Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/CmQzO80qBuhDxeerr02RagifanU.roa
File:                     CmQzO80qBuhDxeerr02RagifanU.roa (raw, json)
Hash identifier:          wz+cCvoMgcj+w2YctZZjyUg6MeK2OMReacAWyj1vvh4=
Subject key identifier:   0A:64:33:3B:CD:2A:06:E8:43:C5:E7:AB:AF:4D:91:6A:08:9F:6A:75
Certificate issuer:       /CN=a9c187bc7a9e885335a7eb9b0a438fe811c03847
Certificate serial:       01857014F5531E0FF678FC34C0FFA391F17E
Authority key identifier: A9:C1:87:BC:7A:9E:88:53:35:A7:EB:9B:0A:43:8F:E8:11:C0:38:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qcGHvHqeiFM1p-ubCkOP6BHAOEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/CmQzO80qBuhDxeerr02RagifanU.roa
Signing time:             Mon 02 Jan 2023 01:24:59 +0000
ROA not before:           Mon 02 Jan 2023 01:24:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51979
IP address blocks:        91.222.88.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:14:f5:53:1e:0f:f6:78:fc:34:c0:ff:a3:91:f1:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9c187bc7a9e885335a7eb9b0a438fe811c03847
        Validity
            Not Before: Jan  2 01:24:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a64333bcd2a06e843c5e7abaf4d916a089f6a75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:9d:10:78:42:04:a1:ef:de:da:bc:fe:4a:e3:
                    74:fc:5a:15:8f:56:71:56:7b:cd:28:8b:13:a6:9a:
                    75:f7:67:ae:2b:95:52:c7:c3:8c:2f:22:1d:8d:78:
                    9e:32:49:59:de:73:c6:15:46:4e:bd:6b:f4:f9:7b:
                    62:31:45:5f:bd:17:a2:86:38:21:1a:a6:ae:55:3d:
                    9f:07:38:f6:5e:58:02:4c:da:08:1a:7e:3a:62:23:
                    24:c2:9b:3c:63:cd:6f:85:c2:a5:eb:39:52:ae:e7:
                    24:ba:a8:f5:ba:01:a2:0c:86:7d:0e:4c:91:34:b8:
                    6c:d1:6f:e5:30:6a:ca:15:a4:0d:1e:74:1c:3a:52:
                    5f:ef:f8:c5:56:fa:a5:b1:2b:0a:7e:eb:fd:03:1b:
                    7c:d9:12:8f:56:1d:b6:37:f8:11:a0:b4:e4:3d:05:
                    9e:32:96:4f:ce:f3:32:80:e7:f0:ac:c8:3f:5a:d2:
                    b1:a4:8d:e1:9e:c6:13:3e:36:9c:5e:2e:b2:0e:f6:
                    f7:ab:be:74:66:a5:2d:dd:f3:b0:01:0b:f8:ca:29:
                    05:4e:a2:a8:f2:8d:40:3a:fa:72:ad:f6:30:f4:65:
                    6d:16:72:b9:0b:96:06:7e:00:2e:a6:0b:2e:14:2a:
                    aa:e9:11:84:fc:cd:3c:3b:44:84:13:2e:da:d7:82:
                    4b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:64:33:3B:CD:2A:06:E8:43:C5:E7:AB:AF:4D:91:6A:08:9F:6A:75
            X509v3 Authority Key Identifier:
                keyid:A9:C1:87:BC:7A:9E:88:53:35:A7:EB:9B:0A:43:8F:E8:11:C0:38:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcGHvHqeiFM1p-ubCkOP6BHAOEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/CmQzO80qBuhDxeerr02RagifanU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/qcGHvHqeiFM1p-ubCkOP6BHAOEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.222.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:a0:ae:47:c8:ea:2f:29:8c:cd:4f:61:d0:e0:a4:86:c5:d0:
