Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/qBri7BXEsCOhXfEABxntzgSn6rU.roa
File:                     qBri7BXEsCOhXfEABxntzgSn6rU.roa (raw, json)
Hash identifier:          vtP8UxcJES05FE+vxM5VZiCUZ49lh5/nY+Pomrc0TuA=
Subject key identifier:   A8:1A:E2:EC:15:C4:B0:23:A1:5D:F1:00:07:19:ED:CE:04:A7:EA:B5
Certificate issuer:       /CN=969d46361b6af720fb9836acec965b0f52f4b09c
Certificate serial:       018B8FBA9384F9E092133C424C0AED316527
Authority key identifier: 96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/qBri7BXEsCOhXfEABxntzgSn6rU.roa
Signing time:             Thu 02 Nov 2023 11:10:51 +0000
ROA not before:           Thu 02 Nov 2023 11:10:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29690
IP address blocks:        83.101.128.0/24 maxlen: 24
                          83.101.128.0/19 maxlen: 19
                          83.101.129.0/24 maxlen: 24
                          83.101.139.0/24 maxlen: 24
                          83.101.138.0/24 maxlen: 24
                          83.101.141.0/24 maxlen: 24
                          83.101.140.0/24 maxlen: 24
                          83.101.143.0/24 maxlen: 24
                          83.101.149.0/24 maxlen: 24
                          83.101.150.0/24 maxlen: 24
                          83.101.151.0/24 maxlen: 24
                          83.101.155.0/24 maxlen: 24
                          83.101.156.0/24 maxlen: 24
                          83.101.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 09:31:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8f:ba:93:84:f9:e0:92:13:3c:42:4c:0a:ed:31:65:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=969d46361b6af720fb9836acec965b0f52f4b09c
        Validity
            Not Before: Nov  2 11:10:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a81ae2ec15c4b023a15df1000719edce04a7eab5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:30:7c:b2:03:bf:ab:86:59:16:d5:23:86:cb:
                    b6:52:46:61:8c:94:63:91:5e:56:74:7f:75:a3:21:
                    ff:51:c5:db:07:70:32:b3:6b:78:c0:8e:30:33:4b:
                    a8:3e:86:55:a9:a1:84:d5:63:d8:a7:13:f0:5b:90:
                    47:10:b4:05:dd:de:a8:4d:f7:b1:ff:a4:49:c5:66:
                    5f:95:98:b1:31:5a:f1:92:7e:40:db:c0:70:2d:8e:
                    c2:d8:c7:ce:bd:82:4d:fc:64:b7:3d:fc:b8:75:3b:
                    ca:24:91:0a:10:20:89:82:d4:b3:b3:e4:8d:bf:09:
                    03:0a:ca:a8:5a:5d:3c:d8:8c:fa:89:19:a2:51:5a:
                    10:85:ac:fb:fe:ab:35:89:e8:33:60:b7:f8:e3:38:
                    2b:17:42:2f:88:7d:8e:bd:3d:d8:9e:b2:7f:53:8a:
                    22:9a:87:5a:54:61:3a:a7:e0:9a:60:7b:7c:a6:bd:
                    7c:3e:c5:dd:33:d2:e4:86:f0:d0:92:a0:81:8c:ac:
                    04:4f:15:25:75:96:69:1a:33:60:53:5a:1d:a0:e5:
                    5b:bb:c7:a9:05:98:29:3b:60:67:26:f3:4b:32:f1:
                    cc:32:f0:0a:e8:3b:6f:74:91:9a:f6:4f:aa:22:84:
