Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/eadafe-6c9d-4ae0-8733-819a253225cc/1/iXgB6ZRFsr8SzsIxDoFNtNyUwLI.roa
File:                     iXgB6ZRFsr8SzsIxDoFNtNyUwLI.roa (raw, json)
Hash identifier:          B4PYieRxX7BU9GsXXte0s7L8m+jrnQ4BT7q7GQCJzho=
Subject key identifier:   89:78:01:E9:94:45:B2:BF:12:CE:C2:31:0E:81:4D:B4:DC:94:C0:B2
Certificate issuer:       /CN=1bf14e8d0b3defb0304270130d1147ae0dd92d8b
Certificate serial:       018CB5461538710E87E9E31072A440F07338
Authority key identifier: 1B:F1:4E:8D:0B:3D:EF:B0:30:42:70:13:0D:11:47:AE:0D:D9:2D:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_FOjQs977AwQnATDRFHrg3ZLYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/eadafe-6c9d-4ae0-8733-819a253225cc/1/iXgB6ZRFsr8SzsIxDoFNtNyUwLI.roa
Signing time:             Fri 29 Dec 2023 11:11:58 +0000
ROA not before:           Fri 29 Dec 2023 11:11:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        185.223.104.0/22 maxlen: 24
                          141.91.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b5:46:15:38:71:0e:87:e9:e3:10:72:a4:40:f0:73:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf14e8d0b3defb0304270130d1147ae0dd92d8b
        Validity
            Not Before: Dec 29 11:11:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=897801e99445b2bf12cec2310e814db4dc94c0b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:22:30:b9:5d:b5:16:55:e8:88:52:2a:c3:3f:
                    90:26:95:05:8c:58:a0:6c:06:c1:06:bf:d9:01:f0:
                    6e:16:04:e8:8a:30:98:96:c3:bc:06:40:96:a1:6d:
                    35:83:a9:b5:0d:a1:2d:a3:1f:27:20:7f:8a:bd:3b:
                    9e:85:da:01:05:65:86:f3:c7:a9:1b:72:c6:8e:29:
                    5f:e5:cb:76:bf:32:82:69:33:4d:c2:cd:70:82:df:
                    4b:dc:04:dc:7d:9d:5f:cc:f8:36:74:0b:1d:df:5f:
                    f2:e8:c9:c0:87:b2:36:42:fb:d3:35:1b:1f:1e:07:
                    33:a3:4b:cc:10:9f:28:25:76:db:c7:04:51:d6:a4:
                    11:e3:d3:f2:f3:5b:59:c0:c5:1c:37:4a:b0:da:36:
                    89:b4:99:7d:49:66:53:7e:63:7b:7a:3e:4e:b7:c4:
                    56:5a:ed:54:d7:b5:d1:38:a2:d6:c1:76:46:a1:f0:
                    a6:6a:63:1c:17:3a:27:fb:f0:53:e7:23:c4:ea:d5:
                    2b:c3:5e:39:7d:38:a3:22:7f:83:dc:74:45:a1:74:
                    e2:48:75:11:c4:13:58:9a:d0:b0:51:90:93:fb:8e:
                    b6:8d:2f:ba:0b:d7:2d:b6:c5:e6:87:0d:0c:33:6f:
                    ce:90:6e:1d:c1:5a:53:76:ed:cd:e2:e9:9a:d5:79:
                    81:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:78:01:E9:94:45:B2:BF:12:CE:C2:31:0E:81:4D:B4:DC:94:C0:B2
            X509v3 Authority Key Identifier:
                keyid:1B:F1:4E:8D:0B:3D:EF:B0:30:42:70:13:0D:11:47:AE:0D:D9:2D:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_FOjQs977AwQnATDRFHrg3ZLYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eadafe-6c9d-4ae0-8733-819a253225cc/1/iXgB6ZRFsr8SzsIxDoFNtNyUwLI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eadafe-6c9d-4ae0-8733-819a253225cc/1/G_FOjQs977AwQnATDRFHrg3ZLYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.91.0.0/16
