Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/a311ea-31b3-4ba4-b533-410322c702ff/1/ZQ_27XaKTDkoSaPXN47HIYDf6yQ.roa
File:                     ZQ_27XaKTDkoSaPXN47HIYDf6yQ.roa (raw, json)
Hash identifier:          lL1Dn0Q+FpodHW/39jNrZpc3h/+npKho+HtwHlzztU0=
Subject key identifier:   65:0F:F6:ED:76:8A:4C:39:28:49:A3:D7:37:8E:C7:21:80:DF:EB:24
Certificate issuer:       /CN=41741c05d4ad7ed690e571ef5ed0f87522da47d7
Certificate serial:       01856EA67F746AF3A20FF1C153089A5D005A
Authority key identifier: 41:74:1C:05:D4:AD:7E:D6:90:E5:71:EF:5E:D0:F8:75:22:DA:47:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXQcBdStftaQ5XHvXtD4dSLaR9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/a311ea-31b3-4ba4-b533-410322c702ff/1/ZQ_27XaKTDkoSaPXN47HIYDf6yQ.roa
Signing time:             Sun 01 Jan 2023 18:44:43 +0000
ROA not before:           Sun 01 Jan 2023 18:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21500
IP address blocks:        91.211.12.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:7f:74:6a:f3:a2:0f:f1:c1:53:08:9a:5d:00:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41741c05d4ad7ed690e571ef5ed0f87522da47d7
        Validity
            Not Before: Jan  1 18:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=650ff6ed768a4c392849a3d7378ec72180dfeb24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f0:d4:32:e4:54:02:58:70:7f:4c:f0:f9:83:
                    38:9d:9e:bf:05:47:26:bb:17:11:83:ad:ee:cc:61:
                    6f:48:55:80:07:e9:c4:ba:3a:9c:44:69:b5:36:84:
                    44:ca:8f:a2:a6:f5:3a:7b:1e:2b:2f:36:bf:a7:bb:
                    86:2c:0b:dc:96:12:38:bf:0d:6e:10:6c:04:c1:36:
                    64:5a:43:cf:1d:c9:a2:41:5c:94:34:6d:61:92:3d:
                    a2:b9:6c:69:f3:21:cf:5f:5a:32:24:30:f4:6b:ba:
                    a0:8e:85:68:43:6b:82:4a:3f:f0:7e:4a:ce:23:b3:
                    63:b5:58:fa:14:7d:e2:88:03:23:88:4a:83:10:d1:
                    c1:26:8b:4e:ef:fc:e5:af:85:70:27:c7:be:20:76:
                    1d:05:29:07:84:c5:5f:c7:ae:02:09:e6:d6:b9:69:
                    a1:0b:f0:53:9a:cc:29:bc:84:00:1b:8b:db:60:51:
                    1d:a6:b8:b6:08:6d:56:54:23:34:b7:75:38:71:2f:
                    96:e0:14:61:9e:70:68:e3:28:67:3e:f0:44:6a:2b:
                    50:c8:15:70:b9:ed:6f:2d:04:07:8e:c9:c6:28:a6:
                    46:ef:c3:f5:3b:7c:db:8c:33:8f:d4:99:37:3c:93:
                    3e:86:7d:f3:dd:49:2c:94:c8:e1:d5:f9:bf:ca:25:
                    45:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:0F:F6:ED:76:8A:4C:39:28:49:A3:D7:37:8E:C7:21:80:DF:EB:24
            X509v3 Authority Key Identifier:
