Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/w0qPso5YhvM57CoL4P37h3rJ35o.roa
File:                     w0qPso5YhvM57CoL4P37h3rJ35o.roa (raw, json)
Hash identifier:          aaXJJIFyhHBK91pX78hSaZz/MEVYdGmGCKjTPHM2kGI=
Subject key identifier:   C3:4A:8F:B2:8E:58:86:F3:39:EC:2A:0B:E0:FD:FB:87:7A:C9:DF:9A
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0185708CDF5937E84BDE3E66F6A92B27CE72
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/w0qPso5YhvM57CoL4P37h3rJ35o.roa
Signing time:             Mon 02 Jan 2023 03:35:58 +0000
ROA not before:           Mon 02 Jan 2023 03:35:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46450
IP address blocks:        91.186.196.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 12 Feb 2023 11:15:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:df:59:37:e8:4b:de:3e:66:f6:a9:2b:27:ce:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan  2 03:35:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c34a8fb28e5886f339ec2a0be0fdfb877ac9df9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:94:c9:87:3a:9a:bf:7b:d8:ae:7e:4f:5a:08:
                    52:3b:34:83:87:04:a3:b9:d5:3d:23:1b:ff:e3:54:
                    5a:54:9a:d5:2a:25:05:13:93:64:b7:e7:ee:d1:d9:
                    3a:05:5f:e9:68:66:7e:cf:48:db:a1:98:31:ae:f7:
                    a7:1c:5a:6d:0d:36:98:f1:4b:35:9b:fb:88:f0:b7:
                    2c:b5:df:1f:5c:88:5f:34:2f:8f:fc:8d:c1:5f:27:
                    4b:50:8f:02:5d:a1:20:f6:f7:f3:01:b6:23:b6:2f:
                    9d:a6:19:f6:0e:e0:90:56:7a:8b:ca:e7:30:e4:c7:
                    47:90:70:79:d7:0f:11:c7:dd:60:6b:2d:0a:0e:b0:
                    5f:ef:b4:cf:74:77:a4:f2:d0:25:9f:8c:67:e2:ee:
                    8c:d6:90:f0:45:5d:8d:4f:b0:27:ee:64:1e:b0:49:
                    83:36:42:77:cf:e5:61:46:af:28:e5:57:23:79:12:
                    67:74:9c:78:d2:0e:c7:fc:04:50:06:90:a7:af:d0:
                    d4:ad:65:37:e6:a6:8b:42:e9:5e:da:f2:74:68:4b:
                    60:f8:88:52:16:bb:2a:63:44:a7:5b:65:e0:9e:74:
                    bd:51:98:fd:33:f1:44:82:bb:68:82:eb:cb:77:2d:
                    70:f6:92:a2:23:5a:39:fe:43:fd:21:c3:e2:70:62:
                    37:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:4A:8F:B2:8E:58:86:F3:39:EC:2A:0B:E0:FD:FB:87:7A:C9:DF:9A
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/w0qPso5YhvM57CoL4P37h3rJ35o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.186.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         85:61:2c:e0:31:23:25:97:0a:84:c5:c6:07:95:9e:cd:1a:a2:
         35:c0:14:1c:33:26:de:3f:0c:8e:ad:63:1f:6f:1f:f5:55:fa:
         38:00:1c:77:f7:c2:1b:fa:f6:55:9e:d3:aa:b2:bc:5b:30:4d:
         2e:54:ad:de:6e:0f:d0:14:f1:5b:fc:0c:6a:4e:fc:bf:a3:7d:
         5f:60:7c:57:97:24:e8:8f:5d:e6:ba:55:82:e7:38:6d:03:ee:
         c3:f5:cf:c1:bb:f9:95:0f:ba:af:93:28:d9:56:c2:1e:b7:bc:
         d6:4a:40:d9:67:cd:86:a9:27:8c:66:a3:47:ca:34:49:73:b5:
         bc:77:8b:3d:7c:48:a5:4b:c0:f0:16:d0:41:ce:29:d3:31:a3:
         df:66:5c:36:d8:35:44:b5:b8:00:59:7b:03:26:87:1c:1b:d6:
         c3:93:ca:92:57:c4:05:4f:70:ee:f2:5b:58:5b:f3:e7:b7:f7:
         43:b8:5e:b7:cf:e1:5e:36:ae:9a:30:12:1a:cb:e7:f9:d4:5c:
         d5:03:21:43:97:b7:ba:57:64:f9:c1:59:8f:f9:62:79:2f:fb:
         d7:30:21:36:0a:cb:bf:52:db:3f:48:da:fe:a5:61:13:0a:d9:
         d3:6f:df:88:92:84:1f:18:79:6a:c7:5b:fe:e9:28:5d:26:c0:
         cc:3a:10:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjN9ZN+hL3j5m9qkrJ85yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTAyMDMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzRhOGZiMjhlNTg4NmYzMzllYzJhMGJlMGZkZmI4NzdhYzlkZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZTJhzqav3vYrn5PWghSOzSDhwSj
udU9Ixv/41RaVJrVKiUFE5Nkt+fu0dk6BV/paGZ+z0jboZgxrvenHFptDTaY8Us1
m/uI8Lcstd8fXIhfNC+P/I3BXydLUI8CXaEg9vfzAbYjti+dphn2DuCQVnqLyucw
5MdHkHB51w8Rx91gay0KDrBf77TPdHek8tAln4xn4u6M1pDwRV2NT7An7mQesEmD
NkJ3z+VhRq8o5VcjeRJndJx40g7H/ARQBpCnr9DUrWU35qaLQule2vJ0aEtg+IhS
FrsqY0SnW2XgnnS9UZj9M/FEgrtoguvLdy1w9pKiI1o5/kP9IcPicGI3ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMNKj7KOWIbzOewqC+D9+4d6yd+aMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdzBxUHNvNVlodk01N0NvTDRQMzdoM3JKMzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7rEMA0G
CSqGSIb3DQEBCwUAA4IBAQCFYSzgMSMllwqExcYHlZ7NGqI1wBQcMybePwyOrWMf
bx/1Vfo4ABx398Ib+vZVntOqsrxbME0uVK3ebg/QFPFb/AxqTvy/o31fYHxXlyTo
j13mulWC5zhtA+7D9c/Bu/mVD7qvkyjZVsIet7zWSkDZZ82GqSeMZqNHyjRJc7W8
d4s9fEilS8DwFtBBzinTMaPfZlw22DVEtbgAWXsDJoccG9bDk8qSV8QFT3Du8ltY
W/Pnt/dDuF63z+FeNq6aMBIay+f51FzVAyFDl7e6V2T5wVmP+WJ5L/vXMCE2Csu/
Uts/SNr+pWETCtnTb9+IkoQfGHlqx1v+6ShdJsDMOhBC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org