Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/6PSQa4-SfqZA29MV66X5j_TtkFk.roa
File:                     6PSQa4-SfqZA29MV66X5j_TtkFk.roa (raw, json)
Hash identifier:          KRwU9LuV8qYFyd8bDV6nmb8OQ2gd4Km4u01bxYc1syw=
Subject key identifier:   E8:F4:90:6B:8F:92:7E:A6:40:DB:D3:15:EB:A5:F9:8F:F4:ED:90:59
Certificate issuer:       /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial:       0188679EDE28825AD273ABFECC0168BE3E42
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/6PSQa4-SfqZA29MV66X5j_TtkFk.roa
Signing time:             Mon 29 May 2023 13:07:24 +0000
ROA not before:           Mon 29 May 2023 13:07:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.199.32.0/24 maxlen: 24
                          91.199.42.0/24 maxlen: 24
                          91.199.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 07:45:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:67:9e:de:28:82:5a:d2:73:ab:fe:cc:01:68:be:3e:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
        Validity
            Not Before: May 29 13:07:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e8f4906b8f927ea640dbd315eba5f98ff4ed9059
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:25:8e:14:04:de:0e:be:f9:07:52:10:e9:4b:
                    be:67:d0:f6:bd:f5:b8:a3:bb:17:43:31:48:94:05:
                    a3:6f:80:85:94:8e:37:c1:b6:26:c0:62:47:19:54:
                    b1:93:d9:33:0d:e7:b6:35:9b:e9:f2:8c:a7:97:ad:
                    ff:6e:e8:9c:c5:2c:b3:2e:d5:d0:ec:33:c4:8d:4e:
                    52:a3:bb:d4:76:39:c8:0a:41:c5:c1:2b:2a:52:dd:
                    d7:77:ab:39:1a:c6:53:b7:8a:70:b5:59:a8:08:af:
                    8c:96:c4:50:10:2a:30:86:8c:7b:c5:ee:ee:80:6a:
                    26:b6:09:16:90:9d:15:08:9f:b0:db:f9:65:a3:81:
                    5f:31:dd:b0:2b:93:70:e5:66:fe:a2:ac:6b:ed:db:
                    21:a7:9e:48:f4:df:0f:01:ed:2a:48:77:c0:09:78:
                    b7:bf:e6:fe:a0:06:74:09:58:30:e4:b4:78:52:d7:
                    6c:fd:4e:07:0e:38:d8:9b:dd:4f:18:62:ab:42:68:
                    55:da:7f:e2:34:4d:2d:b5:6c:c6:73:f0:2a:a5:1b:
                    20:1a:e2:f2:30:ad:f2:c8:9c:9f:6f:71:88:1b:fb:
                    f3:4a:99:bf:c7:57:f1:21:d2:78:d7:48:40:e5:c2:
                    30:65:e4:cf:fa:86:02:c5:a2:b9:23:08:03:86:05:
                    0f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:F4:90:6B:8F:92:7E:A6:40:DB:D3:15:EB:A5:F9:8F:F4:ED:90:59
            X509v3 Authority Key Identifier:
                keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/6PSQa4-SfqZA29MV66X5j_TtkFk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.32.0/24
                  91.199.42.0/24
                  91.199.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:20:ee:9c:a1:f9:d9:69:aa:87:20:8c:45:21:00:d0:f1:e0:
         44:9b:4c:ac:90:a2:f2:22:b1:24:5d:b5:7a:b4:78:39:18:fb:
         f2:84:f3:24:38:0a:33:74:39:d0:ec:fd:06:a6:8d:80:00:f1:
         b5:67:90:75:b1:4b:a4:7b:5c:31:07:e9:b3:a6:ba:a4:26:b4:
         d1:ff:9d:2b:9b:1f:e5:bd:b9:c0:da:1d:ea:b6:db:71:98:e2:
         95:18:09:f6:9c:37:b4:7f:53:00:a2:70:79:7a:43:51:7f:1d:
         09:a1:f0:05:b0:b5:8d:aa:92:0d:33:74:93:58:37:ea:67:92:
         da:9e:35:30:f0:ec:0f:33:16:36:ef:59:d9:9e:e9:bc:98:52:
         e0:ac:87:2b:63:e6:4f:ce:50:cd:d5:b6:d0:6c:98:4c:2c:15:
         49:bd:bb:76:3b:36:c4:a7:81:16:13:01:63:5b:e6:fa:fc:0f:
         f0:94:8c:55:85:79:95:06:b2:4a:74:ee:a5:f5:22:8b:7c:c2:
         08:c7:e5:d7:36:64:11:75:7b:5a:59:0c:26:99:ed:d7:cc:91:
         74:3e:1d:f6:b6:31:70:71:7e:cc:08:a9:eb:86:b1:09:78:e5:
         c5:08:51:41:de:df:17:a9:a4:cb:47:5b:e9:34:84:12:6b:e6:
         bc:ba:5b:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhnnt4oglrSc6v+zAFovj5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjMwNTI5MTMwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGY0OTA2YjhmOTI3ZWE2NDBkYmQzMTVlYmE1Zjk4ZmY0ZWQ5MDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSWOFATeDr75B1IQ6Uu+Z9D2vfW4
o7sXQzFIlAWjb4CFlI43wbYmwGJHGVSxk9kzDee2NZvp8oynl63/buicxSyzLtXQ
7DPEjU5So7vUdjnICkHFwSsqUt3Xd6s5GsZTt4pwtVmoCK+MlsRQECowhox7xe7u
gGomtgkWkJ0VCJ+w2/llo4FfMd2wK5Nw5Wb+oqxr7dshp55I9N8PAe0qSHfACXi3
v+b+oAZ0CVgw5LR4Utds/U4HDjjYm91PGGKrQmhV2n/iNE0ttWzGc/AqpRsgGuLy
MK3yyJyfb3GIG/vzSpm/x1fxIdJ410hA5cIwZeTP+oYCxaK5IwgDhgUPnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOj0kGuPkn6mQNvTFeul+Y/07ZBZMB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvNlBTUWE0LVNmcVpBMjlNVjY2WDVqX1R0a0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8cgAwQA
W8cqAwQAW8cvMA0GCSqGSIb3DQEBCwUAA4IBAQCzIO6cofnZaaqHIIxFIQDQ8eBE
m0yskKLyIrEkXbV6tHg5GPvyhPMkOAozdDnQ7P0Gpo2AAPG1Z5B1sUuke1wxB+mz
prqkJrTR/50rmx/lvbnA2h3qtttxmOKVGAn2nDe0f1MAonB5ekNRfx0JofAFsLWN
qpINM3STWDfqZ5LanjUw8OwPMxY271nZnum8mFLgrIcrY+ZPzlDN1bbQbJhMLBVJ
vbt2OzbEp4EWEwFjW+b6/A/wlIxVhXmVBrJKdO6l9SKLfMIIx+XXNmQRdXtaWQwm
me3XzJF0Ph32tjFwcX7MCKnrhrEJeOXFCFFB3t8XqaTLR1vpNIQSa+a8uluy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org