Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/877e6c-325a-47ea-aa56-1096bfd6bf6d/1/Qtn8WWQjvEwRLC5vpglPp7svPg0.roa
File:                     Qtn8WWQjvEwRLC5vpglPp7svPg0.roa (raw, json)
Hash identifier:          YuQ2HbvQs4u15ZTS6dUs9bRq/J4r44T9moSt1ra8Nt0=
Subject key identifier:   42:D9:FC:59:64:23:BC:4C:11:2C:2E:6F:A6:09:4F:A7:BB:2F:3E:0D
Certificate issuer:       /CN=1246f23a048763aa3ad0aede5a489ab8fcd26384
Certificate serial:       01856C6F2C0C475FED88035B7C5D70DE774D
Authority key identifier: 12:46:F2:3A:04:87:63:AA:3A:D0:AE:DE:5A:48:9A:B8:FC:D2:63:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EkbyOgSHY6o60K7eWkiauPzSY4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/877e6c-325a-47ea-aa56-1096bfd6bf6d/1/Qtn8WWQjvEwRLC5vpglPp7svPg0.roa
Signing time:             Sun 01 Jan 2023 08:25:03 +0000
ROA not before:           Sun 01 Jan 2023 08:25:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207553
IP address blocks:        194.9.191.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6f:2c:0c:47:5f:ed:88:03:5b:7c:5d:70:de:77:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1246f23a048763aa3ad0aede5a489ab8fcd26384
        Validity
            Not Before: Jan  1 08:25:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42d9fc596423bc4c112c2e6fa6094fa7bb2f3e0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:a4:4b:a0:17:86:ab:d4:b2:ba:ae:4f:61:68:
                    d8:78:55:1c:0d:2a:a4:cf:01:9c:e8:7a:57:98:a4:
                    de:d4:00:7e:dd:7c:ac:37:a7:01:c8:14:49:fa:e2:
                    76:18:23:7e:64:88:ba:d5:43:4d:47:a5:14:e0:b7:
                    bf:75:1f:17:05:b0:35:95:23:6e:cf:bd:e2:e8:ca:
                    a4:40:06:6f:30:81:30:92:fd:8d:1c:c6:fa:e0:54:
                    a1:c8:80:65:34:1b:f8:0e:5e:ac:13:12:3a:50:e1:
                    0d:a5:5a:0d:19:08:df:0c:6b:7e:7d:b6:78:af:b7:
                    15:70:06:1d:f3:e1:85:e8:75:e6:ef:ff:f3:1e:8e:
                    02:98:90:cd:1a:ef:76:da:52:e8:e2:98:88:ab:48:
                    dd:c4:7f:a1:c7:96:52:ab:dc:79:72:c3:a9:9c:ce:
                    06:34:f0:82:b1:2a:3f:e5:5a:28:b1:a7:e5:7f:82:
                    65:b2:b4:d6:7d:1f:3c:04:da:f4:45:0b:a1:34:e0:
                    b1:55:24:b9:59:84:ac:db:20:ae:a7:b4:c1:41:03:
                    95:b0:06:5c:02:56:9d:f9:3b:0a:6d:1d:52:fc:46:
                    e3:93:12:4c:4d:47:3e:bf:3c:22:b5:f1:68:cd:22:
                    bf:9d:fa:c4:b9:61:ad:9d:4b:bb:61:cc:0e:6a:ed:
                    26:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:D9:FC:59:64:23:BC:4C:11:2C:2E:6F:A6:09:4F:A7:BB:2F:3E:0D
            X509v3 Authority Key Identifier:
