Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/Qj4sWN688cAbnd4chiN8IMiw0_s.roa
File:                     Qj4sWN688cAbnd4chiN8IMiw0_s.roa (raw, json)
Hash identifier:          4JlADuipMZonCh2P38Zup1B+ejjd7HvHhnUTHbU6ryc=
Subject key identifier:   42:3E:2C:58:DE:BC:F1:C0:1B:9D:DE:1C:86:23:7C:20:C8:B0:D3:FB
Certificate issuer:       /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial:       01863A7233337FD101376C9DBEDB69499486
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/Qj4sWN688cAbnd4chiN8IMiw0_s.roa
Signing time:             Fri 10 Feb 2023 08:30:08 +0000
ROA not before:           Fri 10 Feb 2023 08:30:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203458
IP address blocks:        91.193.252.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 14 Feb 2023 10:13:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:3a:72:33:33:7f:d1:01:37:6c:9d:be:db:69:49:94:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
        Validity
            Not Before: Feb 10 08:30:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=423e2c58debcf1c01b9dde1c86237c20c8b0d3fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:79:ac:b7:53:bb:29:41:9a:eb:b1:25:cb:93:
                    ba:be:2f:df:af:ec:89:a8:d1:29:04:ba:87:01:42:
                    17:24:25:5f:54:ee:00:4d:41:da:5b:56:48:c3:67:
                    09:60:31:e1:15:18:4c:7b:8d:41:be:53:4a:a8:c3:
                    09:f6:47:da:ac:79:56:15:cb:aa:b9:b8:dd:0b:53:
                    4a:09:33:cc:c9:ff:78:f9:01:c0:26:ce:66:ff:45:
                    17:e4:f8:a5:0a:70:54:ad:5a:45:50:52:93:d4:3f:
                    89:85:95:ac:17:b8:dc:fe:f9:87:a1:b9:72:7e:ef:
                    bf:f0:55:21:a9:cd:de:61:d0:5d:4d:98:fb:19:e2:
                    c5:61:ef:e4:e6:6e:5d:a2:0d:0e:6a:d8:8f:89:b4:
                    38:bd:64:82:e0:b4:c3:0f:ea:6e:c4:8b:0b:64:e3:
                    2f:4c:6e:b6:01:de:8b:44:66:f3:ea:2b:cf:23:74:
                    54:2d:dd:31:0a:c5:69:7d:1a:5f:7f:a0:4e:85:d6:
                    96:cd:c9:e6:74:cb:7e:73:4d:a2:6f:7c:12:ba:75:
                    d2:d4:f7:d7:ef:56:7d:91:5d:8c:c0:c8:ef:e3:ca:
                    fb:66:dd:83:f5:f2:83:20:6a:a2:f9:6b:ae:4f:85:
                    4d:a5:71:1d:ec:34:13:c9:56:76:82:51:3f:4c:3e:
                    e9:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:3E:2C:58:DE:BC:F1:C0:1B:9D:DE:1C:86:23:7C:20:C8:B0:D3:FB
            X509v3 Authority Key Identifier:
                keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/Qj4sWN688cAbnd4chiN8IMiw0_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.193.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         70:fa:84:6c:99:65:7f:12:55:a8:6e:80:75:07:f5:57:c0:5d:
         35:a2:57:17:62:97:c9:81:58:d3:09:59:8b:ba:0b:7c:84:55:
         1d:bd:7a:c4:55:38:b2:34:71:12:06:36:19:1d:e9:08:6c:df:
         25:3b:9c:68:b2:d9:15:f3:d4:61:73:c3:07:05:f8:57:70:63:
         7a:6e:38:00:e3:18:ee:d2:e9:0a:24:37:32:4e:8c:62:00:60:
         01:cd:69:9d:b4:4e:04:7c:cc:69:92:f1:18:fd:78:e4:bc:1a:
         c9:51:d3:d1:f3:35:94:55:1a:12:a2:08:d1:02:14:41:19:25:
         69:33:6f:96:77:69:d3:81:7c:61:b9:b1:8f:b5:2e:e0:c3:e6:
         39:9b:9e:f5:b1:d8:01:dc:5d:a9:33:35:e2:63:d6:f6:4d:16:
         6c:86:69:02:ca:82:85:3d:27:59:0c:bf:6c:03:12:c2:3a:5c:
         3d:b1:13:57:cc:0a:f7:44:6b:e4:63:0a:5f:ca:c3:ef:f3:df:
         36:0a:0c:b0:e7:93:a2:2c:07:04:10:8b:92:1b:1f:a9:20:c6:
         a8:f6:12:f0:fc:9b:04:b5:30:ec:1f:bf:29:f9:7a:3d:88:9a:
         ee:89:b0:58:61:37:68:36:78:2e:f9:6f:1c:fd:5e:ba:37:60:
         d1:71:c6:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY6cjMzf9EBN2ydvttpSZSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwMjEwMDgzMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNlMmM1OGRlYmNmMWMwMWI5ZGRlMWM4NjIzN2MyMGM4YjBkM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHmst1O7KUGa67Ely5O6vi/fr+yJ
qNEpBLqHAUIXJCVfVO4ATUHaW1ZIw2cJYDHhFRhMe41BvlNKqMMJ9kfarHlWFcuq
ubjdC1NKCTPMyf94+QHAJs5m/0UX5PilCnBUrVpFUFKT1D+JhZWsF7jc/vmHobly
fu+/8FUhqc3eYdBdTZj7GeLFYe/k5m5dog0OatiPibQ4vWSC4LTDD+puxIsLZOMv
TG62Ad6LRGbz6ivPI3RULd0xCsVpfRpff6BOhdaWzcnmdMt+c02ib3wSunXS1PfX
71Z9kV2MwMjv48r7Zt2D9fKDIGqi+WuuT4VNpXEd7DQTyVZ2glE/TD7p9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEI+LFjevPHAG53eHIYjfCDIsNP7MB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvUWo0c1dONjg4Y0FibmQ0Y2hpTjhJTWl3MF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8H8MA0G
CSqGSIb3DQEBCwUAA4IBAQBw+oRsmWV/ElWoboB1B/VXwF01olcXYpfJgVjTCVmL
ugt8hFUdvXrEVTiyNHESBjYZHekIbN8lO5xostkV89Rhc8MHBfhXcGN6bjgA4xju
0ukKJDcyToxiAGABzWmdtE4EfMxpkvEY/XjkvBrJUdPR8zWUVRoSogjRAhRBGSVp
M2+Wd2nTgXxhubGPtS7gw+Y5m571sdgB3F2pMzXiY9b2TRZshmkCyoKFPSdZDL9s
AxLCOlw9sRNXzAr3RGvkYwpfysPv8982Cgyw55OiLAcEEIuSGx+pIMao9hLw/JsE
tTDsH78p+Xo9iJruibBYYTdoNngu+W8c/V66N2DRccYT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org