Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qme4msN98-rNXiRFk-xCSjWQ_0M.roa
File:                     Qme4msN98-rNXiRFk-xCSjWQ_0M.roa (raw, json)
Hash identifier:          wO0jWDZZVkScDzy0GSSxsd7S8Uym3QXTnrFULSwKcIA=
Subject key identifier:   42:67:B8:9A:C3:7D:F3:EA:CD:5E:24:45:93:EC:42:4A:35:90:FF:43
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01865A4AB262FBF23327ABDA144D58E4537A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qme4msN98-rNXiRFk-xCSjWQ_0M.roa
Signing time:             Thu 16 Feb 2023 12:54:50 +0000
ROA not before:           Thu 16 Feb 2023 12:54:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200017
IP address blocks:        89.43.199.0/24 maxlen: 24
                          87.247.148.0/24 maxlen: 24
                          91.188.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Mar 2023 09:18:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5a:4a:b2:62:fb:f2:33:27:ab:da:14:4d:58:e4:53:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb 16 12:54:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4267b89ac37df3eacd5e244593ec424a3590ff43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:44:b5:21:db:10:ed:22:74:46:46:a5:0a:10:
                    22:88:96:ad:76:ac:8b:e9:e5:29:0d:5b:5c:4f:e4:
                    69:0a:2d:ac:3b:86:5f:0c:f1:a9:76:88:13:a7:62:
                    af:89:b9:2c:ac:a4:33:6b:9b:25:9b:d5:d9:31:87:
                    1a:b2:33:70:99:66:48:65:43:a1:40:c2:21:ec:13:
                    b1:43:05:00:ae:38:7e:6f:46:26:5f:8e:46:25:4f:
                    fe:e9:28:16:1f:ed:72:05:78:41:2d:4c:7c:43:bf:
                    c3:54:f7:ac:43:d0:61:34:d9:03:91:bc:52:38:ea:
                    2d:18:b5:b9:bb:45:f7:6e:a0:52:d5:4b:89:be:c7:
                    b7:d9:50:0d:30:80:8c:bb:bb:af:e9:d6:c7:18:70:
                    70:bf:1b:36:76:b4:eb:13:1f:91:b9:ff:2a:5e:4b:
                    4a:c9:bc:e1:c9:3b:df:78:a9:5f:1f:b5:f7:af:a2:
                    5b:d6:bf:e0:65:5c:32:0e:93:c2:7d:44:f5:79:eb:
                    41:4e:7d:6f:99:0f:75:9c:98:b7:b5:de:5a:59:45:
                    2c:45:72:52:c2:3c:ef:ca:ca:8f:b6:a1:39:91:0c:
                    81:2b:38:73:b3:65:ef:c7:f0:41:d7:43:89:2a:cd:
                    4e:9c:42:de:f6:70:5e:cb:8e:87:54:09:90:59:90:
                    8f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:67:B8:9A:C3:7D:F3:EA:CD:5E:24:45:93:EC:42:4A:35:90:FF:43
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qme4msN98-rNXiRFk-xCSjWQ_0M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.247.148.0/24
                  89.43.199.0/24
                  91.188.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:11:44:38:8d:f4:f4:a1:cb:bb:fe:12:75:03:cf:12:97:d4:
         7d:14:86:da:e0:65:79:fa:4a:7a:d0:26:c7:3e:5d:16:9c:72:
         0a:b6:38:1a:6f:a7:b1:3d:b3:3f:fe:21:f9:16:84:72:83:97:
         fb:47:0a:94:a0:6e:f9:b4:1d:98:24:0f:53:2e:f2:50:e7:3a:
         f4:5b:86:e1:9b:88:79:a7:ec:61:03:71:6a:b1:e6:63:4d:c8:
         f0:a7:21:3b:03:55:38:d8:c3:31:bd:ab:f9:db:dc:e9:a2:cf:
         63:fc:1b:29:cb:a6:d1:58:5f:c5:f8:95:8f:8d:60:9a:14:cc:
         b4:77:d4:af:28:0e:9c:71:7b:93:52:75:1a:c4:1b:e5:a8:68:
         8d:d8:e5:45:ab:aa:17:34:6d:a8:7a:01:97:5e:06:4b:cd:11:
         de:2a:23:98:70:22:11:9c:2a:d4:8f:7f:94:89:fb:bf:05:63:
         a6:6b:e7:21:a9:75:95:de:2c:b7:69:f7:ef:61:fd:f2:b7:9d:
         e9:a4:35:c7:ac:e3:c6:68:0e:de:22:d2:fc:4d:49:ca:b3:4d:
         4a:64:9f:29:10:9d:db:b3:10:a9:d1:22:af:0f:47:5a:29:17:
         95:a1:17:d1:f2:77:f2:7c:0a:98:33:f2:8c:80:31:e8:ed:ed:
         32:88:f1:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZaSrJi+/IzJ6vaFE1Y5FN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjE2MTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY3Yjg5YWMzN2RmM2VhY2Q1ZTI0NDU5M2VjNDI0YTM1OTBmZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkS1IdsQ7SJ0RkalChAiiJatdqyL
6eUpDVtcT+RpCi2sO4ZfDPGpdogTp2KvibksrKQza5slm9XZMYcasjNwmWZIZUOh
QMIh7BOxQwUArjh+b0YmX45GJU/+6SgWH+1yBXhBLUx8Q7/DVPesQ9BhNNkDkbxS
OOotGLW5u0X3bqBS1UuJvse32VANMICMu7uv6dbHGHBwvxs2drTrEx+Ruf8qXktK
ybzhyTvfeKlfH7X3r6Jb1r/gZVwyDpPCfUT1eetBTn1vmQ91nJi3td5aWUUsRXJS
wjzvysqPtqE5kQyBKzhzs2Xvx/BB10OJKs1OnELe9nBey46HVAmQWZCP/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEJnuJrDffPqzV4kRZPsQko1kP9DMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUW1lNG1zTjk4LXJOWGlSRmsteENTaldRXzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/eUAwQA
WSvHAwQAW7zOMA0GCSqGSIb3DQEBCwUAA4IBAQAcEUQ4jfT0ocu7/hJ1A88Sl9R9
FIba4GV5+kp60CbHPl0WnHIKtjgab6exPbM//iH5FoRyg5f7RwqUoG75tB2YJA9T
LvJQ5zr0W4bhm4h5p+xhA3FqseZjTcjwpyE7A1U42MMxvav529zpos9j/Bspy6bR
WF/F+JWPjWCaFMy0d9SvKA6ccXuTUnUaxBvlqGiN2OVFq6oXNG2oegGXXgZLzRHe
KiOYcCIRnCrUj3+Uifu/BWOma+chqXWV3iy3affvYf3yt53ppDXHrOPGaA7eItL8
TUnKs01KZJ8pEJ3bsxCp0SKvD0daKReVoRfR8nfyfAqYM/KMgDHo7e0yiPEW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org