                keyid:12:46:F2:3A:04:87:63:AA:3A:D0:AE:DE:5A:48:9A:B8:FC:D2:63:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EkbyOgSHY6o60K7eWkiauPzSY4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/877e6c-325a-47ea-aa56-1096bfd6bf6d/1/Qtn8WWQjvEwRLC5vpglPp7svPg0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/877e6c-325a-47ea-aa56-1096bfd6bf6d/1/EkbyOgSHY6o60K7eWkiauPzSY4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.9.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:6d:6f:9f:2c:4b:74:4b:11:aa:8f:5c:e6:ae:75:a8:35:d7:
         97:09:09:63:11:e0:31:e0:6c:11:fc:cd:ea:0c:0e:e4:2e:2d:
         93:97:91:11:c2:a2:be:a0:34:75:25:6e:8a:82:d7:d0:65:74:
         7e:c1:89:9f:55:5c:b8:7e:57:88:76:8b:75:f8:b3:43:4a:5e:
         d3:bf:c9:b0:d3:60:31:8c:fc:b5:5d:bd:70:ba:00:65:1c:20:
         fe:50:52:81:0d:f4:61:3d:fa:ce:9e:09:37:5c:98:87:4c:9d:
         ae:c6:3a:d2:cd:6b:73:b1:d9:35:12:4d:41:f9:92:65:e5:74:
         9e:87:f7:47:3d:86:99:0b:d7:6d:81:47:7e:0d:7b:e6:78:83:
         e1:13:d4:a8:c7:0a:4a:a0:6e:de:fa:1c:42:5c:41:ec:f9:8c:
         fd:2a:27:e8:41:3d:bb:8b:24:8b:4a:09:0e:b8:c4:cb:54:99:
         48:22:ab:5f:59:8c:a1:1f:b6:49:88:29:ac:35:cf:b3:2f:b1:
         c6:3a:10:3a:6b:2a:4d:fa:38:d2:b5:09:17:6e:3c:cd:0e:fa:
         e2:b6:1b:b2:7c:69:18:fa:e3:e2:f6:b8:92:f5:23:2f:f5:fc:
         e6:39:51:36:3c:90:a1:95:26:3a:ed:92:3f:e7:8a:f8:ba:5b:
         be:02:e0:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbywMR1/tiANbfF1w3ndNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNDZmMjNhMDQ4NzYzYWEzYWQwYWVkZTVhNDg5YWI4ZmNk
MjYzODQwHhcNMjMwMTAxMDgyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ5ZmM1OTY0MjNiYzRjMTEyYzJlNmZhNjA5NGZhN2JiMmYzZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaRLoBeGq9Syuq5PYWjYeFUcDSqk
zwGc6HpXmKTe1AB+3XysN6cByBRJ+uJ2GCN+ZIi61UNNR6UU4Le/dR8XBbA1lSNu
z73i6MqkQAZvMIEwkv2NHMb64FShyIBlNBv4Dl6sExI6UOENpVoNGQjfDGt+fbZ4
r7cVcAYd8+GF6HXm7//zHo4CmJDNGu922lLo4piIq0jdxH+hx5ZSq9x5csOpnM4G
NPCCsSo/5Voosaflf4JlsrTWfR88BNr0RQuhNOCxVSS5WYSs2yCup7TBQQOVsAZc
Alad+TsKbR1S/EbjkxJMTUc+vzwitfFozSK/nfrEuWGtnUu7YcwOau0mCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELZ/FlkI7xMESwub6YJT6e7Lz4NMB8GA1UdIwQY
MBaAFBJG8joEh2OqOtCu3lpImrj80mOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWtieU9nU0hZNm82MEs3ZVdraWF1UHpTWTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84NzdlNmMtMzI1YS00N2VhLWFhNTYt
MTA5NmJmZDZiZjZkLzEvUXRuOFdXUWp2RXdSTEM1dnBnbFBwN3N2UGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84NzdlNmMtMzI1YS00N2VhLWFhNTYtMTA5NmJmZDZiZjZk
LzEvRWtieU9nU0hZNm82MEs3ZVdraWF1UHpTWTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgm/MA0G
CSqGSIb3DQEBCwUAA4IBAQAFbW+fLEt0SxGqj1zmrnWoNdeXCQljEeAx4GwR/M3q
DA7kLi2Tl5ERwqK+oDR1JW6KgtfQZXR+wYmfVVy4fleIdot1+LNDSl7Tv8mw02Ax
jPy1Xb1wugBlHCD+UFKBDfRhPfrOngk3XJiHTJ2uxjrSzWtzsdk1Ek1B+ZJl5XSe
h/dHPYaZC9dtgUd+DXvmeIPhE9SoxwpKoG7e+hxCXEHs+Yz9KifoQT27iySLSgkO
uMTLVJlIIqtfWYyhH7ZJiCmsNc+zL7HGOhA6aypN+jjStQkXbjzNDvrithuyfGkY
+uPi9riS9SMv9fzmOVE2PJChlSY67ZI/54r4ulu+AuBk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:36 2024 by rpki-client on console-fra.rpki-client.org