Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/9QJK-Nbp9QuDUIn8mCbrM6aPc1I.roa
File:                     9QJK-Nbp9QuDUIn8mCbrM6aPc1I.roa (raw, json)
Hash identifier:          b4vedye9D8emzZsNILLzYnyshk/kXIZmIQvrYdg08t4=
Subject key identifier:   F5:02:4A:F8:D6:E9:F5:0B:83:50:89:FC:98:26:EB:33:A6:8F:73:52
Certificate issuer:       /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial:       018BA51590FD7FB66024808B576584207ADF
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/9QJK-Nbp9QuDUIn8mCbrM6aPc1I.roa
Signing time:             Mon 06 Nov 2023 14:42:15 +0000
ROA not before:           Mon 06 Nov 2023 14:42:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        86.107.58.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a5:15:90:fd:7f:b6:60:24:80:8b:57:65:84:20:7a:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
        Validity
            Not Before: Nov  6 14:42:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5024af8d6e9f50b835089fc9826eb33a68f7352
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:3b:34:22:9e:f8:b9:f1:24:21:5c:97:2b:41:
                    b5:5a:a0:b9:b6:fd:84:48:95:d9:74:f2:ac:53:63:
                    6f:ea:a2:67:d2:07:f4:d6:3d:7e:25:0e:7a:43:c4:
                    a9:70:f2:83:64:e7:bc:76:08:99:d1:c2:c6:72:15:
                    45:2d:ac:1b:15:6f:ce:b5:6d:a5:b9:50:90:26:66:
                    61:25:02:7f:52:e2:56:85:66:62:c3:b3:5a:49:4c:
                    65:86:da:ab:70:89:70:3d:3d:a8:21:57:3b:14:45:
                    6b:4b:5a:2a:f3:97:f4:d1:cf:8f:c2:4a:93:0f:f1:
                    92:ec:ce:b8:aa:0c:02:12:9e:0a:e3:db:40:04:7b:
                    6a:3a:a5:a7:ec:71:67:37:4d:c8:f2:30:84:66:34:
                    5c:0e:b8:9f:c7:3b:8c:4d:b8:22:97:13:f8:b6:03:
                    0b:f6:b5:06:72:8b:58:06:91:71:6a:33:e9:61:4e:
                    2d:2d:95:3f:1f:bc:03:17:77:f6:ce:6b:c0:a1:f1:
                    89:53:94:1a:82:0c:01:12:c3:22:0e:c9:66:04:9a:
                    32:78:24:a0:f4:76:fc:49:9a:ab:e7:7c:2e:97:2c:
                    b1:4e:e6:bb:72:a0:fe:0d:d5:ca:71:80:7c:08:73:
                    25:84:bd:53:a5:9b:6e:99:4b:3f:12:29:50:2e:29:
                    8b:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:02:4A:F8:D6:E9:F5:0B:83:50:89:FC:98:26:EB:33:A6:8F:73:52
            X509v3 Authority Key Identifier:
                keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/9QJK-Nbp9QuDUIn8mCbrM6aPc1I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.107.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         38:24:14:c5:3e:13:bd:26:c1:50:14:c7:12:7f:d9:95:ff:90:
         c5:3c:8a:e2:9a:72:ea:e3:96:d2:0a:a7:f5:d5:b4:aa:cc:6a:
         be:46:56:fb:d1:33:03:79:c6:13:88:63:b6:10:97:12:21:53:
         f1:ec:58:31:0a:eb:e1:cb:6c:a2:78:85:4c:5f:e5:94:fb:55:
         0b:d7:4e:8f:b4:5c:1a:92:6d:cc:7f:01:5d:30:ee:ad:0f:cc:
         91:e5:f3:1f:fd:32:c6:c6:ef:b4:41:c6:fb:44:9e:65:de:95:
         c0:13:c3:69:67:8b:37:1c:35:d3:dc:40:46:3f:75:77:40:48:
         06:6d:c1:20:a4:3b:13:e9:2b:9e:58:13:0f:e2:e4:1b:1f:55:
         4c:fb:8b:64:13:0c:3c:49:a1:7d:e7:db:33:b2:9f:d4:51:e7:
         58:c7:1b:6d:03:3f:fb:f4:73:b9:f5:40:3e:3c:86:b4:d4:69:
         a4:b2:f9:96:39:7c:b2:c1:0a:6a:73:91:e5:92:8c:df:cf:2a:
         4f:0e:c4:92:a9:24:7c:fb:ac:57:e7:08:e1:df:58:fd:98:9c:
         af:74:5a:18:34:85:b3:07:f5:e4:92:1a:eb:92:30:7f:1f:2c:
         15:53:ea:6b:f2:55:5f:9b:cc:4c:6d:63:1e:52:00:eb:1e:e9:
         5e:d0:d8:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYulFZD9f7ZgJICLV2WEIHrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjMxMTA2MTQ0MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAyNGFmOGQ2ZTlmNTBiODM1MDg5ZmM5ODI2ZWIzM2E2OGY3MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjs0Ip74ufEkIVyXK0G1WqC5tv2E
SJXZdPKsU2Nv6qJn0gf01j1+JQ56Q8SpcPKDZOe8dgiZ0cLGchVFLawbFW/OtW2l
uVCQJmZhJQJ/UuJWhWZiw7NaSUxlhtqrcIlwPT2oIVc7FEVrS1oq85f00c+PwkqT
D/GS7M64qgwCEp4K49tABHtqOqWn7HFnN03I8jCEZjRcDrifxzuMTbgilxP4tgML
9rUGcotYBpFxajPpYU4tLZU/H7wDF3f2zmvAofGJU5QaggwBEsMiDslmBJoyeCSg
9Hb8SZqr53wulyyxTua7cqD+DdXKcYB8CHMlhL1TpZtumUs/EilQLimLawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUCSvjW6fULg1CJ/Jgm6zOmj3NSMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvOVFKSy1OYnA5UXVEVUluOG1DYnJNNmFQYzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVms6MA0G
CSqGSIb3DQEBCwUAA4IBAQA4JBTFPhO9JsFQFMcSf9mV/5DFPIrimnLq45bSCqf1
1bSqzGq+Rlb70TMDecYTiGO2EJcSIVPx7FgxCuvhy2yieIVMX+WU+1UL106PtFwa
km3MfwFdMO6tD8yR5fMf/TLGxu+0Qcb7RJ5l3pXAE8NpZ4s3HDXT3EBGP3V3QEgG
bcEgpDsT6SueWBMP4uQbH1VM+4tkEww8SaF959szsp/UUedYxxttAz/79HO59UA+
PIa01GmksvmWOXyywQpqc5HlkozfzypPDsSSqSR8+6xX5wjh31j9mJyvdFoYNIWz
B/XkkhrrkjB/HywVU+pr8lVfm8xMbWMeUgDrHule0Nhp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:24 2024 by rpki-client on console-fra.rpki-client.org