
rrmOOjScLhnUof8zChg8fRqtRP8AnXZEh5j533V31t9jRotz/HcOhp9XByO93YFk
9aH28Xq2RkXw8MNRhQB+PYQG1+feWQ/D9o8PBB+GvK1c33jh6T51e5N0UA8nsPlF
wMAWkCFUvocVolFKnW1ORck/OlWEp/Bk6b7ORV35PoQsWu8B4iGtFXihQQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJ6hW1PHQ5R8OR3ZM7viyCLeAH8uMB8GA1UdIwQY
MBaAFLmNH24zanyBNRlBvAud6jnX12TbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAt
MDM4NTdlZjViMzg3LzEvbnFGYlU4ZERsSHc1SGRrenUtTElJdDRBZnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAtMDM4NTdlZjViMzg3
LzEvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPsAgAwQE
UVrQAwQCW8wQAwQCuZV8AwQCub4AMA0EAgACMAcDBQAqAhN4MA0GCSqGSIb3DQEB
CwUAA4IBAQCDdkF9ZwEjJM0HHgubfOvKQcTUnN0d76YlniI3l17p2PgoiAQTdxJV
fDuOq6pBOgRCD8WL//URxMI7wjLPZ4Um5Cq/pUWaCZGSSmSpq/XTnlU8LKEB1Bix
GHTsjwmA0Wugdu8l3npoQmiNYJNByiVgk0iy7QPM6J4D0tKUooKDFhHr6F01Tr2A
ANhAXEmuZnYeyjrPFm02MopkdsQp6Nc0W0/YcNfu2ohTNAtGaAqzjcVcQNzqx9jV
CQVXtMJGKqLl8cEczkdiTmMFMiJih7Ma9RfTGzUF5xbWQstT09qdt4mKEjLHwwvf
bA4uk8Vhugw4b6lajcyPLdY53IRQIc6M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:43 2024 by rpki-client on console-fra.rpki-client.org