Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aj6MwqPaXMo1q77Yr1EHj2h4gj8.roa
File:                     aj6MwqPaXMo1q77Yr1EHj2h4gj8.roa (raw, json)
Hash identifier:          FYjgEsHI1ViV4gHEKH6nnc/yHpHLvdYxc0zMfISnIBc=
Subject key identifier:   6A:3E:8C:C2:A3:DA:5C:CA:35:AB:BE:D8:AF:51:07:8F:68:78:82:3F
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       0188DB9575C832FAC7BA39FAE2D6C7619386
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aj6MwqPaXMo1q77Yr1EHj2h4gj8.roa
Signing time:             Wed 21 Jun 2023 01:33:05 +0000
ROA not before:           Wed 21 Jun 2023 01:33:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        91.103.120.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 23 Jun 2023 08:53:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:db:95:75:c8:32:fa:c7:ba:39:fa:e2:d6:c7:61:93:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Jun 21 01:33:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a3e8cc2a3da5cca35abbed8af51078f6878823f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:4e:1f:00:f4:1e:91:0b:93:42:8a:08:c4:0d:
                    7a:79:55:a8:7f:7e:c0:a6:3d:e4:c7:25:4d:25:4b:
                    2d:6b:7c:7d:7b:6c:6e:cd:cb:d1:70:bb:14:bf:f6:
                    97:65:4a:39:15:eb:96:43:25:d8:e4:5b:67:31:84:
                    49:f0:db:9d:93:77:69:b0:29:46:de:d3:0e:25:5c:
                    84:18:2d:a0:3d:6f:1b:97:1d:cd:6b:81:8a:87:2b:
                    b8:f7:73:0e:36:c8:85:50:26:a4:05:99:15:ef:c5:
                    81:93:39:23:37:61:f4:9b:89:a6:75:21:ea:db:4a:
                    d2:65:70:36:fc:ad:1d:a6:4a:16:8a:af:42:2c:6d:
                    0c:47:dd:5c:85:3d:7d:38:3f:dc:0e:b4:be:1c:0a:
                    9a:e8:8a:39:62:47:de:a3:a7:0e:70:3b:e8:ae:ca:
                    fa:30:1f:9b:de:bc:65:ec:35:83:18:5e:11:35:5b:
                    33:e2:55:45:4b:46:6e:30:e1:c2:b2:f8:de:4c:5e:
                    a3:ab:7e:0f:b3:ef:c1:08:0c:19:1a:6c:27:ee:64:
                    c1:7e:9c:90:a2:03:f3:93:dc:23:96:84:96:db:de:
                    97:33:4d:7d:85:42:63:1c:7d:5b:5e:07:6d:ef:df:
                    47:bf:1c:f3:3a:f3:6f:08:8b:3c:8a:75:c2:f6:43:
                    54:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:3E:8C:C2:A3:DA:5C:CA:35:AB:BE:D8:AF:51:07:8F:68:78:82:3F
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aj6MwqPaXMo1q77Yr1EHj2h4gj8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.103.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         82:ba:ee:69:9d:48:71:9c:1e:78:6a:43:d9:06:50:a0:2b:c7:
         95:14:da:e1:a4:92:37:25:ac:b7:dd:91:ec:38:5e:59:b7:d3:
         55:ad:61:70:bd:62:34:aa:4c:d0:e2:10:3a:20:a9:70:48:e5:
         98:67:75:0e:d8:d1:46:0f:22:6c:a6:fb:2f:12:f0:cb:4b:2e:
         70:c9:7b:09:73:f2:1c:7f:89:e4:92:5a:65:bf:7c:02:44:05:
         73:43:2e:6f:8f:bf:23:13:d1:55:4e:c6:67:b0:ff:06:e4:7a:
         b4:4d:c2:14:2f:cf:fe:ae:27:44:71:b7:d0:f1:77:e8:1f:79:
         1e:12:87:8e:64:c8:45:dc:91:c4:27:0a:38:2f:a3:4d:8a:fd:
         5e:00:a6:cf:86:b3:cb:b5:e2:11:f5:77:a0:f4:9f:8f:c0:d3:
         ef:41:fd:bb:1b:fe:f1:e0:36:a3:89:4b:35:27:63:bd:72:28:
         23:61:f5:33:a8:b9:0d:cd:b2:96:ad:82:d4:0f:a4:26:dc:48:
         39:d5:2e:ed:cc:c1:72:4d:a3:af:af:53:8e:06:ef:05:f7:f1:
         e7:8f:78:08:85:87:d5:03:f3:08:a3:44:6a:f3:59:73:89:24:
         0a:9a:dd:d0:af:2c:4d:03:1c:9f:08:c6:e6:66:55:25:89:b6:
         56:2b:65:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjblXXIMvrHujn64tbHYZOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNjIxMDEzMzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTNlOGNjMmEzZGE1Y2NhMzVhYmJlZDhhZjUxMDc4ZjY4Nzg4MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU4fAPQekQuTQooIxA16eVWof37A
pj3kxyVNJUsta3x9e2xuzcvRcLsUv/aXZUo5FeuWQyXY5FtnMYRJ8Nudk3dpsClG
3tMOJVyEGC2gPW8blx3Na4GKhyu493MONsiFUCakBZkV78WBkzkjN2H0m4mmdSHq
20rSZXA2/K0dpkoWiq9CLG0MR91chT19OD/cDrS+HAqa6Io5Ykfeo6cOcDvorsr6
MB+b3rxl7DWDGF4RNVsz4lVFS0ZuMOHCsvjeTF6jq34Ps+/BCAwZGmwn7mTBfpyQ
ogPzk9wjloSW296XM019hUJjHH1bXgdt799HvxzzOvNvCIs8inXC9kNUFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGo+jMKj2lzKNau+2K9RB49oeII/MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvYWo2TXdxUGFYTW8xcTc3WXIxRUhqMmg0Z2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW2d4MA0G
CSqGSIb3DQEBCwUAA4IBAQCCuu5pnUhxnB54akPZBlCgK8eVFNrhpJI3Jay33ZHs
OF5Zt9NVrWFwvWI0qkzQ4hA6IKlwSOWYZ3UO2NFGDyJspvsvEvDLSy5wyXsJc/Ic
f4nkklplv3wCRAVzQy5vj78jE9FVTsZnsP8G5Hq0TcIUL8/+ridEcbfQ8XfoH3ke
EoeOZMhF3JHEJwo4L6NNiv1eAKbPhrPLteIR9Xeg9J+PwNPvQf27G/7x4DajiUs1
J2O9cigjYfUzqLkNzbKWrYLUD6Qm3Eg51S7tzMFyTaOvr1OOBu8F9/Hnj3gIhYfV
A/MIo0Rq81lziSQKmt3QryxNAxyfCMbmZlUlibZWK2Ue
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org