                keyid:41:74:1C:05:D4:AD:7E:D6:90:E5:71:EF:5E:D0:F8:75:22:DA:47:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXQcBdStftaQ5XHvXtD4dSLaR9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a311ea-31b3-4ba4-b533-410322c702ff/1/ZQ_27XaKTDkoSaPXN47HIYDf6yQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a311ea-31b3-4ba4-b533-410322c702ff/1/QXQcBdStftaQ5XHvXtD4dSLaR9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.211.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:8d:3b:5d:b9:17:77:93:ae:47:8f:5d:ec:4d:15:d7:71:22:
         6f:b0:e8:ed:26:5e:21:58:1c:b0:39:75:7a:ea:a4:c8:a7:4b:
         5b:3e:b7:65:bd:93:cc:e1:41:10:8c:2a:5b:62:96:37:9e:34:
         ec:6e:0c:87:02:9b:9a:73:c5:37:a1:37:9e:85:9d:7b:4d:8a:
         38:60:4a:ea:f4:52:a0:8d:e8:f0:b0:01:45:ee:ed:fc:26:82:
         6e:53:93:57:9d:f5:b4:e4:c0:6a:a1:31:b0:17:62:b1:81:98:
         30:7f:b9:e7:1a:81:f3:de:e4:d7:74:88:99:12:6d:f4:ea:68:
         90:33:06:11:75:86:d9:69:8f:23:8d:a5:63:5c:97:22:bc:20:
         5f:4d:db:0b:36:9b:6b:0f:19:83:3c:00:4e:cc:38:e9:09:b9:
         56:a8:fd:5f:36:32:6c:d9:36:13:b9:e7:f9:50:7e:58:71:b7:
         9a:d2:95:cb:95:73:39:10:12:00:9c:6b:ea:9b:1c:ec:3c:14:
         c5:74:ee:5f:c8:92:cd:2d:85:42:fe:d6:03:f1:09:f5:b7:c3:
         9c:ee:63:08:63:0b:33:17:15:ee:91:44:cd:ca:99:80:ab:86:
         26:3b:7c:d6:59:99:ff:c4:26:de:97:d3:d8:f0:74:36:2c:a6:
         de:0f:51:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupn90avOiD/HBUwiaXQBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzQxYzA1ZDRhZDdlZDY5MGU1NzFlZjVlZDBmODc1MjJk
YTQ3ZDcwHhcNMjMwMTAxMTg0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTBmZjZlZDc2OGE0YzM5Mjg0OWEzZDczNzhlYzcyMTgwZGZlYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPDUMuRUAlhwf0zw+YM4nZ6/BUcm
uxcRg63uzGFvSFWAB+nEujqcRGm1NoREyo+ipvU6ex4rLza/p7uGLAvclhI4vw1u
EGwEwTZkWkPPHcmiQVyUNG1hkj2iuWxp8yHPX1oyJDD0a7qgjoVoQ2uCSj/wfkrO
I7NjtVj6FH3iiAMjiEqDENHBJotO7/zlr4VwJ8e+IHYdBSkHhMVfx64CCebWuWmh
C/BTmswpvIQAG4vbYFEdpri2CG1WVCM0t3U4cS+W4BRhnnBo4yhnPvBEaitQyBVw
ue1vLQQHjsnGKKZG78P1O3zbjDOP1Jk3PJM+hn3z3UkslMjh1fm/yiVFTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUP9u12ikw5KEmj1zeOxyGA3+skMB8GA1UdIwQY
MBaAFEF0HAXUrX7WkOVx717Q+HUi2kfXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhRY0JkU3RmdGFRNVhIdlh0RDRkU0xhUjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9hMzExZWEtMzFiMy00YmE0LWI1MzMt
NDEwMzIyYzcwMmZmLzEvWlFfMjdYYUtURGtvU2FQWE40N0hJWURmNnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9hMzExZWEtMzFiMy00YmE0LWI1MzMtNDEwMzIyYzcwMmZm
LzEvUVhRY0JkU3RmdGFRNVhIdlh0RDRkU0xhUjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9MMMA0G
CSqGSIb3DQEBCwUAA4IBAQBKjTtduRd3k65Hj13sTRXXcSJvsOjtJl4hWBywOXV6
6qTIp0tbPrdlvZPM4UEQjCpbYpY3njTsbgyHApuac8U3oTeehZ17TYo4YErq9FKg
jejwsAFF7u38JoJuU5NXnfW05MBqoTGwF2KxgZgwf7nnGoHz3uTXdIiZEm306miQ
MwYRdYbZaY8jjaVjXJcivCBfTdsLNptrDxmDPABOzDjpCblWqP1fNjJs2TYTuef5
UH5Ycbea0pXLlXM5EBIAnGvqmxzsPBTFdO5fyJLNLYVC/tYD8Qn1t8Oc7mMIYwsz
FxXukUTNypmAq4YmO3zWWZn/xCbel9PY8HQ2LKbeD1Fr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:33 2024 by rpki-client on console-ams.rpki-client.org