Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/1QIBSIaUhVsKdc1EPNLcruQBTjQ.roa
File:                     1QIBSIaUhVsKdc1EPNLcruQBTjQ.roa (raw, json)
Hash identifier:          IyHlcVDGU1RYFtr8mQ6mATaivfeY739zZi/fWGQb6IE=
Subject key identifier:   D5:02:01:48:86:94:85:5B:0A:75:CD:44:3C:D2:DC:AE:E4:01:4E:34
Certificate issuer:       /CN=56eb6a5fa3d217a2ee7d4a62d8461a6793ed5cb3
Certificate serial:       0185E4DE02A4F8AC173E7CEFE01346427EAC
Authority key identifier: 56:EB:6A:5F:A3:D2:17:A2:EE:7D:4A:62:D8:46:1A:67:93:ED:5C:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VutqX6PSF6LufUpi2EYaZ5PtXLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/1QIBSIaUhVsKdc1EPNLcruQBTjQ.roa
Signing time:             Tue 24 Jan 2023 17:40:33 +0000
ROA not before:           Tue 24 Jan 2023 17:40:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213184
IP address blocks:        91.201.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:de:02:a4:f8:ac:17:3e:7c:ef:e0:13:46:42:7e:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56eb6a5fa3d217a2ee7d4a62d8461a6793ed5cb3
        Validity
            Not Before: Jan 24 17:40:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d50201488694855b0a75cd443cd2dcaee4014e34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:27:d5:52:ed:4f:62:84:75:8f:e0:24:90:aa:
                    97:6f:a2:69:2c:cc:8f:73:1e:24:25:51:3e:d9:5c:
                    e1:4a:19:cf:37:29:ac:10:b3:14:43:7d:38:65:40:
                    aa:b4:cf:d1:b1:41:f5:75:4f:fb:ee:9d:cc:61:19:
                    6e:44:d9:41:aa:ae:68:d6:d0:02:61:96:5d:21:fc:
                    c1:f4:f5:a2:17:c5:6c:25:b0:4b:e5:ad:19:c7:6f:
                    9d:ef:9f:0a:04:38:c2:7c:37:9c:1a:19:11:65:55:
                    a7:36:fc:bc:83:13:0b:67:72:87:05:6d:09:e9:11:
                    f8:fd:69:52:ef:00:f8:60:83:20:78:37:b3:84:4e:
                    4c:ea:43:45:b5:3c:98:7b:43:50:9b:3c:68:09:11:
                    4c:53:94:af:64:3d:8d:50:a0:e0:2b:c2:3c:c6:fe:
                    92:89:d6:1c:14:d7:40:ad:a3:fb:33:ac:5c:ce:64:
                    73:88:0f:91:4d:5e:f2:8e:f4:a9:18:90:88:2f:38:
                    1c:82:5d:9d:c7:83:3a:f0:4b:24:d0:07:a6:2f:87:
                    ea:b0:ca:a7:81:65:8b:57:7d:de:00:25:5e:85:51:
                    99:eb:6b:8f:57:f5:ed:51:95:b6:6f:ab:10:25:88:
                    60:8b:d8:2b:c2:69:9f:f4:4f:bb:e4:40:83:94:6e:
                    75:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:02:01:48:86:94:85:5B:0A:75:CD:44:3C:D2:DC:AE:E4:01:4E:34
            X509v3 Authority Key Identifier:
                keyid:56:EB:6A:5F:A3:D2:17:A2:EE:7D:4A:62:D8:46:1A:67:93:ED:5C:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VutqX6PSF6LufUpi2EYaZ5PtXLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/1QIBSIaUhVsKdc1EPNLcruQBTjQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/VutqX6PSF6LufUpi2EYaZ5PtXLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.201.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:8c:33:eb:57:77:2a:31:82:b2:d9:5a:a9:76:90:18:7a:53:
