Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/Q91NF2Gx4E43dwC4BNY1W1dW1tA.roa
File:                     Q91NF2Gx4E43dwC4BNY1W1dW1tA.roa (raw, json)
Hash identifier:          3Dnpkwy9OWoMg6kb7dAdFyN2PcKmRNK8fxM1Zz97ba0=
Subject key identifier:   43:DD:4D:17:61:B1:E0:4E:37:77:00:B8:04:D6:35:5B:57:56:D6:D0
Certificate issuer:       /CN=a016588bd1ccb2dd221c6f87838567475d7ef29b
Certificate serial:       018572558731CE360D41E638682AA2CEF20E
Authority key identifier: A0:16:58:8B:D1:CC:B2:DD:22:1C:6F:87:83:85:67:47:5D:7E:F2:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oBZYi9HMst0iHG-Hg4VnR11-8ps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/Q91NF2Gx4E43dwC4BNY1W1dW1tA.roa
Signing time:             Mon 02 Jan 2023 11:54:45 +0000
ROA not before:           Mon 02 Jan 2023 11:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212942
IP address blocks:        176.105.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:55:87:31:ce:36:0d:41:e6:38:68:2a:a2:ce:f2:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a016588bd1ccb2dd221c6f87838567475d7ef29b
        Validity
            Not Before: Jan  2 11:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=43dd4d1761b1e04e377700b804d6355b5756d6d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:37:28:80:85:1e:e2:f2:74:fb:9f:c7:76:97:
                    0f:f3:ca:63:48:6c:30:b3:f5:8f:30:15:c9:2f:ed:
                    8a:31:d4:ad:bb:88:d6:50:ad:51:48:66:64:af:08:
                    3a:58:b5:15:13:68:f9:66:3f:7e:6c:3a:85:b1:78:
                    af:14:ca:bd:47:c7:6c:b5:1e:ef:0b:b5:40:2b:35:
                    01:00:66:c5:69:49:ad:64:da:4a:9c:f0:9c:a4:31:
                    b3:53:bc:d0:fa:f2:f3:d4:83:45:a2:5f:02:75:38:
                    95:32:a0:b5:75:27:d0:8f:8b:2d:4f:6e:05:82:a2:
                    03:90:78:9e:f4:35:cf:76:01:ec:11:2e:99:92:6c:
                    12:c8:42:57:03:3b:f7:b6:14:44:1d:79:09:fb:26:
                    99:ed:de:1d:08:e7:2d:ed:f3:1f:e9:e0:68:b1:e0:
                    6e:f0:05:dd:d2:bb:3f:17:d8:38:e5:09:4c:47:bb:
                    62:37:04:c4:dc:7c:fb:56:c6:11:8f:ab:c3:d6:e1:
                    16:25:eb:59:f4:ef:b2:33:03:74:6e:65:3f:27:35:
                    00:09:79:0c:50:9c:72:23:f6:9c:63:4c:2e:6e:09:
                    6f:0e:2b:25:8d:ca:53:8f:28:b5:d8:0f:35:c4:76:
                    99:c6:34:36:e2:ff:72:06:81:4a:8c:c7:9b:45:74:
                    56:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:DD:4D:17:61:B1:E0:4E:37:77:00:B8:04:D6:35:5B:57:56:D6:D0
            X509v3 Authority Key Identifier:
                keyid:A0:16:58:8B:D1:CC:B2:DD:22:1C:6F:87:83:85:67:47:5D:7E:F2:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBZYi9HMst0iHG-Hg4VnR11-8ps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/Q91NF2Gx4E43dwC4BNY1W1dW1tA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4ec569-8caf-4198-bae1-773120ff7c0f/1/oBZYi9HMst0iHG-Hg4VnR11-8ps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.105.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:6a:74:67:15:37:26:b0:5f:3c:9b:f6:86:1a:d3:ae:19:74:
