Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/j4XqTw8MP-YSoYcxOFZHmDG-ijc.roa
File:                     j4XqTw8MP-YSoYcxOFZHmDG-ijc.roa (raw, json)
Hash identifier:          If/l4l5IcyQgkjfQK37DNHlW6HWlz64NIHOdL8vopnU=
Subject key identifier:   8F:85:EA:4F:0F:0C:3F:E6:12:A1:87:31:38:56:47:98:31:BE:8A:37
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018571BA114D94B34044B2AF067A7C682FA0
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/j4XqTw8MP-YSoYcxOFZHmDG-ijc.roa
Signing time:             Mon 02 Jan 2023 09:04:57 +0000
ROA not before:           Mon 02 Jan 2023 09:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49581
IP address blocks:        91.225.227.0/24 maxlen: 24
                          188.191.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 08 Jan 2023 07:41:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:11:4d:94:b3:40:44:b2:af:06:7a:7c:68:2f:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Jan  2 09:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f85ea4f0f0c3fe612a187313856479831be8a37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:f5:f0:42:69:93:5b:63:dd:a3:d9:36:04:2e:
                    e8:dc:6a:01:a7:55:5d:af:d7:7d:e0:0d:6e:42:02:
                    6f:3e:eb:2c:c0:b4:7b:24:47:a9:b4:0a:c9:b2:98:
                    f1:8d:3c:3b:35:62:7f:66:f8:6b:fc:98:58:78:71:
                    9e:e4:ca:b1:f0:dc:4c:c6:f6:d0:33:48:3a:ab:20:
                    d6:f1:b9:42:1e:86:46:ae:79:a6:a3:95:b2:9d:ab:
                    53:15:ef:cf:65:a0:6d:bb:85:2a:d9:be:2b:3d:a5:
                    9a:a2:70:be:e7:1c:91:32:c4:29:0c:ef:24:47:af:
                    32:52:10:62:23:21:1f:6b:9b:f7:97:9b:2b:d7:54:
                    e4:ec:ea:95:64:4d:2b:91:eb:fb:96:70:65:96:7b:
                    b1:76:bb:83:1e:1f:70:b6:4c:df:3a:44:9d:57:21:
                    99:27:a6:8b:5a:d9:4e:9d:c4:96:1a:c3:73:ba:40:
                    85:6c:1c:34:7f:28:60:6d:8c:a1:12:87:b9:fd:cf:
                    0d:bd:3d:ad:4a:f0:17:7d:2a:a8:ed:d1:90:e8:26:
                    2b:52:8b:15:fa:23:70:87:9b:aa:b5:81:83:3c:ca:
                    5d:c8:12:ec:5c:4d:fe:d2:05:de:7a:32:7d:bd:aa:
                    10:f3:f5:f6:b0:9f:60:a1:c7:09:46:de:5f:db:44:
                    18:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:85:EA:4F:0F:0C:3F:E6:12:A1:87:31:38:56:47:98:31:BE:8A:37
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/j4XqTw8MP-YSoYcxOFZHmDG-ijc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.227.0/24
                  188.191.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:02:79:2a:1f:ff:cd:8d:09:5f:1f:18:f9:de:83:a2:16:6e:
         38:46:17:9c:f6:de:be:93:94:f9:de:ef:e0:fa:a5:ba:7e:f3:
         17:3c:cd:b3:9d:69:f3:e6:b1:79:55:5a:68:97:18:8e:ac:d2:
         d4:0b:06:ff:a9:f5:a0:f1:54:3d:a5:4a:ff:76:ee:3b:09:5d:
         8c:3f:4f:b9:74:3f:24:e7:96:df:bb:d3:f1:e3:2d:41:48:5e:
         53:60:ef:cf:81:5e:77:4e:58:00:4b:50:01:a7:27:e5:81:8e:
         6d:d8:d6:0f:83:2f:c3:ce:01:ce:46:6e:21:d2:51:d9:ee:32:
         0a:14:13:f7:88:a2:89:db:0c:11:01:b5:3a:7e:34:51:3d:d0:
         d3:01:c0:04:3b:e3:8a:44:f7:2e:b0:37:e4:32:c6:76:7a:7a:
         e1:e1:42:13:59:a0:c7:95:87:f6:99:e7:92:b4:eb:dd:8e:8b:
         6d:6d:de:0a:20:3e:ed:c7:07:b3:d6:0e:95:78:24:dc:40:a9:
         e2:05:68:a7:6e:75:69:6f:99:0e:45:36:5e:b2:77:13:5d:fc:
         c3:4e:f5:2c:45:c0:dd:30:e7:91:1e:fb:fb:09:4c:0b:c3:f4:
         c3:9e:e0:8b:27:b5:e1:bb:d3:7a:8d:11:41:fb:ad:6a:5d:72:
         95:ae:11:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxuhFNlLNARLKvBnp8aC+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMTAyMDkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjg1ZWE0ZjBmMGMzZmU2MTJhMTg3MzEzODU2NDc5ODMxYmU4YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvXwQmmTW2Pdo9k2BC7o3GoBp1Vd
r9d94A1uQgJvPusswLR7JEeptArJspjxjTw7NWJ/Zvhr/JhYeHGe5Mqx8NxMxvbQ
M0g6qyDW8blCHoZGrnmmo5WynatTFe/PZaBtu4Uq2b4rPaWaonC+5xyRMsQpDO8k
R68yUhBiIyEfa5v3l5sr11Tk7OqVZE0rkev7lnBllnuxdruDHh9wtkzfOkSdVyGZ
J6aLWtlOncSWGsNzukCFbBw0fyhgbYyhEoe5/c8NvT2tSvAXfSqo7dGQ6CYrUosV
+iNwh5uqtYGDPMpdyBLsXE3+0gXeejJ9vaoQ8/X2sJ9goccJRt5f20QY8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI+F6k8PDD/mEqGHMThWR5gxvoo3MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvajRYcVR3OE1QLVlTb1ljeE9GWkhtREctaWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+HjAwQA
vL9jMA0GCSqGSIb3DQEBCwUAA4IBAQBtAnkqH//NjQlfHxj53oOiFm44Rhec9t6+
k5T53u/g+qW6fvMXPM2znWnz5rF5VVpolxiOrNLUCwb/qfWg8VQ9pUr/du47CV2M
P0+5dD8k55bfu9Px4y1BSF5TYO/PgV53TlgAS1ABpyflgY5t2NYPgy/DzgHORm4h
0lHZ7jIKFBP3iKKJ2wwRAbU6fjRRPdDTAcAEO+OKRPcusDfkMsZ2enrh4UITWaDH
lYf2meeStOvdjottbd4KID7txwez1g6VeCTcQKniBWinbnVpb5kORTZesncTXfzD
TvUsRcDdMOeRHvv7CUwLw/TDnuCLJ7Xhu9N6jRFB+61qXXKVrhER
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org