Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/1-h6sjV-T0OMrjSeiUh-ox--XjiU.roa
File:                     1-h6sjV-T0OMrjSeiUh-ox--XjiU.roa (raw, json)
Hash identifier:          pC7zhxf027kRHt9mT1x2x07O/Q/firIHjQY9MI8rNCo=
Subject key identifier:   FA:1E:AC:8D:5F:93:D0:E3:2B:8D:27:A2:52:1F:A8:C7:EF:97:8E:25
Certificate issuer:       /CN=ce28340a209b2ba12ae903a74cbb5e2e23aed238
Certificate serial:       01856C4123F42EA9CEAC122D1BFA0E87E7F6
Authority key identifier: CE:28:34:0A:20:9B:2B:A1:2A:E9:03:A7:4C:BB:5E:2E:23:AE:D2:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zig0CiCbK6Eq6QOnTLteLiOu0jg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/1-h6sjV-T0OMrjSeiUh-ox--XjiU.roa
Signing time:             Sun 01 Jan 2023 07:34:46 +0000
ROA not before:           Sun 01 Jan 2023 07:34:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62298
IP address blocks:        91.205.40.0/24 maxlen: 24
                          2a01:5340::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:23:f4:2e:a9:ce:ac:12:2d:1b:fa:0e:87:e7:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce28340a209b2ba12ae903a74cbb5e2e23aed238
        Validity
            Not Before: Jan  1 07:34:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa1eac8d5f93d0e32b8d27a2521fa8c7ef978e25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:c8:e2:86:05:e9:f0:dc:23:c8:64:18:f8:f5:
                    03:d2:9f:08:de:2d:16:32:cf:02:ef:1e:43:0b:f2:
                    8e:92:fb:69:d0:96:c1:69:06:2d:6e:0f:43:32:52:
                    6c:03:cf:05:cb:2b:8a:b1:79:74:69:8e:b2:6b:ba:
                    eb:3b:f0:ea:61:37:18:65:4f:26:14:ea:ef:20:d6:
                    d5:67:d0:44:37:4e:d2:c2:f1:55:ce:ba:61:d8:20:
                    e3:89:45:5c:35:2d:76:e0:0d:bb:81:de:a3:4d:c0:
                    d0:6d:8b:47:3f:ec:45:82:0b:01:64:4d:7c:6e:ee:
                    a8:77:0c:b2:78:43:97:37:24:26:af:dc:89:cf:22:
                    91:74:e8:3c:2e:e4:7d:cb:0f:6a:0a:a1:02:9c:f7:
                    63:e9:0c:b8:44:9d:a8:9d:50:f7:cc:ed:e4:17:72:
                    39:bc:9c:c3:d1:f9:d6:51:4b:c0:7d:f6:75:0e:3e:
                    86:9a:1a:96:7d:20:ea:96:18:b5:86:42:56:90:9b:
                    f7:6f:33:ed:11:5c:0b:fc:a8:a7:e1:35:60:3e:e7:
                    ce:80:df:c8:2f:92:86:ef:82:18:a3:f7:dd:ab:5b:
                    2a:3c:8e:de:cb:82:25:7d:9d:7d:c0:d9:64:a4:2f:
                    27:23:3e:2d:a1:83:c3:b6:ee:7e:f1:6a:53:7c:18:
                    fe:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:1E:AC:8D:5F:93:D0:E3:2B:8D:27:A2:52:1F:A8:C7:EF:97:8E:25
            X509v3 Authority Key Identifier:
                keyid:CE:28:34:0A:20:9B:2B:A1:2A:E9:03:A7:4C:BB:5E:2E:23:AE:D2:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zig0CiCbK6Eq6QOnTLteLiOu0jg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/1-h6sjV-T0OMrjSeiUh-ox--XjiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/zig0CiCbK6Eq6QOnTLteLiOu0jg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.40.0/24
