Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/ZQorhG4TC36uDlI93f69EjQdVwg.roa
File:                     ZQorhG4TC36uDlI93f69EjQdVwg.roa (raw, json)
Hash identifier:          tt4RGn0fRRzoU6h6MxQp1EGhuE506/aZQr4qnDqOTr4=
Subject key identifier:   65:0A:2B:84:6E:13:0B:7E:AE:0E:52:3D:DD:FE:BD:12:34:1D:57:08
Certificate issuer:       /CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Certificate serial:       01856D7878C869965CF05343E737E44B7CC0
Authority key identifier: 21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/ZQorhG4TC36uDlI93f69EjQdVwg.roa
Signing time:             Sun 01 Jan 2023 13:14:49 +0000
ROA not before:           Sun 01 Jan 2023 13:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197612
IP address blocks:        91.225.248.0/24 maxlen: 24
                          91.225.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:78:78:c8:69:96:5c:f0:53:43:e7:37:e4:4b:7c:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21e86ff9973c93abe6398f031966c29d75a3ba86
        Validity
            Not Before: Jan  1 13:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=650a2b846e130b7eae0e523dddfebd12341d5708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:52:1e:cf:bb:2f:03:66:11:33:dd:d3:02:c2:
                    f5:3e:7b:16:ef:7a:b8:3d:67:8b:90:a9:d8:b3:37:
                    6e:72:11:00:c4:2d:1c:4e:af:26:bb:0b:d6:d5:b9:
                    7b:9d:af:d7:85:5d:ff:3e:55:20:68:cf:c9:9f:36:
                    d2:94:80:7a:ba:c9:8f:c1:78:47:42:b5:c9:44:c8:
                    7d:b1:52:2e:f9:71:5e:95:1c:02:90:42:0d:51:8e:
                    67:f3:f4:36:64:c3:de:64:9f:60:91:25:44:22:be:
                    c6:4e:c6:7e:b1:50:25:ff:74:aa:99:6c:c2:92:e3:
                    e5:07:cc:ec:5d:ee:76:03:91:1f:32:97:cb:f8:96:
                    fc:85:d1:f0:f4:d0:9e:06:07:95:0c:6b:5b:ec:10:
                    a8:81:8b:0c:a2:a6:de:8f:4f:cd:b9:3e:52:e6:30:
                    9d:84:b9:2d:82:c9:bf:bf:46:f1:1f:6f:49:1d:39:
                    87:60:cc:42:f7:35:7a:ec:46:da:2a:87:25:30:05:
                    0b:0e:21:38:8e:09:ca:75:ab:a3:95:df:e0:b5:96:
                    b9:aa:71:30:d9:1f:09:72:be:b7:ae:d3:cb:07:e7:
                    ff:32:97:29:86:6b:f5:ae:26:84:67:94:d5:10:ab:
                    41:e6:55:c1:b2:29:11:72:17:8f:ca:8b:82:3f:46:
                    ab:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:0A:2B:84:6E:13:0B:7E:AE:0E:52:3D:DD:FE:BD:12:34:1D:57:08
            X509v3 Authority Key Identifier:
                keyid:21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/ZQorhG4TC36uDlI93f69EjQdVwg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4b:a7:56:17:00:47:8c:2c:c4:64:23:be:8a:ad:e8:cc:f4:15:
         1c:09:7f:0d:01:8e:e8:a8:f9:96:21:3f:4f:39:17:b9:46:6a:
         6b:18:29:c6:ca:04:db:6b:19:ed:88:4c:2c:fe:78:05:1d:59:
         19:d9:07:a1:87:10:e9:d7:57:36:ec:fc:a9:ff:ae:3a:55:f6:
         d2:4a:3a:41:05:4a:a5:ae:83:db:f7:98:10:26:46:49:9a:d4:
         36:0f:fe:96:98:63:aa:e8:a5:67:e3:00:18:8d:d4:6d:99:a4:
         93:32:4c:24:9a:fe:fd:d2:53:35:f6:e4:a3:9b:26:67:e3:18:
         b4:46:86:ef:26:92:dd:b9:53:12:a3:a4:b7:84:3d:20:4a:fb:
         ed:3f:d9:d2:05:ee:76:7d:de:53:7c:a8:a0:e4:e0:81:d5:00:
         5c:9b:40:5d:53:82:91:c2:7e:da:58:94:8b:f1:fc:84:6a:29:
         5f:4b:08:c1:cc:50:79:14:12:57:f3:ee:bb:ee:4d:20:f7:a1:
         34:06:b2:32:0e:5f:9f:32:ca:74:7c:ba:30:af:52:54:27:18:
         67:f4:5c:aa:ca:01:f9:25:1f:a1:33:96:de:09:15:76:49:a8:
         1b:6e:38:49:37:b3:61:98:6b:b4:ce:e8:a8:5d:b3:97:d8:62:
         01:59:fb:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteHjIaZZc8FND5zfkS3zAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZTg2ZmY5OTczYzkzYWJlNjM5OGYwMzE5NjZjMjlkNzVh
M2JhODYwHhcNMjMwMTAxMTMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTBhMmI4NDZlMTMwYjdlYWUwZTUyM2RkZGZlYmQxMjM0MWQ1NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolIez7svA2YRM93TAsL1PnsW73q4
PWeLkKnYszduchEAxC0cTq8muwvW1bl7na/XhV3/PlUgaM/JnzbSlIB6usmPwXhH
QrXJRMh9sVIu+XFelRwCkEINUY5n8/Q2ZMPeZJ9gkSVEIr7GTsZ+sVAl/3SqmWzC
kuPlB8zsXe52A5EfMpfL+Jb8hdHw9NCeBgeVDGtb7BCogYsMoqbej0/NuT5S5jCd
hLktgsm/v0bxH29JHTmHYMxC9zV67EbaKoclMAULDiE4jgnKdaujld/gtZa5qnEw
2R8Jcr63rtPLB+f/Mpcphmv1riaEZ5TVEKtB5lXBsikRchePyouCP0ar1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUKK4RuEwt+rg5SPd3+vRI0HVcIMB8GA1UdIwQY
MBaAFCHob/mXPJOr5jmPAxlmwp11o7qGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWIt
MzJmZWViNTY2ZWU2LzEvWlFvcmhHNFRDMzZ1RGxJOTNmNjlFalFkVndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWItMzJmZWViNTY2ZWU2
LzEvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+H4MA0G
CSqGSIb3DQEBCwUAA4IBAQBLp1YXAEeMLMRkI76KrejM9BUcCX8NAY7oqPmWIT9P
ORe5RmprGCnGygTbaxntiEws/ngFHVkZ2QehhxDp11c27Pyp/646VfbSSjpBBUql
roPb95gQJkZJmtQ2D/6WmGOq6KVn4wAYjdRtmaSTMkwkmv790lM19uSjmyZn4xi0
RobvJpLduVMSo6S3hD0gSvvtP9nSBe52fd5TfKig5OCB1QBcm0BdU4KRwn7aWJSL
8fyEailfSwjBzFB5FBJX8+677k0g96E0BrIyDl+fMsp0fLowr1JUJxhn9FyqygH5
JR+hM5beCRV2SagbbjhJN7NhmGu0zuioXbOX2GIBWftt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:44 2024 by rpki-client on console-ams.rpki-client.org