Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/q7_k5oM3gkb-gZamUrYo_m-KcuM.roa
File:                     q7_k5oM3gkb-gZamUrYo_m-KcuM.roa (raw, json)
Hash identifier:          TDTN8SuObSGTguHgSsVpXzllzf3SKJwbexJl+3rr4Wo=
Subject key identifier:   AB:BF:E4:E6:83:37:82:46:FE:81:96:A6:52:B6:28:FE:6F:8A:72:E3
Certificate issuer:       /CN=6e15a4336d2f5e1bd60737de957968992a7470e9
Certificate serial:       01856F42BDCAAD7C05710515C0B095AB3E28
Authority key identifier: 6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/q7_k5oM3gkb-gZamUrYo_m-KcuM.roa
Signing time:             Sun 01 Jan 2023 21:35:22 +0000
ROA not before:           Sun 01 Jan 2023 21:35:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34944
IP address blocks:        91.201.84.0/23 maxlen: 23
                          2001:678:9d0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:bd:ca:ad:7c:05:71:05:15:c0:b0:95:ab:3e:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e15a4336d2f5e1bd60737de957968992a7470e9
        Validity
            Not Before: Jan  1 21:35:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=abbfe4e683378246fe8196a652b628fe6f8a72e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:0c:9b:d6:f5:79:68:ca:95:5d:75:29:04:2e:
                    2c:dd:f3:57:46:42:74:58:25:cc:fe:ac:99:82:1c:
                    d5:b8:1a:7c:36:3b:3a:bb:b7:98:c2:f0:3f:66:a3:
                    ea:35:cd:f0:9a:ea:c4:e0:f3:2a:f2:86:4a:a4:4b:
                    08:05:12:8e:d7:93:7c:1c:a1:b8:6c:ba:2f:d4:48:
                    dd:35:7e:d1:c8:5a:51:66:83:90:23:83:3b:bd:99:
                    07:8f:9a:6b:36:95:ec:19:c6:4c:d9:bd:58:3b:58:
                    d1:da:c1:fd:cf:09:0a:c3:9f:06:d2:6a:f6:e4:6d:
                    0d:16:b2:78:71:22:11:a2:55:19:eb:80:e7:dc:22:
                    6f:8a:cd:bb:39:83:53:cf:29:ae:c7:9b:0b:2e:9f:
                    bd:80:b9:c9:63:ae:78:86:c4:9b:d0:98:62:03:33:
                    4b:de:6a:60:7a:c1:d8:d5:20:30:33:df:c7:41:17:
                    2c:ff:ab:7f:58:99:e7:6c:44:89:97:f6:f7:82:3d:
                    ce:5f:45:a5:79:17:3c:32:6a:56:ac:7f:8c:93:fd:
                    24:ec:c0:5d:d7:90:f5:21:72:cb:72:6c:c2:a9:2a:
                    28:0e:e4:c6:eb:4e:a3:1f:95:3c:aa:c3:62:a3:70:
                    4c:60:b7:b6:b5:88:0b:43:02:f4:2b:55:db:d2:e2:
                    c5:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:BF:E4:E6:83:37:82:46:FE:81:96:A6:52:B6:28:FE:6F:8A:72:E3
            X509v3 Authority Key Identifier:
                keyid:6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/q7_k5oM3gkb-gZamUrYo_m-KcuM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.201.84.0/23
                IPv6:
                  2001:678:9d0::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:0d:a5:10:da:74:cd:95:61:30:e6:c6:f2:28:f7:22:b2:a5:
         d9:97:4e:02:e3:8b:18:4e:2a:82:15:6e:4c:3d:1b:71:90:08:
         a0:cd:7e:85:a5:73:59:78:1d:09:4c:e4:af:f7:a3:7a:61:d0:
         eb:74:f2:b2:98:d8:f4:99:db:86:b6:ff:90:23:82:23:6d:eb:
         ee:8c:85:93:24:53:fc:5e:bb:eb:bd:44:01:e9:92:22:f4:dc:
         57:62:2d:5d:a9:18:e9:37:90:2d:d8:c1:b6:ff:a7:cf:e4:85:
         30:a6:39:d9:13:27:72:a7:90:71:60:89:00:bd:97:10:02:94:
         84:c1:e9:78:31:7d:74:af:35:ec:53:d2:0a:e0:e3:19:c4:99:
         0f:05:fd:93:ff:79:bd:8a:10:56:ee:3e:00:ea:ac:24:cb:cd:
         ff:48:19:51:ee:cc:bd:0b:18:31:8f:11:6e:37:01:8b:9b:cf:
         c2:16:74:a2:c8:1c:77:ab:fc:c4:8b:8f:57:3a:8d:09:64:aa:
         f6:17:e3:69:57:37:c9:00:2a:ea:98:86:6c:03:ae:d4:04:11:
         d4:cf:26:82:71:f5:4f:3f:35:1b:08:4d:72:04:c2:e4:de:81:
         31:f3:56:e3:14:cf:0e:1f:21:7e:8e:92:10:af:87:2d:9c:e5:
         4e:9a:66:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvQr3KrXwFcQUVwLCVqz4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMTVhNDMzNmQyZjVlMWJkNjA3MzdkZTk1Nzk2ODk5MmE3
NDcwZTkwHhcNMjMwMTAxMjEzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmJmZTRlNjgzMzc4MjQ2ZmU4MTk2YTY1MmI2MjhmZTZmOGE3MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgyb1vV5aMqVXXUpBC4s3fNXRkJ0
WCXM/qyZghzVuBp8Njs6u7eYwvA/ZqPqNc3wmurE4PMq8oZKpEsIBRKO15N8HKG4
bLov1EjdNX7RyFpRZoOQI4M7vZkHj5prNpXsGcZM2b1YO1jR2sH9zwkKw58G0mr2
5G0NFrJ4cSIRolUZ64Dn3CJvis27OYNTzymux5sLLp+9gLnJY654hsSb0JhiAzNL
3mpgesHY1SAwM9/HQRcs/6t/WJnnbESJl/b3gj3OX0WleRc8MmpWrH+Mk/0k7MBd
15D1IXLLcmzCqSooDuTG606jH5U8qsNio3BMYLe2tYgLQwL0K1Xb0uLFDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKu/5OaDN4JG/oGWplK2KP5vinLjMB8GA1UdIwQY
MBaAFG4VpDNtL14b1gc33pV5aJkqdHDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAt
OGQ1MjQ2YTIwMjQ1LzEvcTdfazVvTTNna2ItZ1phbVVyWW9fbS1LY3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAtOGQ1MjQ2YTIwMjQ1
LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8lUMA8E
AgACMAkDBwAgAQZ4CdAwDQYJKoZIhvcNAQELBQADggEBAEANpRDadM2VYTDmxvIo
9yKypdmXTgLjixhOKoIVbkw9G3GQCKDNfoWlc1l4HQlM5K/3o3ph0Ot08rKY2PSZ
24a2/5AjgiNt6+6MhZMkU/xeu+u9RAHpkiL03FdiLV2pGOk3kC3Ywbb/p8/khTCm
OdkTJ3KnkHFgiQC9lxAClITB6XgxfXSvNexT0grg4xnEmQ8F/ZP/eb2KEFbuPgDq
rCTLzf9IGVHuzL0LGDGPEW43AYubz8IWdKLIHHer/MSLj1c6jQlkqvYX42lXN8kA
KuqYhmwDrtQEEdTPJoJx9U8/NRsITXIEwuTegTHzVuMUzw4fIX6OkhCvhy2c5U6a
Zuk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org