         20:74:cf:90:22:21:59:e3:54:9b:13:e7:7c:df:c2:a2:63:23:
         90:51:4f:8c:3d:eb:10:17:a9:3c:5e:7d:a7:66:c0:60:ca:99:
         ac:89:ca:20:47:d6:76:0f:86:16:59:68:ab:f0:9c:b6:f6:12:
         11:7c:3b:83:c7:a3:a3:b7:f0:f4:d3:9b:db:53:82:a9:2a:dd:
         a9:45:58:ff:ba:59:bf:44:66:7c:f4:92:4a:12:90:e1:78:b2:
         f8:64:9f:27:25:09:68:4c:2e:13:0f:76:7f:29:bd:42:e1:31:
         89:2a:7a:4d:6d:de:42:f3:38:68:5c:3a:73:2f:8c:d5:32:0b:
         78:f8:7b:f9:4a:00:fd:48:21:a8:d2:6b:4f:32:f5:18:24:0c:
         87:74:64:6c:7c:51:84:72:32:3e:a6:9f:f3:39:6c:c1:54:27:
         98:3b:ad:ae:cf:69:6c:8a:f5:02:4b:4b:b1:70:61:04:83:cc:
         78:f0:50:65:9b:b0:27:e5:ff:72:6a:69:18:14:66:c5:95:ff:
         80:30:67:df:97:b6:fd:08:75:95:8a:9f:29:aa:a8:ec:40:29:
         03:26:e0:79:10:82:62:a4:47:d6:3c:80:78:8d:2b:23:f3:eb:
         ef:37:dd:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXk3gKk+KwXPnzv4BNGQn6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZWI2YTVmYTNkMjE3YTJlZTdkNGE2MmQ4NDYxYTY3OTNl
ZDVjYjMwHhcNMjMwMTI0MTc0MDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTAyMDE0ODg2OTQ4NTViMGE3NWNkNDQzY2QyZGNhZWU0MDE0ZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSfVUu1PYoR1j+AkkKqXb6JpLMyP
cx4kJVE+2VzhShnPNymsELMUQ304ZUCqtM/RsUH1dU/77p3MYRluRNlBqq5o1tAC
YZZdIfzB9PWiF8VsJbBL5a0Zx2+d758KBDjCfDecGhkRZVWnNvy8gxMLZ3KHBW0J
6RH4/WlS7wD4YIMgeDezhE5M6kNFtTyYe0NQmzxoCRFMU5SvZD2NUKDgK8I8xv6S
idYcFNdAraP7M6xczmRziA+RTV7yjvSpGJCILzgcgl2dx4M68Esk0AemL4fqsMqn
gWWLV33eACVehVGZ62uPV/XtUZW2b6sQJYhgi9grwmmf9E+75ECDlG51qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUCAUiGlIVbCnXNRDzS3K7kAU40MB8GA1UdIwQY
MBaAFFbral+j0hei7n1KYthGGmeT7VyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnV0cVg2UFNGNkx1ZlVwaTJFWWFaNVB0WExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jMjU0MzUtZDIzYS00MWEzLWJjNWUt
NTNlY2M2NjU1ZjZiLzEvMVFJQlNJYVVoVnNLZGMxRVBOTGNydVFCVGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jMjU0MzUtZDIzYS00MWEzLWJjNWUtNTNlY2M2NjU1ZjZi
LzEvVnV0cVg2UFNGNkx1ZlVwaTJFWWFaNVB0WExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8lqMA0G
CSqGSIb3DQEBCwUAA4IBAQCAjDPrV3cqMYKy2VqpdpAYelMgdM+QIiFZ41SbE+d8
38KiYyOQUU+MPesQF6k8Xn2nZsBgypmsicogR9Z2D4YWWWir8Jy29hIRfDuDx6Oj
t/D005vbU4KpKt2pRVj/ulm/RGZ89JJKEpDheLL4ZJ8nJQloTC4TD3Z/Kb1C4TGJ
KnpNbd5C8zhoXDpzL4zVMgt4+Hv5SgD9SCGo0mtPMvUYJAyHdGRsfFGEcjI+pp/z
OWzBVCeYO62uz2lsivUCS0uxcGEEg8x48FBlm7An5f9yamkYFGbFlf+AMGffl7b9
CHWVip8pqqjsQCkDJuB5EIJipEfWPIB4jSsj8+vvN90Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:01 2024 by rpki-client on console-ams.rpki-client.org