Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/QtW_oL-3_rT3Sk0IGqiuDzZ8t6s.roa
File:                     QtW_oL-3_rT3Sk0IGqiuDzZ8t6s.roa (raw, json)
Hash identifier:          6Ge9997OXrsjEYONVR5gkHMoEtDM+Z//B3axxiwzcR0=
Subject key identifier:   42:D5:BF:A0:BF:B7:FE:B4:F7:4A:4D:08:1A:A8:AE:0F:36:7C:B7:AB
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       01856CE659DED153860BDD3F9BAEDC7DE5A7
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/QtW_oL-3_rT3Sk0IGqiuDzZ8t6s.roa
Signing time:             Sun 01 Jan 2023 10:35:13 +0000
ROA not before:           Sun 01 Jan 2023 10:35:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43943
IP address blocks:        213.91.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:59:de:d1:53:86:0b:dd:3f:9b:ae:dc:7d:e5:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 10:35:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42d5bfa0bfb7feb4f74a4d081aa8ae0f367cb7ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c9:ed:e0:86:9a:2a:ce:19:97:9b:d9:b4:a5:
                    4a:d9:5d:af:e3:fe:cc:68:74:21:f1:6d:9a:05:ef:
                    c3:ae:df:7b:36:7a:6d:28:68:ad:49:27:fa:46:42:
                    c6:a3:14:b6:9f:f2:73:a0:82:48:04:ae:00:c0:91:
                    a0:dc:2f:3b:0c:24:d4:30:cb:95:2d:56:dc:e3:ef:
                    32:2b:15:c1:51:53:74:71:ff:24:6d:84:7b:18:6a:
                    e7:fa:8c:95:7e:91:6a:39:65:a6:84:8f:3e:4f:f0:
                    4a:c6:b4:4d:4e:56:c9:70:38:f2:be:32:4d:79:a6:
                    0e:10:f8:7b:3a:d8:8a:9f:b2:f4:1d:b4:59:27:9b:
                    82:cd:56:e6:1b:6b:21:90:15:d0:af:26:2f:38:f0:
                    ef:8a:db:04:70:b2:5e:fd:ee:5e:1f:3c:9b:5d:5a:
                    95:7d:f9:3c:59:9f:10:e6:6b:8e:8d:0f:46:14:21:
                    f3:25:55:a9:0f:2f:69:85:6f:0f:45:fb:ee:cc:08:
                    5e:eb:a3:1e:57:9d:5b:5e:2d:d5:d1:6a:2a:2d:17:
                    07:9b:86:72:3b:f6:2a:04:b2:6d:e7:8e:ed:dd:18:
                    60:e6:a2:46:20:dc:c3:db:02:9f:8b:79:67:2c:6c:
                    24:d4:9a:f7:55:07:01:55:8d:38:3f:8e:f5:ee:f1:
                    c5:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:D5:BF:A0:BF:B7:FE:B4:F7:4A:4D:08:1A:A8:AE:0F:36:7C:B7:AB
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/QtW_oL-3_rT3Sk0IGqiuDzZ8t6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.91.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:f6:fd:94:ce:01:d4:58:bf:3c:c7:25:1c:50:94:5c:13:5d:
         7e:05:70:60:93:b2:9f:94:05:1c:df:33:fa:81:ac:32:d4:54:
         eb:64:72:2c:46:94:b8:70:6b:99:57:ab:1e:1d:b8:a2:4b:d2:
         f5:b1:4b:6f:ed:5f:48:79:ba:53:03:7f:fc:b1:c9:01:40:d9:
         c7:0f:88:8a:f6:47:4b:49:e4:e3:fb:be:6f:a2:cc:14:5c:88:
         bd:b9:db:dc:3d:30:a8:04:04:87:8e:a3:4e:0f:e5:05:5f:aa:
         0d:69:31:c8:a6:c9:2f:29:a8:5f:dc:5e:0d:ce:91:17:39:e1:
         5a:13:c1:37:c8:c0:50:51:58:fc:19:05:f6:51:68:99:44:5c:
         a9:ae:51:46:56:e6:8c:27:29:9f:3b:27:4b:d0:57:f5:46:a6:
         30:a4:ce:b5:ee:71:2f:ec:55:6f:89:d2:f1:1b:0b:6e:36:42:
         18:28:52:ee:71:94:35:c4:ac:77:7e:c4:fb:ad:68:7b:8e:f7:
         26:66:c6:fb:fd:57:43:63:9a:ca:dc:22:1c:d4:c3:5c:24:f0:
         39:6b:fe:6d:e6:92:11:ca:3b:60:83:5a:2c:f2:fd:fd:59:a1:
         38:d7:f2:33:bd:11:de:f9:88:a4:5d:45:21:72:7f:27:4c:49:
         44:74:83:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5lne0VOGC90/m67cfeWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ1YmZhMGJmYjdmZWI0Zjc0YTRkMDgxYWE4YWUwZjM2N2NiN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcnt4IaaKs4Zl5vZtKVK2V2v4/7M
aHQh8W2aBe/Drt97NnptKGitSSf6RkLGoxS2n/JzoIJIBK4AwJGg3C87DCTUMMuV
LVbc4+8yKxXBUVN0cf8kbYR7GGrn+oyVfpFqOWWmhI8+T/BKxrRNTlbJcDjyvjJN
eaYOEPh7OtiKn7L0HbRZJ5uCzVbmG2shkBXQryYvOPDvitsEcLJe/e5eHzybXVqV
ffk8WZ8Q5muOjQ9GFCHzJVWpDy9phW8PRfvuzAhe66MeV51bXi3V0WoqLRcHm4Zy
O/YqBLJt547t3Rhg5qJGINzD2wKfi3lnLGwk1Jr3VQcBVY04P4717vHF7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELVv6C/t/6090pNCBqorg82fLerMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvUXRXX29MLTNfclQzU2swSUdxaXVEelo4dDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1VuwMA0G
CSqGSIb3DQEBCwUAA4IBAQAW9v2UzgHUWL88xyUcUJRcE11+BXBgk7KflAUc3zP6
gawy1FTrZHIsRpS4cGuZV6seHbiiS9L1sUtv7V9IebpTA3/8sckBQNnHD4iK9kdL
SeTj+75voswUXIi9udvcPTCoBASHjqNOD+UFX6oNaTHIpskvKahf3F4NzpEXOeFa
E8E3yMBQUVj8GQX2UWiZRFyprlFGVuaMJymfOydL0Ff1RqYwpM617nEv7FVvidLx
GwtuNkIYKFLucZQ1xKx3fsT7rWh7jvcmZsb7/VdDY5rK3CIc1MNcJPA5a/5t5pIR
yjtgg1os8v39WaE41/IzvRHe+YikXUUhcn8nTElEdINW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org