         a4:d5:04:8c:0a:46:5f:85:94:19:9d:94:7c:0c:b8:3b:3d:a1:
         4d:f0:93:c6:6b:f3:f3:90:42:22:ea:9c:d2:ab:aa:aa:f4:2f:
         ba:e4:be:4d:9b:5f:7a:2f:cf:67:12:68:87:51:93:1c:a7:ee:
         e1:ad:d3:10:c5:2d:50:d2:94:7d:fb:fa:64:46:af:79:5f:a1:
         6e:af:27:83:3b:3f:6e:6d:10:f7:38:d3:73:b2:09:43:62:af:
         da:50:63:e1:52:d9:c3:09:b5:e4:49:6a:fb:f5:fc:22:04:3d:
         b2:5b:3a:c1:a7:31:9b:9e:1c:22:2c:d7:6c:27:04:19:29:c2:
         9c:4d:4b:ce:fd:9d:eb:aa:24:15:6b:3f:b0:4a:07:b6:b9:c3:
         4c:ba:5d:a3:65:11:b2:15:41:bf:18:9a:2a:08:1e:d9:35:d9:
         6b:3f:73:4e:a0:0e:ff:c0:27:40:46:ef:ee:99:3a:2a:d2:2c:
         60:37:8c:b8:21:9c:dd:f6:8a:cf:c1:55:5e:e3:55:f7:dd:9e:
         3d:ef:f0:a5:b0:df:89:82:ae:78:41:89:42:fd:fc:36:07:48:
         bb:e1:c1:64:6e:79:cc:b4:57:7e:5a:90:1b:06:07:86:c4:b5:
         85:a3:31:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVYcxzjYNQeY4aCqizvIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMTY1ODhiZDFjY2IyZGQyMjFjNmY4NzgzODU2NzQ3NWQ3
ZWYyOWIwHhcNMjMwMTAyMTE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2RkNGQxNzYxYjFlMDRlMzc3NzAwYjgwNGQ2MzU1YjU3NTZkNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DcogIUe4vJ0+5/HdpcP88pjSGww
s/WPMBXJL+2KMdStu4jWUK1RSGZkrwg6WLUVE2j5Zj9+bDqFsXivFMq9R8dstR7v
C7VAKzUBAGbFaUmtZNpKnPCcpDGzU7zQ+vLz1INFol8CdTiVMqC1dSfQj4stT24F
gqIDkHie9DXPdgHsES6ZkmwSyEJXAzv3thREHXkJ+yaZ7d4dCOct7fMf6eBoseBu
8AXd0rs/F9g45QlMR7tiNwTE3Hz7VsYRj6vD1uEWJetZ9O+yMwN0bmU/JzUACXkM
UJxyI/acY0wubglvDisljcpTjyi12A81xHaZxjQ24v9yBoFKjMebRXRWvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPdTRdhseBON3cAuATWNVtXVtbQMB8GA1UdIwQY
MBaAFKAWWIvRzLLdIhxvh4OFZ0ddfvKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0JaWWk5SE1zdDBpSEctSGc0Vm5SMTEtOHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZWM1NjktOGNhZi00MTk4LWJhZTEt
NzczMTIwZmY3YzBmLzEvUTkxTkYyR3g0RTQzZHdDNEJOWTFXMWRXMXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZWM1NjktOGNhZi00MTk4LWJhZTEtNzczMTIwZmY3YzBm
LzEvb0JaWWk5SE1zdDBpSEctSGc0Vm5SMTEtOHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGmnMA0G
CSqGSIb3DQEBCwUAA4IBAQAhanRnFTcmsF88m/aGGtOuGXSk1QSMCkZfhZQZnZR8
DLg7PaFN8JPGa/PzkEIi6pzSq6qq9C+65L5Nm196L89nEmiHUZMcp+7hrdMQxS1Q
0pR9+/pkRq95X6FuryeDOz9ubRD3ONNzsglDYq/aUGPhUtnDCbXkSWr79fwiBD2y
WzrBpzGbnhwiLNdsJwQZKcKcTUvO/Z3rqiQVaz+wSge2ucNMul2jZRGyFUG/GJoq
CB7ZNdlrP3NOoA7/wCdARu/umToq0ixgN4y4IZzd9orPwVVe41X33Z497/ClsN+J
gq54QYlC/fw2B0i74cFkbnnMtFd+WpAbBgeGxLWFozF1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:06 2024 by rpki-client on console-fra.rpki-client.org