                  185.223.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:ae:dd:e7:e5:32:fb:4f:17:12:d6:84:64:e8:ef:7e:18:8c:
         80:c0:b0:91:1d:c3:f7:bd:65:29:1a:41:4c:04:dc:bc:32:20:
         1a:04:37:e4:fa:b7:40:5f:f2:cb:a8:db:79:d8:d5:9e:13:18:
         61:c4:69:cb:63:23:64:00:76:7a:88:b7:ad:d4:73:91:79:2f:
         69:a2:10:e3:6d:69:45:ba:9e:4b:a8:a8:99:6e:94:76:0d:c3:
         97:73:16:c2:c2:53:e6:51:da:1d:a0:85:52:45:45:20:dc:92:
         8b:62:bb:13:90:64:71:71:d7:e8:f3:68:50:50:91:85:3f:37:
         9b:6c:72:06:08:97:8c:82:e9:b3:03:60:98:39:c7:99:8c:f6:
         79:2b:81:b5:68:f2:a5:0d:91:d9:97:7c:47:02:74:7c:6e:b8:
         80:a0:b8:96:68:d8:05:36:b1:bc:45:17:2a:73:ba:82:4d:6d:
         a6:26:0b:8d:f0:d5:71:83:5f:5a:d6:b8:e5:02:25:3f:42:13:
         32:3d:00:c2:a1:72:ec:ae:10:ff:af:ef:0c:dd:6f:b7:db:46:
         57:74:27:56:85:a6:62:fe:87:c7:90:cd:de:6b:ab:c2:ac:5a:
         66:91:ec:09:58:4f:b0:cb:d5:31:da:da:75:17:15:4b:c2:91:
         64:4a:c2:fb
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYy1RhU4cQ6H6eMQcqRA8HM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjE0ZThkMGIzZGVmYjAzMDQyNzAxMzBkMTE0N2FlMGRk
OTJkOGIwHhcNMjMxMjI5MTExMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc4MDFlOTk0NDViMmJmMTJjZWMyMzEwZTgxNGRiNGRjOTRjMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCIwuV21FlXoiFIqwz+QJpUFjFig
bAbBBr/ZAfBuFgToijCYlsO8BkCWoW01g6m1DaEtox8nIH+KvTuehdoBBWWG88ep
G3LGjilf5ct2vzKCaTNNws1wgt9L3ATcfZ1fzPg2dAsd31/y6MnAh7I2QvvTNRsf
Hgczo0vMEJ8oJXbbxwRR1qQR49Py81tZwMUcN0qw2jaJtJl9SWZTfmN7ej5Ot8RW
Wu1U17XROKLWwXZGofCmamMcFzon+/BT5yPE6tUrw145fTijIn+D3HRFoXTiSHUR
xBNYmtCwUZCT+462jS+6C9cttsXmhw0MM2/OkG4dwVpTdu3N4uma1XmBWQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFIl4AemURbK/Es7CMQ6BTbTclMCyMB8GA1UdIwQY
MBaAFBvxTo0LPe+wMEJwEw0RR64N2S2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19GT2pRczk3N0F3UW5BVERSRkhyZzNaTFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lYWRhZmUtNmM5ZC00YWUwLTg3MzMt
ODE5YTI1MzIyNWNjLzEvaVhnQjZaUkZzcjhTenNJeERvRk50TnlVd0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lYWRhZmUtNmM5ZC00YWUwLTg3MzMtODE5YTI1MzIyNWNj
LzEvR19GT2pRczk3N0F3UW5BVERSRkhyZzNaTFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAjVsDBAK5
32gwDQYJKoZIhvcNAQELBQADggEBAE+u3eflMvtPFxLWhGTo734YjIDAsJEdw/e9
ZSkaQUwE3LwyIBoEN+T6t0Bf8suo23nY1Z4TGGHEactjI2QAdnqIt63Uc5F5L2mi
EONtaUW6nkuoqJlulHYNw5dzFsLCU+ZR2h2ghVJFRSDckotiuxOQZHFx1+jzaFBQ
kYU/N5tscgYIl4yC6bMDYJg5x5mM9nkrgbVo8qUNkdmXfEcCdHxuuICguJZo2AU2
sbxFFypzuoJNbaYmC43w1XGDX1rWuOUCJT9CEzI9AMKhcuyuEP+v7wzdb7fbRld0
J1aFpmL+h8eQzd5rq8KsWmaR7AlYT7DL1THa2nUXFUvCkWRKwvs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:58 2024 by rpki-client on console-fra.rpki-client.org