Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/I6P5Ed6UD-JbKJhxmF83Phvncfw.roa
File:                     I6P5Ed6UD-JbKJhxmF83Phvncfw.roa (raw, json)
Hash identifier:          pD9J6bgKRdB2cot3GaetzDUwH51tRUJTQe6Sb876INM=
Subject key identifier:   23:A3:F9:11:DE:94:0F:E2:5B:28:98:71:98:5F:37:3E:1B:E7:71:FC
Certificate issuer:       /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial:       018757C4688A0D34EE8270C49E27FB6E6D91
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/I6P5Ed6UD-JbKJhxmF83Phvncfw.roa
Signing time:             Thu 06 Apr 2023 18:11:42 +0000
ROA not before:           Thu 06 Apr 2023 18:11:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34309
IP address blocks:        185.181.116.0/22 maxlen: 24
                          91.197.228.0/22 maxlen: 24
                          2a0a:cb80::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:57:c4:68:8a:0d:34:ee:82:70:c4:9e:27:fb:6e:6d:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
        Validity
            Not Before: Apr  6 18:11:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23a3f911de940fe25b289871985f373e1be771fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:57:ca:62:da:41:58:e2:03:f9:c2:19:a1:d5:
                    8a:93:ed:70:55:53:b1:fa:37:52:53:05:75:9f:81:
                    ba:30:14:92:bf:0f:1e:01:b9:e1:75:67:58:4e:7b:
                    a0:f4:eb:aa:ee:dc:97:62:1e:7e:89:14:5f:c1:5d:
                    b1:7c:ef:17:2a:c0:63:41:f6:1b:55:1e:44:51:44:
                    9c:29:7b:70:ba:fe:52:12:5c:f1:61:a5:7f:a1:0a:
                    b8:cf:ac:d9:5e:c8:9a:f8:bc:de:af:c5:3e:42:5c:
                    74:d9:d5:94:1e:12:ba:37:01:b9:9a:85:32:c4:55:
                    80:d2:84:d0:ed:6a:9d:36:3c:a9:7e:d3:b0:9e:5c:
                    d9:42:3b:87:a4:24:84:83:59:8a:f8:bd:07:e4:94:
                    fe:ee:52:38:eb:23:a9:30:6e:de:cc:b6:bf:ee:c6:
                    1a:81:58:c9:ef:6e:ce:a7:75:5a:6d:a7:8a:43:26:
                    43:8b:03:dd:5d:5a:04:78:da:20:b2:69:58:d3:6b:
                    23:a6:b8:8c:81:81:af:b9:b9:85:50:6b:aa:8e:46:
                    b3:e5:96:e3:c4:65:a0:24:ea:79:1d:7d:02:89:81:
                    d2:df:b9:f1:40:d9:c4:6d:ca:8e:af:eb:fd:a1:ac:
                    c7:24:52:84:dd:f0:8a:db:d7:8b:66:b2:b1:64:12:
                    15:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:A3:F9:11:DE:94:0F:E2:5B:28:98:71:98:5F:37:3E:1B:E7:71:FC
            X509v3 Authority Key Identifier:
                keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/I6P5Ed6UD-JbKJhxmF83Phvncfw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.197.228.0/22
                  185.181.116.0/22
                IPv6:
                  2a0a:cb80::/32

    Signature Algorithm: sha256WithRSAEncryption
         23:83:34:6e:3b:2d:c5:82:51:08:68:94:6b:97:df:e6:0f:a8:
         0b:ad:32:32:f3:4f:ef:59:96:af:6c:66:61:73:2b:e8:ce:a6:
         60:e8:89:02:34:73:21:26:7c:cf:87:55:33:2b:82:cc:a4:91:
         57:e8:c8:2b:aa:31:ac:09:e8:01:4a:8d:8d:6a:92:b1:b4:37:
         57:26:a5:93:90:02:c0:83:c6:a0:b9:26:b2:5a:1f:b7:35:04:
         7b:f1:9d:48:80:b0:88:cb:9e:2f:43:3a:be:7d:dd:3e:c8:19:
         12:72:aa:ca:64:24:33:5c:dd:f0:6b:e7:ee:60:cf:5a:1f:60:
         05:4d:6e:fe:3a:fd:4b:47:0a:56:b6:1a:97:7b:be:13:90:0b:
         f3:f7:60:e3:f1:f3:27:c1:82:0b:a2:5f:3a:f8:bc:4a:95:ae:
         85:11:b0:15:ad:b5:f2:1e:c5:d8:ff:62:32:12:c7:66:d3:51:
         ef:eb:99:75:a9:74:a3:7f:f1:1a:3a:3b:de:c4:db:79:6f:00:
         b5:a2:46:0c:5b:fa:e4:8d:51:e4:8f:da:47:8c:c6:cb:8e:d1:
         22:de:dd:88:a6:3c:02:86:fc:d9:65:02:51:bf:5d:40:cc:8a:
         94:64:e7:ef:53:ca:d6:23:4c:28:94:11:1c:c8:6a:9f:8c:e5:
         ca:8f:a4:73
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYdXxGiKDTTugnDEnif7bm2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjMwNDA2MTgxMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2EzZjkxMWRlOTQwZmUyNWIyODk4NzE5ODVmMzczZTFiZTc3MWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVfKYtpBWOID+cIZodWKk+1wVVOx
+jdSUwV1n4G6MBSSvw8eAbnhdWdYTnug9Ouq7tyXYh5+iRRfwV2xfO8XKsBjQfYb
VR5EUUScKXtwuv5SElzxYaV/oQq4z6zZXsia+Lzer8U+Qlx02dWUHhK6NwG5moUy
xFWA0oTQ7WqdNjypftOwnlzZQjuHpCSEg1mK+L0H5JT+7lI46yOpMG7ezLa/7sYa
gVjJ727Op3VabaeKQyZDiwPdXVoEeNogsmlY02sjpriMgYGvubmFUGuqjkaz5Zbj
xGWgJOp5HX0CiYHS37nxQNnEbcqOr+v9oazHJFKE3fCK29eLZrKxZBIVgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCOj+RHelA/iWyiYcZhfNz4b53H8MB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvSTZQNUVkNlVELUpiS0poeG1GODNQaHZuY2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQAjgzRuOy3FglEI
aJRrl9/mD6gLrTIy80/vWZavbGZhcyvozqZg6IkCNHMhJnzPh1UzK4LMpJFX6Mgr
qjGsCegBSo2NapKxtDdXJqWTkALAg8aguSayWh+3NQR78Z1IgLCIy54vQzq+fd0+
yBkScqrKZCQzXN3wa+fuYM9aH2AFTW7+Ov1LRwpWthqXe74TkAvz92Dj8fMnwYIL
ol86+LxKla6FEbAVrbXyHsXY/2IyEsdm01Hv65l1qXSjf/EaOjvexNt5bwC1okYM
W/rkjVHkj9pHjMbLjtEi3t2IpjwChvzZZQJRv11AzIqUZOfvU8rWI0wolBEcyGqf
jOXKj6Rz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:40 2024 by rpki-client on console-fra.rpki-client.org