                IPv6:
                  2a01:5340::/29

    Signature Algorithm: sha256WithRSAEncryption
         68:94:2d:83:1b:4d:52:90:d8:f0:3c:ea:c9:ce:2c:63:c8:24:
         35:32:4e:23:fe:9b:b8:8f:11:be:de:a6:95:79:0a:92:3c:76:
         f3:f0:d6:73:28:32:17:be:76:c3:e5:4a:85:a9:dc:c6:b0:da:
         70:53:85:82:1a:94:ed:9f:57:40:bc:0f:27:4e:03:92:e9:66:
         6d:d0:1c:03:7e:8e:29:ae:14:a4:f3:08:51:a7:03:d5:93:f5:
         d1:cf:c2:af:49:d6:ad:3e:f5:d8:ff:f3:a2:b7:9f:1c:b4:f6:
         06:72:f1:ca:a5:35:ac:e7:eb:e4:a5:40:6f:29:bc:75:1a:ec:
         05:e3:b4:27:44:80:e1:09:32:a4:8b:b1:c1:09:b0:29:60:cf:
         f4:a5:31:d4:1c:9b:69:f4:29:a9:7b:42:7f:7d:1e:89:bb:2c:
         fe:5a:d2:38:e1:59:cb:2e:7b:77:05:b4:59:0e:33:c6:fd:93:
         aa:2d:40:e6:07:20:cc:5e:d9:f4:69:34:c2:ad:2f:45:71:83:
         ed:ea:5c:c6:58:90:0f:7f:2e:29:7e:18:27:ac:e2:75:4b:5a:
         f4:2f:05:e5:c9:63:91:16:51:d5:f1:6e:d0:0a:83:8f:c1:56:
         97:56:70:70:cb:81:7a:82:40:1f:f3:86:d6:07:31:81:ce:9a:
         1d:10:23:7d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVsQSP0LqnOrBItG/oOh+f2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMjgzNDBhMjA5YjJiYTEyYWU5MDNhNzRjYmI1ZTJlMjNh
ZWQyMzgwHhcNMjMwMTAxMDczNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFlYWM4ZDVmOTNkMGUzMmI4ZDI3YTI1MjFmYThjN2VmOTc4ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcjihgXp8NwjyGQY+PUD0p8I3i0W
Ms8C7x5DC/KOkvtp0JbBaQYtbg9DMlJsA88FyyuKsXl0aY6ya7rrO/DqYTcYZU8m
FOrvINbVZ9BEN07SwvFVzrph2CDjiUVcNS124A27gd6jTcDQbYtHP+xFggsBZE18
bu6odwyyeEOXNyQmr9yJzyKRdOg8LuR9yw9qCqECnPdj6Qy4RJ2onVD3zO3kF3I5
vJzD0fnWUUvAffZ1Dj6GmhqWfSDqlhi1hkJWkJv3bzPtEVwL/Kin4TVgPufOgN/I
L5KG74IYo/fdq1sqPI7ey4IlfZ19wNlkpC8nIz4toYPDtu5+8WpTfBj+DwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPoerI1fk9DjK40nolIfqMfvl44lMB8GA1UdIwQY
MBaAFM4oNAogmyuhKukDp0y7Xi4jrtI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemlnMENpQ2JLNkVxNlFPblRMdGVMaU91MGpnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80NWM2ODktNzUxZi00NmQ3LTliNmMt
YjFmYzU0N2I3MzIyLzEvMS1oNnNqVi1UME9NcmpTZWlVaC1veC0tWGppVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNDVjNjg5LTc1MWYtNDZkNy05YjZjLWIxZmM1NDdiNzMy
Mi8xL3ppZzBDaUNiSzZFcTZRT25UTHRlTGlPdTBqZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvNKDAN
BAIAAjAHAwUDKgFTQDANBgkqhkiG9w0BAQsFAAOCAQEAaJQtgxtNUpDY8Dzqyc4s
Y8gkNTJOI/6buI8Rvt6mlXkKkjx28/DWcygyF752w+VKhancxrDacFOFghqU7Z9X
QLwPJ04DkulmbdAcA36OKa4UpPMIUacD1ZP10c/Cr0nWrT712P/zorefHLT2BnLx
yqU1rOfr5KVAbym8dRrsBeO0J0SA4QkypIuxwQmwKWDP9KUx1BybafQpqXtCf30e
ibss/lrSOOFZyy57dwW0WQ4zxv2Tqi1A5gcgzF7Z9Gk0wq0vRXGD7epcxliQD38u
KX4YJ6zidUta9C8F5cljkRZR1fFu0AqDj8FWl1ZwcMuBeoJAH/OG1gcxgc6aHRAj
fQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:42 2024 by rpki-client on console-fra.rpki-client.org