Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/qs6NQpatr6ZTVgQB-pVE8vKLkVI.roa
File:                     qs6NQpatr6ZTVgQB-pVE8vKLkVI.roa (raw, json)
Hash identifier:          TO/rlVVaeBGQLcKbmDa4D+zXCWPwjdBXJ82lS7ki6u0=
Subject key identifier:   AA:CE:8D:42:96:AD:AF:A6:53:56:04:01:FA:95:44:F2:F2:8B:91:52
Certificate issuer:       /CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Certificate serial:       018CC870AFFB1FC3B26190AD1B2DF42F2490
Authority key identifier: 9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/qs6NQpatr6ZTVgQB-pVE8vKLkVI.roa
Signing time:             Tue 02 Jan 2024 04:31:17 +0000
ROA not before:           Tue 02 Jan 2024 04:31:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3320
IP address blocks:        185.91.204.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 09:26:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:af:fb:1f:c3:b2:61:90:ad:1b:2d:f4:2f:24:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
        Validity
            Not Before: Jan  2 04:31:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=aace8d4296adafa653560401fa9544f2f28b9152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:0d:65:11:8b:06:3a:87:c9:7a:39:55:fb:95:
                    a2:89:4f:53:37:4d:82:82:97:f8:9e:83:21:26:c2:
                    9a:e5:de:41:13:5f:3d:5d:0f:11:75:1d:c6:c7:37:
                    97:0b:ce:a4:f7:0e:9f:45:e5:ca:10:d1:60:9c:25:
                    12:62:e6:9e:83:db:38:62:d2:34:f6:d4:e1:04:d6:
                    f5:94:de:29:ba:67:a9:7e:b5:d0:72:c1:12:d8:0f:
                    59:48:f8:0d:78:9d:68:ce:26:5c:47:e4:36:a3:dd:
                    d7:3c:91:08:25:3e:e3:7d:99:b5:55:74:55:9e:80:
                    5a:4a:08:ce:ba:1f:75:7f:bd:b2:87:f1:66:8f:00:
                    7a:df:87:2f:3f:fb:5a:23:fe:89:0f:18:74:a8:d2:
                    ac:13:ad:ae:45:0b:bf:85:fb:87:02:7d:75:ce:5b:
                    9e:7d:df:ae:a0:7b:6c:5f:5a:ee:db:10:d5:47:c6:
                    6f:85:ab:e4:3e:e9:dd:f5:71:f0:cb:c9:07:33:49:
                    35:9e:33:c8:cf:22:59:42:85:16:0d:13:9e:84:0a:
                    60:08:85:6a:e6:9d:49:af:4d:4a:53:60:ce:4a:b8:
                    76:b8:69:98:7b:ef:3d:ba:19:28:e4:74:af:74:1e:
                    87:c0:02:4a:67:49:51:58:9d:3f:81:f0:45:60:32:
                    2c:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:CE:8D:42:96:AD:AF:A6:53:56:04:01:FA:95:44:F2:F2:8B:91:52
            X509v3 Authority Key Identifier:
                keyid:9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/qs6NQpatr6ZTVgQB-pVE8vKLkVI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.91.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:54:72:f0:19:da:ce:59:0c:90:6e:fe:77:b7:be:89:cb:a0:
         ab:e8:9a:90:3d:9d:03:80:6f:3c:7b:f1:9a:20:03:63:06:d6:
         56:57:00:b4:bc:d8:d3:23:94:53:fd:05:eb:51:ec:7d:2d:a0:
         dc:8f:4a:d0:df:af:31:86:64:55:41:9f:3e:a7:8f:b3:47:56:
         34:47:25:23:be:6e:0c:36:67:7d:8b:3d:61:9f:aa:46:45:de:
         23:f9:97:bf:22:46:f4:d8:4f:16:75:c1:69:1a:86:95:70:48:
         d0:3d:68:6e:c2:16:fd:66:45:3e:86:8a:51:b7:e7:0d:4d:dd:
         ab:ae:f2:4c:c9:1a:57:3a:66:b1:e8:fb:d4:3c:5d:e9:f5:67:
         2d:d7:18:16:04:32:04:a5:19:9f:f8:7a:ad:aa:9e:84:e2:a2:
         25:b6:af:5d:8b:1a:c0:69:4a:12:b1:b1:93:06:a1:1e:c0:58:
         38:b1:dc:52:f6:e5:9f:a8:dc:3b:75:be:b9:82:b5:d9:8d:85:
         aa:fb:4d:8c:4f:3f:74:46:c5:7d:c6:cb:61:f7:0d:51:17:8b:
         9b:bf:bd:f1:e3:7d:ba:c9:30:33:aa:54:36:7f:d4:f9:ef:3f:
         3c:83:6c:a8:f6:43:c1:7a:fa:62:6e:a2:ca:7a:a6:df:27:30:
         a5:c9:fd:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcK/7H8OyYZCtGy30LySQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWYwYmY5M2ZjNDM4MWZmZjdlN2FhODZiNDA3NmMwMzMy
NDJmZmEwHhcNMjQwMTAyMDQzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNlOGQ0Mjk2YWRhZmE2NTM1NjA0MDFmYTk1NDRmMmYyOGI5MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA1lEYsGOofJejlV+5WiiU9TN02C
gpf4noMhJsKa5d5BE189XQ8RdR3GxzeXC86k9w6fReXKENFgnCUSYuaeg9s4YtI0
9tThBNb1lN4pumepfrXQcsES2A9ZSPgNeJ1oziZcR+Q2o93XPJEIJT7jfZm1VXRV
noBaSgjOuh91f72yh/FmjwB634cvP/taI/6JDxh0qNKsE62uRQu/hfuHAn11zlue
fd+uoHtsX1ru2xDVR8ZvhavkPund9XHwy8kHM0k1njPIzyJZQoUWDROehApgCIVq
5p1Jr01KU2DOSrh2uGmYe+89uhko5HSvdB6HwAJKZ0lRWJ0/gfBFYDIsgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrOjUKWra+mU1YEAfqVRPLyi5FSMB8GA1UdIwQY
MBaAFJ+vC/k/xDgf/356qGtAdsAzJC/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgt
ZjUyMGE3ZDcxZWY1LzEvcXM2TlFwYXRyNlpUVmdRQi1wVkU4dktMa1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgtZjUyMGE3ZDcxZWY1
LzEvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVvMMA0G
CSqGSIb3DQEBCwUAA4IBAQAZVHLwGdrOWQyQbv53t76Jy6Cr6JqQPZ0DgG88e/Ga
IANjBtZWVwC0vNjTI5RT/QXrUex9LaDcj0rQ368xhmRVQZ8+p4+zR1Y0RyUjvm4M
Nmd9iz1hn6pGRd4j+Ze/Ikb02E8WdcFpGoaVcEjQPWhuwhb9ZkU+hopRt+cNTd2r
rvJMyRpXOmax6PvUPF3p9Wct1xgWBDIEpRmf+Hqtqp6E4qIltq9dixrAaUoSsbGT
BqEewFg4sdxS9uWfqNw7db65grXZjYWq+02MTz90RsV9xsth9w1RF4ubv73x4326
yTAzqlQ2f9T57z88g2yo9kPBevpibqLKeqbfJzClyf3j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:29 2024 by rpki-client on console-fra.rpki-client.org