Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/by7aKMq_7NMoQIFa76k1DUGb088.roa
File:                     by7aKMq_7NMoQIFa76k1DUGb088.roa (raw, json)
Hash identifier:          QmaXulCyPz1sS5Zmx7ErWAofBF8PzdsLvQl2epe7y2s=
Subject key identifier:   6F:2E:DA:28:CA:BF:EC:D3:28:40:81:5A:EF:A9:35:0D:41:9B:D3:CF
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       0189F65D2F54C2DE1114DAE7684569B2730A
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/by7aKMq_7NMoQIFa76k1DUGb088.roa
Signing time:             Mon 14 Aug 2023 23:24:09 +0000
ROA not before:           Mon 14 Aug 2023 23:24:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        91.103.124.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f6:5d:2f:54:c2:de:11:14:da:e7:68:45:69:b2:73:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Aug 14 23:24:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f2eda28cabfecd32840815aefa9350d419bd3cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:78:2e:9d:db:26:e5:a7:67:05:2e:20:c8:79:
                    18:3c:e2:0d:42:0a:88:5b:1c:12:fd:02:eb:b7:b5:
                    5a:95:b7:2a:63:71:c2:07:dc:72:4c:80:89:ed:72:
                    60:01:5f:fc:a8:49:b1:ec:10:fa:9f:28:91:8c:8e:
                    02:b9:5b:f6:ab:7b:60:4b:2e:ab:d6:79:e6:a8:21:
                    57:3a:cb:58:b3:40:3d:fd:61:d0:65:69:e5:db:df:
                    0b:b1:3b:7a:52:d1:7e:2a:d0:df:eb:ca:9f:42:a5:
                    3f:50:81:d6:0b:cb:23:2f:99:f2:6d:e9:a9:1b:53:
                    4a:ec:70:72:53:da:e1:6c:50:ef:5f:88:e1:42:e8:
                    ec:c7:71:d6:c0:69:70:d2:d2:43:5a:32:5b:33:de:
                    6a:df:08:52:34:a3:e7:40:d2:1b:11:9d:4e:d9:b8:
                    e8:4e:f2:ce:ca:77:3a:fa:72:61:7a:8f:ea:ad:d6:
                    22:6f:9f:05:69:fd:5b:3c:dd:63:fc:e9:8f:c6:e0:
                    b3:e6:3e:e9:23:78:44:a0:08:15:20:39:f5:38:e1:
                    6b:f1:44:dc:aa:6d:59:a1:20:ef:3c:21:ed:8d:69:
                    8a:7b:5b:2c:9a:8d:26:95:e7:4d:56:30:f5:6c:a2:
                    04:92:88:5d:3f:0c:fa:0a:65:63:d9:5c:67:29:61:
                    12:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:2E:DA:28:CA:BF:EC:D3:28:40:81:5A:EF:A9:35:0D:41:9B:D3:CF
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/by7aKMq_7NMoQIFa76k1DUGb088.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.103.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:f8:f1:a7:34:4e:c1:86:c0:95:ec:9b:7d:1c:98:64:78:1b:
         11:cd:74:7d:1b:54:23:38:f6:07:c9:85:96:30:bb:ca:e9:4c:
         cd:64:29:0d:c8:b7:e6:bd:be:b4:c5:6e:cc:43:1a:c6:ff:a0:
         c3:87:e1:09:58:b9:d4:4e:5c:d1:a2:d7:61:ed:cd:8e:ad:67:
         03:d8:01:3c:27:ad:f0:c9:c8:6a:d5:13:b2:59:df:26:54:8a:
         66:c6:c7:26:38:2d:8c:9e:83:22:a5:19:13:58:ca:76:4f:76:
         fb:6a:6c:41:68:5f:95:4f:03:50:c3:b6:d2:05:ee:2a:52:d6:
         b0:19:94:a6:5a:1f:da:ca:4a:7b:a9:fa:2e:5b:f0:c2:f0:a8:
         30:e9:3a:0e:c3:99:52:4a:2d:c6:27:d0:88:18:02:4a:7c:54:
         ff:d6:58:3a:23:43:f9:f7:93:a9:ad:47:52:63:05:bd:ec:88:
         63:af:7d:6b:cc:fc:d7:c6:a3:27:c9:b0:c4:30:87:b5:45:44:
         3a:88:31:d7:ff:78:4a:a2:7e:ee:77:bf:04:db:03:86:e8:0f:
         32:67:cf:35:d9:f0:6a:b9:8e:93:38:ed:e1:9c:10:f6:a5:60:
         1a:5f:da:c2:c6:9a:5b:50:c2:ec:9f:20:b7:96:71:9d:4c:e8:
         dc:73:8c:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn2XS9Uwt4RFNrnaEVpsnMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwODE0MjMyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjJlZGEyOGNhYmZlY2QzMjg0MDgxNWFlZmE5MzUwZDQxOWJkM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3gundsm5adnBS4gyHkYPOINQgqI
WxwS/QLrt7ValbcqY3HCB9xyTICJ7XJgAV/8qEmx7BD6nyiRjI4CuVv2q3tgSy6r
1nnmqCFXOstYs0A9/WHQZWnl298LsTt6UtF+KtDf68qfQqU/UIHWC8sjL5nybemp
G1NK7HByU9rhbFDvX4jhQujsx3HWwGlw0tJDWjJbM95q3whSNKPnQNIbEZ1O2bjo
TvLOync6+nJheo/qrdYib58Faf1bPN1j/OmPxuCz5j7pI3hEoAgVIDn1OOFr8UTc
qm1ZoSDvPCHtjWmKe1ssmo0mledNVjD1bKIEkohdPwz6CmVj2VxnKWESuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8u2ijKv+zTKECBWu+pNQ1Bm9PPMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvYnk3YUtNcV83Tk1vUUlGYTc2azFEVUdiMDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW2d8MA0G
CSqGSIb3DQEBCwUAA4IBAQBP+PGnNE7BhsCV7Jt9HJhkeBsRzXR9G1QjOPYHyYWW
MLvK6UzNZCkNyLfmvb60xW7MQxrG/6DDh+EJWLnUTlzRotdh7c2OrWcD2AE8J63w
ychq1ROyWd8mVIpmxscmOC2MnoMipRkTWMp2T3b7amxBaF+VTwNQw7bSBe4qUtaw
GZSmWh/aykp7qfouW/DC8Kgw6ToOw5lSSi3GJ9CIGAJKfFT/1lg6I0P595OprUdS
YwW97Ihjr31rzPzXxqMnybDEMIe1RUQ6iDHX/3hKon7ud78E2wOG6A8yZ8812fBq
uY6TOO3hnBD2pWAaX9rCxppbUMLsnyC3lnGdTOjcc4zx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org