         58:de:0e:bf:8b:72:de:25:b9:91:30:42:54:1c:cb:6d:fa:ea:
         d2:a3:e1:1a:ae:30:6d:0b:d4:44:1b:4b:64:14:48:83:48:09:
         75:30:e5:c1:4e:6c:a3:e2:5e:06:64:eb:cd:55:90:b9:f1:ed:
         97:e5:fe:30:52:38:25:73:a0:06:a6:c5:ee:87:bc:3d:c1:f8:
         a5:84:21:f2:44:54:4f:25:6c:82:0c:00:3d:c4:33:8f:16:d3:
         49:07:86:de:68:f1:54:dd:d0:2f:e9:cb:d9:c6:42:c6:69:24:
         8b:fb:ec:ba:1a:e9:50:e4:a8:33:e8:86:03:df:d5:bb:20:2b:
         f7:5e:39:3a:9f:cf:04:6d:29:70:af:74:eb:9d:4e:e2:d8:cd:
         e3:01:46:bc:2a:eb:91:15:72:e0:dd:a7:7e:e0:8f:fd:ec:86:
         d3:eb:0d:b7:20:13:07:fb:f8:10:ab:e6:b1:cc:82:03:0e:32:
         c1:0a:4d:f1:3e:03:a7:56:cc:d3:71:df:aa:87:6d:47:3f:8a:
         65:dd:dd:f8:a2:f1:fa:0b:99:81:e0:c9:71:f8:52:24:97:8e:
         52:2d:1b:da:33:64:55:14:d2:c8:96:f7:24:30:6e:c3:ac:df:
         15:a0:4b:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFPVTHg/2ePw0wP+jkfF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YzE4N2JjN2E5ZTg4NTMzNWE3ZWI5YjBhNDM4ZmU4MTFj
MDM4NDcwHhcNMjMwMTAyMDEyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTY0MzMzYmNkMmEwNmU4NDNjNWU3YWJhZjRkOTE2YTA4OWY2YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ0QeEIEoe/e2rz+SuN0/FoVj1Zx
VnvNKIsTppp192euK5VSx8OMLyIdjXieMklZ3nPGFUZOvWv0+XtiMUVfvReihjgh
GqauVT2fBzj2XlgCTNoIGn46YiMkwps8Y81vhcKl6zlSruckuqj1ugGiDIZ9DkyR
NLhs0W/lMGrKFaQNHnQcOlJf7/jFVvqlsSsKfuv9Axt82RKPVh22N/gRoLTkPQWe
MpZPzvMygOfwrMg/WtKxpI3hnsYTPjacXi6yDvb3q750ZqUt3fOwAQv4yikFTqKo
8o1AOvpyrfYw9GVtFnK5C5YGfgAupgsuFCqq6RGE/M08O0SEEy7a14JLEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApkMzvNKgboQ8Xnq69NkWoIn2p1MB8GA1UdIwQY
MBaAFKnBh7x6nohTNafrmwpDj+gRwDhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWNHSHZIcWVpRk0xcC11YkNrT1A2QkhBT0VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xYjgxNGEtZDM4OC00YzY0LTgzMDIt
MzcwZDFmZDQyNTRiLzEvQ21Rek84MHFCdWhEeGVlcnIwMlJhZ2lmYW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xYjgxNGEtZDM4OC00YzY0LTgzMDItMzcwZDFmZDQyNTRi
LzEvcWNHSHZIcWVpRk0xcC11YkNrT1A2QkhBT0VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW95YMA0G
CSqGSIb3DQEBCwUAA4IBAQAEoK5HyOovKYzNT2HQ4KSGxdBY3g6/i3LeJbmRMEJU
HMtt+urSo+EarjBtC9REG0tkFEiDSAl1MOXBTmyj4l4GZOvNVZC58e2X5f4wUjgl
c6AGpsXuh7w9wfilhCHyRFRPJWyCDAA9xDOPFtNJB4beaPFU3dAv6cvZxkLGaSSL
++y6GulQ5Kgz6IYD39W7ICv3Xjk6n88EbSlwr3TrnU7i2M3jAUa8KuuRFXLg3ad+
4I/97IbT6w23IBMH+/gQq+axzIIDDjLBCk3xPgOnVszTcd+qh21HP4pl3d34ovH6
C5mB4Mlx+FIkl45SLRvaM2RVFNLIlvckMG7DrN8VoEvU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:00 2024 by rpki-client on console-fra.rpki-client.org