                    98:c5:95:b3:2a:ef:4a:ad:dd:61:78:2b:86:7a:b5:
                    e3:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:1A:E2:EC:15:C4:B0:23:A1:5D:F1:00:07:19:ED:CE:04:A7:EA:B5
            X509v3 Authority Key Identifier:
                keyid:96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/qBri7BXEsCOhXfEABxntzgSn6rU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.101.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         66:14:44:70:8a:85:08:81:25:26:b4:73:27:d4:61:4b:ce:92:
         8f:6b:2a:24:21:f0:a7:f7:f0:d9:3f:85:2c:0e:3e:52:26:d8:
         06:7b:99:53:8e:8a:28:08:98:fd:1a:8a:a6:05:02:e8:76:42:
         ef:6c:eb:63:04:0d:e8:d7:8f:da:7b:e7:4d:dd:10:6e:f9:f4:
         ff:35:4e:11:a1:e0:40:68:c7:fc:9b:d0:df:c0:f2:df:35:11:
         bd:0a:d2:39:1a:fd:66:a0:95:1f:79:16:2c:8a:15:07:a0:6e:
         2e:46:52:e0:da:56:5f:82:c5:0b:66:c3:e5:01:b3:1c:d3:93:
         6a:12:18:a0:4b:b5:0b:f2:2e:34:6f:8d:15:c0:14:eb:8f:a0:
         fd:6e:22:91:0e:a1:d8:98:5a:99:c5:ed:1a:40:74:1e:b7:86:
         ff:a1:9f:20:c0:e8:c2:d6:9c:1f:c6:88:cd:41:25:5a:91:2d:
         10:1f:08:d0:6d:71:2e:fa:ce:87:78:09:71:81:ce:8b:bc:12:
         db:9c:e4:fb:9f:38:22:9d:01:da:bd:0d:cf:76:c2:9f:4a:77:
         eb:fb:a4:93:a6:d9:12:0f:7f:65:21:7d:62:51:a7:65:33:e5:
         61:44:e0:0e:65:48:5a:7a:d2:08:3a:b8:35:98:23:08:5a:39:
         71:a7:45:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuPupOE+eCSEzxCTArtMWUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWQ0NjM2MWI2YWY3MjBmYjk4MzZhY2VjOTY1YjBmNTJm
NGIwOWMwHhcNMjMxMTAyMTExMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFhZTJlYzE1YzRiMDIzYTE1ZGYxMDAwNzE5ZWRjZTA0YTdlYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizB8sgO/q4ZZFtUjhsu2UkZhjJRj
kV5WdH91oyH/UcXbB3Ays2t4wI4wM0uoPoZVqaGE1WPYpxPwW5BHELQF3d6oTfex
/6RJxWZflZixMVrxkn5A28BwLY7C2MfOvYJN/GS3Pfy4dTvKJJEKECCJgtSzs+SN
vwkDCsqoWl082Iz6iRmiUVoQhaz7/qs1iegzYLf44zgrF0IviH2OvT3YnrJ/U4oi
modaVGE6p+CaYHt8pr18PsXdM9LkhvDQkqCBjKwETxUldZZpGjNgU1odoOVbu8ep
BZgpO2BnJvNLMvHMMvAK6DtvdJGa9k+qIoSYxZWzKu9Krd1heCuGerXj2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKga4uwVxLAjoV3xAAcZ7c4Ep+q1MB8GA1UdIwQY
MBaAFJadRjYbavcg+5g2rOyWWw9S9LCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEt
NDM2MDAxNzFiOGJkLzEvcUJyaTdCWEVzQ09oWGZFQUJ4bnR6Z1NuNnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEtNDM2MDAxNzFiOGJk
LzEvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU2WAMA0G
CSqGSIb3DQEBCwUAA4IBAQBmFERwioUIgSUmtHMn1GFLzpKPayokIfCn9/DZP4Us
Dj5SJtgGe5lTjoooCJj9GoqmBQLodkLvbOtjBA3o14/ae+dN3RBu+fT/NU4RoeBA
aMf8m9DfwPLfNRG9CtI5Gv1moJUfeRYsihUHoG4uRlLg2lZfgsULZsPlAbMc05Nq
EhigS7UL8i40b40VwBTrj6D9biKRDqHYmFqZxe0aQHQet4b/oZ8gwOjC1pwfxojN
QSVakS0QHwjQbXEu+s6HeAlxgc6LvBLbnOT7nzginQHavQ3PdsKfSnfr+6STptkS
D39lIX1iUadlM+VhROAOZUhaetIIOrg1mCMIWjlxp0Xb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:10 2024 by rpki-client on console-ams.rpki-client.org