Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/6jSlFBP16Eh5seaSS2ZWADTDYpk.roa
File:                     6jSlFBP16Eh5seaSS2ZWADTDYpk.roa (raw, json)
Hash identifier:          ef09dNfO9PfwpvHQ0SC2rA34tpZJbQN6aG/QDtmcprs=
Subject key identifier:   EA:34:A5:14:13:F5:E8:48:79:B1:E6:92:4B:66:56:00:34:C3:62:99
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018571BA0F9ED21B90975C1A99E39080ED2F
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/6jSlFBP16Eh5seaSS2ZWADTDYpk.roa
Signing time:             Mon 02 Jan 2023 09:04:57 +0000
ROA not before:           Mon 02 Jan 2023 09:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43310
IP address blocks:        188.191.111.0/24 maxlen: 24
                          91.225.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Feb 2023 14:33:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:0f:9e:d2:1b:90:97:5c:1a:99:e3:90:80:ed:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Jan  2 09:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea34a51413f5e84879b1e6924b66560034c36299
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:07:03:28:45:19:60:5b:88:1e:02:25:22:41:
                    7e:ac:74:54:71:2c:40:6d:51:a8:f2:90:9c:3a:a5:
                    35:ad:29:30:ac:28:04:52:a0:40:31:8c:e8:8c:65:
                    16:b6:6f:c5:51:61:1e:34:08:81:49:a2:a3:7b:9b:
                    f0:90:2c:b3:77:26:55:61:61:75:66:5a:97:75:0d:
                    62:c5:a6:df:f9:78:4a:c4:8e:83:aa:0b:e0:f4:e0:
                    ba:a2:32:6a:9e:f3:a1:e8:1e:34:56:ff:c8:ff:36:
                    75:8f:8f:88:57:90:95:89:74:cf:c9:cd:1d:24:b1:
                    3f:85:be:80:1d:13:47:b0:e8:0c:72:c5:a1:7e:db:
                    1f:e9:f5:9a:33:53:4e:da:ed:e0:32:bb:c3:5c:63:
                    ff:60:ba:d0:60:b0:e1:f0:32:aa:3d:a6:7b:48:4c:
                    1f:43:74:ac:0a:2e:27:19:a4:a2:05:05:8d:57:65:
                    86:90:48:07:2a:d4:33:37:39:86:65:12:6d:69:d6:
                    93:4d:41:cd:ed:f7:7d:43:2e:e6:8d:11:59:ea:ae:
                    d3:31:79:25:51:4d:6b:69:ad:46:56:94:f5:f8:66:
                    46:ec:b4:4a:12:a3:da:d9:be:2b:b7:bc:59:b6:38:
                    aa:fe:ca:d5:a6:ea:e6:f0:46:b7:72:84:d1:eb:ba:
                    5c:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:34:A5:14:13:F5:E8:48:79:B1:E6:92:4B:66:56:00:34:C3:62:99
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/6jSlFBP16Eh5seaSS2ZWADTDYpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.224.0/24
                  188.191.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:02:6c:bd:96:f4:2e:37:9d:c9:2e:f9:7b:f4:68:f3:2b:cb:
         8c:e0:54:95:bd:58:f7:e2:1d:d4:c3:3b:df:4f:36:3c:a9:32:
         5b:8a:c9:6c:d0:db:54:97:c2:12:35:7c:f3:d8:bf:33:ee:f5:
         9d:60:46:65:07:57:31:eb:5a:de:32:95:35:c0:76:a5:86:00:
         f0:87:1a:a3:22:21:e7:a3:60:10:c4:61:76:4a:27:68:f1:25:
         a2:24:91:6b:79:3e:2c:9f:0e:e9:a4:bc:c7:71:5c:db:67:39:
         4c:b4:f5:cb:be:e7:b6:f9:57:52:de:45:70:21:fc:eb:36:34:
         16:b6:79:c1:c0:38:ba:8c:26:fe:4e:1e:38:25:ab:2a:99:9b:
         a7:b4:56:b4:1c:ea:2a:24:73:c2:b5:4c:c7:80:de:82:23:6a:
         64:e3:bc:ad:ee:9c:2b:f8:49:f1:46:43:a0:49:d9:ba:43:7b:
         ed:ff:95:37:eb:7d:6c:a8:ac:77:fc:69:90:e5:f1:e4:42:ef:
         7a:1b:d8:8f:42:3f:bf:38:e8:3f:34:57:98:d3:3e:f9:be:de:
         5b:48:1f:3b:c8:f1:0d:20:84:a0:a9:be:a0:06:8e:98:84:8a:
         62:02:83:6a:a4:fd:e3:e9:6b:a7:60:c1:b4:4e:5e:06:7c:fa:
         71:58:c1:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxug+e0huQl1wameOQgO0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMTAyMDkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTM0YTUxNDEzZjVlODQ4NzliMWU2OTI0YjY2NTYwMDM0YzM2Mjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQcDKEUZYFuIHgIlIkF+rHRUcSxA
bVGo8pCcOqU1rSkwrCgEUqBAMYzojGUWtm/FUWEeNAiBSaKje5vwkCyzdyZVYWF1
ZlqXdQ1ixabf+XhKxI6Dqgvg9OC6ojJqnvOh6B40Vv/I/zZ1j4+IV5CViXTPyc0d
JLE/hb6AHRNHsOgMcsWhftsf6fWaM1NO2u3gMrvDXGP/YLrQYLDh8DKqPaZ7SEwf
Q3SsCi4nGaSiBQWNV2WGkEgHKtQzNzmGZRJtadaTTUHN7fd9Qy7mjRFZ6q7TMXkl
UU1raa1GVpT1+GZG7LRKEqPa2b4rt7xZtjiq/srVpurm8Ea3coTR67pcwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOo0pRQT9ehIebHmkktmVgA0w2KZMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvNmpTbEZCUDE2RWg1c2VhU1MyWldBRFREWXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+HgAwQA
vL9vMA0GCSqGSIb3DQEBCwUAA4IBAQBwAmy9lvQuN53JLvl79GjzK8uM4FSVvVj3
4h3UwzvfTzY8qTJbisls0NtUl8ISNXzz2L8z7vWdYEZlB1cx61reMpU1wHalhgDw
hxqjIiHno2AQxGF2Sido8SWiJJFreT4snw7ppLzHcVzbZzlMtPXLvue2+VdS3kVw
IfzrNjQWtnnBwDi6jCb+Th44JasqmZuntFa0HOoqJHPCtUzHgN6CI2pk47yt7pwr
+EnxRkOgSdm6Q3vt/5U3631sqKx3/GmQ5fHkQu96G9iPQj+/OOg/NFeY0z75vt5b
SB87yPENIISgqb6gBo6YhIpiAoNqpP3j6WunYMG0Tl4GfPpxWMEM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org