Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/2t_nAZiUqN8blEuuhfKViZ6Ziaw.roa
File:                     2t_nAZiUqN8blEuuhfKViZ6Ziaw.roa (raw, json)
Hash identifier:          67MyiU+xyBaPYsU/7Fuhvs5B4sUsh/gYmxCYhGGCyLo=
Subject key identifier:   DA:DF:E7:01:98:94:A8:DF:1B:94:4B:AE:85:F2:95:89:9E:99:89:AC
Certificate issuer:       /CN=167ac5231a0d7bc5824590a0b2f621ede984770c
Certificate serial:       01856F14B7B293A05E165B3FDB8F59E6BC14
Authority key identifier: 16:7A:C5:23:1A:0D:7B:C5:82:45:90:A0:B2:F6:21:ED:E9:84:77:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FnrFIxoNe8WCRZCgsvYh7emEdww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/2t_nAZiUqN8blEuuhfKViZ6Ziaw.roa
Signing time:             Sun 01 Jan 2023 20:45:06 +0000
ROA not before:           Sun 01 Jan 2023 20:45:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206289
IP address blocks:        91.217.191.0/24 maxlen: 25
                          185.189.251.0/24 maxlen: 24
                          185.189.250.0/23 maxlen: 23
                          185.189.248.0/24 maxlen: 24
                          185.189.248.0/22 maxlen: 22
                          185.189.248.0/23 maxlen: 23
                          185.189.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 16:59:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:b7:b2:93:a0:5e:16:5b:3f:db:8f:59:e6:bc:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=167ac5231a0d7bc5824590a0b2f621ede984770c
        Validity
            Not Before: Jan  1 20:45:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dadfe7019894a8df1b944bae85f295899e9989ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:fb:fe:af:02:01:91:ec:1a:88:fa:5b:e0:56:
                    9c:86:e0:6e:37:5d:c4:ad:fc:3b:fa:a6:6e:d9:db:
                    b2:4a:2c:20:6b:6e:eb:d2:bf:c7:2d:83:c8:a3:47:
                    ed:fe:e3:fd:14:5c:a0:f3:e6:3f:6f:17:04:d6:65:
                    ac:d2:85:06:a3:4d:9b:e9:99:ec:17:97:74:6e:be:
                    17:0b:19:2f:18:5e:7a:64:cf:f6:cf:25:c4:b7:11:
                    44:25:32:4c:ba:bd:5b:9a:0f:60:77:43:0e:fb:f8:
                    93:e6:07:5a:b3:99:00:16:0d:6f:4c:e0:9e:62:72:
                    65:c6:1a:de:4a:e7:88:f8:61:e3:81:ed:aa:02:a6:
                    57:cb:4f:49:35:0c:f0:d1:f2:93:e1:4b:11:f3:4b:
                    81:60:f8:01:a1:7d:44:d7:d6:f8:29:4a:cf:3b:f9:
                    b1:11:e0:c9:c7:34:bc:8f:8f:81:95:83:a9:57:c3:
                    ee:36:e3:69:80:b9:36:b9:42:c1:0f:b2:3c:a4:bd:
                    23:28:1c:c2:36:bc:80:0a:b1:bd:2f:f1:87:bf:be:
                    16:0c:23:49:38:3a:a3:47:8b:9b:fe:1c:d9:a9:02:
                    65:f3:1c:6f:b4:8c:37:cf:97:0b:6f:9d:d6:90:03:
                    20:92:31:ea:0a:6a:0f:9c:87:ca:2e:2e:bd:8e:ff:
                    d7:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:DF:E7:01:98:94:A8:DF:1B:94:4B:AE:85:F2:95:89:9E:99:89:AC
            X509v3 Authority Key Identifier:
                keyid:16:7A:C5:23:1A:0D:7B:C5:82:45:90:A0:B2:F6:21:ED:E9:84:77:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FnrFIxoNe8WCRZCgsvYh7emEdww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/2t_nAZiUqN8blEuuhfKViZ6Ziaw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/FnrFIxoNe8WCRZCgsvYh7emEdww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.191.0/24
                  185.189.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:40:c3:9d:b5:8f:65:e7:a6:24:7e:3c:1f:4f:7a:79:d1:0c:
         31:df:80:b6:4a:43:c9:0b:4e:a6:df:d2:c9:72:c8:e3:ca:9f:
         0d:e3:ac:5c:de:84:7e:21:cc:43:fb:3b:28:50:f0:69:b2:87:
         d1:b2:6d:7c:17:84:d2:f3:8e:f6:36:33:af:26:fb:47:4e:69:
         2e:1c:8b:36:f8:33:a7:1f:2f:8e:a4:92:1b:15:f3:f9:3a:21:
         b9:c4:f3:96:2d:73:f8:2a:43:07:f1:f2:b9:9b:c7:d6:a9:b2:
         05:3e:56:79:91:7a:2f:f1:1c:84:80:cb:5e:07:92:d2:ab:0b:
         b9:ca:99:9b:3a:c4:ca:29:68:34:62:e9:09:c6:a8:ba:ec:96:
         20:bb:b5:20:1a:ed:47:d7:68:7c:0f:83:52:79:ab:58:17:0b:
         61:2e:fc:61:cc:b1:88:12:53:bd:7c:aa:58:ea:f8:86:d5:01:
         7d:97:20:c9:f1:20:e8:d2:9f:a9:d4:4f:83:03:78:d1:83:b9:
         0d:2b:b8:8d:12:fe:f2:32:d5:c8:0f:2b:2c:fd:91:d9:03:81:
         ee:be:4b:59:a0:d3:aa:72:b9:d8:7b:23:49:c5:a3:98:15:ca:
         33:3e:6b:42:88:7e:b6:27:60:02:db:5e:93:06:a1:60:e5:96:
         17:e8:9d:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFLeyk6BeFls/249Z5rwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2N2FjNTIzMWEwZDdiYzU4MjQ1OTBhMGIyZjYyMWVkZTk4
NDc3MGMwHhcNMjMwMTAxMjA0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRmZTcwMTk4OTRhOGRmMWI5NDRiYWU4NWYyOTU4OTllOTk4OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPv+rwIBkewaiPpb4FachuBuN13E
rfw7+qZu2duySiwga27r0r/HLYPIo0ft/uP9FFyg8+Y/bxcE1mWs0oUGo02b6Zns
F5d0br4XCxkvGF56ZM/2zyXEtxFEJTJMur1bmg9gd0MO+/iT5gdas5kAFg1vTOCe
YnJlxhreSueI+GHjge2qAqZXy09JNQzw0fKT4UsR80uBYPgBoX1E19b4KUrPO/mx
EeDJxzS8j4+BlYOpV8PuNuNpgLk2uULBD7I8pL0jKBzCNryACrG9L/GHv74WDCNJ
ODqjR4ub/hzZqQJl8xxvtIw3z5cLb53WkAMgkjHqCmoPnIfKLi69jv/XgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNrf5wGYlKjfG5RLroXylYmemYmsMB8GA1UdIwQY
MBaAFBZ6xSMaDXvFgkWQoLL2Ie3phHcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5yRkl4b05lOFdDUlpDZ3N2WWg3ZW1FZHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82MTczOGUtMzk3Ny00OTVlLWJhMWEt
ODAzNWYyZGZjMWY0LzEvMnRfbkFaaVVxTjhibEV1dWhmS1ZpWjZaaWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82MTczOGUtMzk3Ny00OTVlLWJhMWEtODAzNWYyZGZjMWY0
LzEvRm5yRkl4b05lOFdDUlpDZ3N2WWg3ZW1FZHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9m/AwQC
ub34MA0GCSqGSIb3DQEBCwUAA4IBAQBNQMOdtY9l56YkfjwfT3p50Qwx34C2SkPJ
C06m39LJcsjjyp8N46xc3oR+IcxD+zsoUPBpsofRsm18F4TS8472NjOvJvtHTmku
HIs2+DOnHy+OpJIbFfP5OiG5xPOWLXP4KkMH8fK5m8fWqbIFPlZ5kXov8RyEgMte
B5LSqwu5ypmbOsTKKWg0YukJxqi67JYgu7UgGu1H12h8D4NSeatYFwthLvxhzLGI
ElO9fKpY6viG1QF9lyDJ8SDo0p+p1E+DA3jRg7kNK7iNEv7yMtXIDyss/ZHZA4Hu
vktZoNOqcrnYeyNJxaOYFcozPmtCiH62J2AC216TBqFg5ZYX6J2Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:48 2024 by rpki-client on console-fra.rpki-client.org