Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/QeQfclq3eLQ-JLU59ShNFXTdkiA.roa
File:                     QeQfclq3eLQ-JLU59ShNFXTdkiA.roa (raw, json)
Hash identifier:          WpCU5wAaqmz5PRfa+5NxBXl1f7EsMClmFrvR8aYvR+E=
Subject key identifier:   41:E4:1F:72:5A:B7:78:B4:3E:24:B5:39:F5:28:4D:15:74:DD:92:20
Certificate issuer:       /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial:       0195948AF693764280498838857DB5BEF4C5
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/QeQfclq3eLQ-JLU59ShNFXTdkiA.roa
Signing time:             Fri 14 Mar 2025 12:04:49 +0000
ROA not before:           Fri 14 Mar 2025 12:04:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     43606
IP address blocks:        91.212.93.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 17 Mar 2025 05:06:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:94:8a:f6:93:76:42:80:49:88:38:85:7d:b5:be:f4:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
        Validity
            Not Before: Mar 14 12:04:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=41e41f725ab778b43e24b539f5284d1574dd9220
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a6:03:7e:b7:b2:cd:39:b6:2a:3a:58:7c:81:
                    ed:e4:ca:e4:1a:e5:9a:e4:cd:85:b7:48:d5:34:77:
                    0d:b1:44:80:94:94:d5:14:4f:c7:c5:ef:16:5c:c0:
                    7b:d4:77:b3:15:c3:b6:c2:7d:a9:2b:40:f0:a3:ec:
                    7c:ca:2d:e8:e9:5e:c9:14:bf:62:26:cd:df:6c:cc:
                    db:c2:cf:19:30:9e:ac:81:6b:cf:dd:d3:9b:ce:d7:
                    7a:76:00:01:86:6d:36:38:06:1a:c7:47:b1:7a:9c:
                    70:8d:dc:e5:52:12:4b:e9:12:b1:6a:70:35:30:9a:
                    aa:1f:83:57:d7:03:5b:f0:54:e2:8e:28:dd:25:f4:
                    c1:e6:e2:fd:11:b2:4e:d1:b3:45:72:9f:2f:81:3b:
                    1a:45:dc:41:08:87:c9:ce:61:74:75:99:dc:1b:78:
                    0c:d1:ff:19:98:57:20:6d:0b:f5:a5:c5:7c:7f:8d:
                    3d:61:08:4e:98:34:b7:f2:45:55:ce:07:fa:1b:a7:
                    44:ea:50:34:27:b4:d8:eb:ac:94:3f:be:2e:95:56:
                    d0:94:e1:26:3c:08:a1:7c:47:28:36:bf:34:50:8f:
                    24:84:05:f7:6a:dd:81:ef:6a:f6:ec:05:53:71:d5:
                    90:1c:97:fa:58:17:ea:e7:7a:94:91:26:6b:e9:69:
                    ae:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:E4:1F:72:5A:B7:78:B4:3E:24:B5:39:F5:28:4D:15:74:DD:92:20
            X509v3 Authority Key Identifier:
                keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/QeQfclq3eLQ-JLU59ShNFXTdkiA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.212.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:0e:5d:da:c7:aa:f6:01:1f:c8:ef:ce:a3:24:6a:14:d0:9b:
         56:3e:ed:9e:08:79:14:6c:d5:47:06:23:31:28:04:88:53:fd:
         19:01:bd:66:4e:e6:40:11:a6:d1:1f:40:7a:e8:d5:95:35:12:
         43:21:5a:62:f7:0f:20:72:73:10:5f:c5:26:83:d3:ff:7e:5f:
         90:1e:f4:29:f0:71:d8:8d:8b:e2:1d:17:ee:22:1a:aa:ed:40:
         80:7c:02:84:b8:63:1f:bc:be:01:76:c5:28:13:32:83:8b:4d:
         94:c3:ce:d2:09:48:b1:86:24:c4:ae:0a:ec:38:3d:b7:d2:8c:
         51:b0:9a:94:37:7c:04:3a:f1:da:3f:62:97:d0:9e:cc:a0:b2:
         0d:5d:12:04:37:89:b2:9e:66:a8:2e:c8:14:d6:16:b9:27:a2:
         44:90:37:de:cf:cd:65:0a:11:fd:64:03:b7:e0:6b:4c:4d:f1:
         20:ad:a4:90:0c:b5:37:bf:3f:e9:1a:3e:13:da:da:4a:b9:76:
         5d:2f:b7:bc:c3:47:dd:5d:e4:cb:1c:c2:c8:6b:96:e6:86:3a:
         cc:3f:a7:a3:47:d8:94:2d:55:80:37:5e:12:2d:36:42:8f:ec:
         3d:8a:69:78:16:e6:0d:cd:a8:2e:99:2a:c8:39:10:1c:a0:4f:
         2f:dd:e4:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWUivaTdkKASYg4hX21vvTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjUwMzE0MTIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU0MWY3MjVhYjc3OGI0M2UyNGI1MzlmNTI4NGQxNTc0ZGQ5MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKYDfreyzTm2KjpYfIHt5MrkGuWa
5M2Ft0jVNHcNsUSAlJTVFE/Hxe8WXMB71HezFcO2wn2pK0Dwo+x8yi3o6V7JFL9i
Js3fbMzbws8ZMJ6sgWvP3dObztd6dgABhm02OAYax0exepxwjdzlUhJL6RKxanA1
MJqqH4NX1wNb8FTijijdJfTB5uL9EbJO0bNFcp8vgTsaRdxBCIfJzmF0dZncG3gM
0f8ZmFcgbQv1pcV8f409YQhOmDS38kVVzgf6G6dE6lA0J7TY66yUP74ulVbQlOEm
PAihfEcoNr80UI8khAX3at2B72r27AVTcdWQHJf6WBfq53qUkSZr6WmuFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHkH3Jat3i0PiS1OfUoTRV03ZIgMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvUWVRZmNscTNlTFEtSkxVNTlTaE5GWFRka2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RdMA0G
CSqGSIb3DQEBCwUAA4IBAQBtDl3ax6r2AR/I786jJGoU0JtWPu2eCHkUbNVHBiMx
KASIU/0ZAb1mTuZAEabRH0B66NWVNRJDIVpi9w8gcnMQX8Umg9P/fl+QHvQp8HHY
jYviHRfuIhqq7UCAfAKEuGMfvL4BdsUoEzKDi02Uw87SCUixhiTErgrsOD230oxR
sJqUN3wEOvHaP2KX0J7MoLINXRIEN4mynmaoLsgU1ha5J6JEkDfez81lChH9ZAO3
4GtMTfEgraSQDLU3vz/pGj4T2tpKuXZdL7e8w0fdXeTLHMLIa5bmhjrMP6ejR9iU
LVWAN14SLTZCj+w9iml4FuYNzagumSrIORAcoE8v3eRZ
-----END CERTIFICATE-----
Generated at Tue Jun 10 08:40:10 2025 by rpki-client