Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/PQJla4i5teZvJjyuJiyRPZE6-ZA.roa
File:                     PQJla4i5teZvJjyuJiyRPZE6-ZA.roa (raw, json)
Hash identifier:          8cM8RHcYt/VzxYFXLlDNOcbYroPIgKoHlLVuUN+LHX4=
Subject key identifier:   3D:02:65:6B:88:B9:B5:E6:6F:26:3C:AE:26:2C:91:3D:91:3A:F9:90
Certificate issuer:       /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial:       01856F021F17F78F2A3ABD4F134A7D8C00C5
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/PQJla4i5teZvJjyuJiyRPZE6-ZA.roa
Signing time:             Sun 01 Jan 2023 20:24:48 +0000
ROA not before:           Sun 01 Jan 2023 20:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207279
IP address blocks:        91.199.44.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Feb 2023 10:42:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:1f:17:f7:8f:2a:3a:bd:4f:13:4a:7d:8c:00:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
        Validity
            Not Before: Jan  1 20:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d02656b88b9b5e66f263cae262c913d913af990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a2:da:37:90:a3:7d:b7:41:13:55:25:27:a1:
                    f4:fb:85:39:c3:c3:be:f3:33:43:9e:74:b4:89:3b:
                    b7:72:1e:d1:ef:b3:1f:b2:4c:55:e2:45:fd:e6:3d:
                    c9:1b:bc:76:2c:fe:8d:36:ad:8d:23:13:e5:82:e2:
                    1b:6d:54:f2:48:c9:dd:6d:ce:08:02:2b:f1:10:ed:
                    0c:7d:cd:23:24:6a:03:77:de:8f:c8:ec:cc:c2:d4:
                    04:3b:a2:ab:f2:f6:cd:34:08:ff:e1:96:32:10:70:
                    e9:3d:58:6b:60:12:b4:f6:91:e9:b7:3e:b2:b9:68:
                    18:69:2c:66:4d:1a:5f:d4:61:5e:8a:53:1b:d3:01:
                    d4:3d:f6:ce:76:3a:19:86:0e:9a:98:b8:6b:d3:fb:
                    af:7f:e3:82:5f:6c:49:12:39:13:e1:84:02:7d:22:
                    fc:48:8d:3b:1c:69:5b:dc:b1:42:2e:9c:2a:76:5f:
                    8a:2c:0e:97:98:cb:3f:ad:08:4b:e2:62:f1:66:fb:
                    86:9e:5b:a5:28:8c:2b:a6:3a:27:28:8d:dd:b4:5d:
                    97:a6:80:1e:44:63:ad:3d:93:74:62:86:3c:dd:9a:
                    79:c0:4c:6a:e2:0b:df:67:83:e9:d5:fc:66:01:55:
                    82:3a:9f:5b:2e:31:15:d4:2e:7e:ec:b9:e7:a9:ec:
                    f5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:02:65:6B:88:B9:B5:E6:6F:26:3C:AE:26:2C:91:3D:91:3A:F9:90
            X509v3 Authority Key Identifier:
                keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/PQJla4i5teZvJjyuJiyRPZE6-ZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:44:b7:1c:8f:35:ab:70:76:25:3e:9b:4c:55:b0:f2:19:26:
         5c:d4:63:60:86:81:d6:47:07:2a:87:7c:e5:3d:04:c7:f1:8a:
         82:1c:6c:e0:60:29:2a:21:54:ed:0b:92:e7:a6:98:8a:d8:3b:
         22:97:d1:1a:5d:ef:df:8a:e3:3a:bb:59:e6:e4:b7:44:2d:b2:
         f0:33:76:ad:1a:40:59:35:e0:cf:97:d8:df:8b:7d:6b:f1:be:
         b9:79:33:33:9f:1e:c7:37:1e:ca:1b:32:ce:e1:36:0e:a7:8e:
         3d:be:f9:24:1b:0a:e2:b8:f7:7b:3b:63:04:c6:54:e7:d0:4f:
         a8:79:fb:12:7b:6f:c0:49:f3:e1:fc:16:9e:e4:4c:3c:0e:74:
         f9:9d:15:27:97:a7:a6:83:bb:0d:3f:15:56:47:23:bf:66:5a:
         bd:72:f9:8a:24:19:84:e9:ca:fb:14:3c:ba:76:a3:de:2f:3a:
         c7:b3:5c:3a:59:d1:b1:cc:90:2c:4d:65:79:7e:3c:7c:a8:cb:
         d6:54:83:03:c9:9b:96:55:e8:39:e8:47:87:ae:b1:9d:2a:47:
         68:b3:35:ec:9e:ca:6b:46:53:19:69:b9:e4:a3:d0:05:ef:22:
         f0:a7:30:7e:25:57:9b:b8:fa:34:b4:0d:1d:32:25:f8:d5:fa:
         ab:0b:66:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAh8X948qOr1PE0p9jADFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjMwMTAxMjAyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDAyNjU2Yjg4YjliNWU2NmYyNjNjYWUyNjJjOTEzZDkxM2FmOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKLaN5CjfbdBE1UlJ6H0+4U5w8O+
8zNDnnS0iTu3ch7R77MfskxV4kX95j3JG7x2LP6NNq2NIxPlguIbbVTySMndbc4I
AivxEO0Mfc0jJGoDd96PyOzMwtQEO6Kr8vbNNAj/4ZYyEHDpPVhrYBK09pHptz6y
uWgYaSxmTRpf1GFeilMb0wHUPfbOdjoZhg6amLhr0/uvf+OCX2xJEjkT4YQCfSL8
SI07HGlb3LFCLpwqdl+KLA6XmMs/rQhL4mLxZvuGnlulKIwrpjonKI3dtF2XpoAe
RGOtPZN0YoY83Zp5wExq4gvfZ4Pp1fxmAVWCOp9bLjEV1C5+7Lnnqez1fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0CZWuIubXmbyY8riYskT2ROvmQMB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvUFFKbGE0aTV0ZVp2Smp5dUppeVJQWkU2LVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8csMA0G
CSqGSIb3DQEBCwUAA4IBAQDGRLccjzWrcHYlPptMVbDyGSZc1GNghoHWRwcqh3zl
PQTH8YqCHGzgYCkqIVTtC5LnppiK2Dsil9EaXe/fiuM6u1nm5LdELbLwM3atGkBZ
NeDPl9jfi31r8b65eTMznx7HNx7KGzLO4TYOp449vvkkGwriuPd7O2MExlTn0E+o
efsSe2/ASfPh/Bae5Ew8DnT5nRUnl6emg7sNPxVWRyO/Zlq9cvmKJBmE6cr7FDy6
dqPeLzrHs1w6WdGxzJAsTWV5fjx8qMvWVIMDyZuWVeg56EeHrrGdKkdoszXsnspr
RlMZabnko9AF7yLwpzB+JVebuPo0tA0dMiX41fqrC2YP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:19 2024 by rpki-client on console-ams.rpki-client.org