Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qa07GYYddNK6ggZlX7UvvFmmLek.roa
File:                     qa07GYYddNK6ggZlX7UvvFmmLek.roa (raw, json)
Hash identifier:          MjuQ1V1ziYu974V03oQ7wa8kydxAQPzu9qkTaCia4Hc=
Subject key identifier:   A9:AD:3B:19:86:1D:74:D2:BA:82:06:65:5F:B5:2F:BC:59:A6:2D:E9
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018A36B0ED99F151ADDE5EA16F0533BC96DF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qa07GYYddNK6ggZlX7UvvFmmLek.roa
Signing time:             Sun 27 Aug 2023 11:11:19 +0000
ROA not before:           Sun 27 Aug 2023 11:11:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216415
IP address blocks:        91.132.56.0/24 maxlen: 24
                          46.249.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Oct 2023 05:40:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:36:b0:ed:99:f1:51:ad:de:5e:a1:6f:05:33:bc:96:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Aug 27 11:11:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a9ad3b19861d74d2ba8206655fb52fbc59a62de9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:22:ec:28:21:c5:11:37:57:d9:ab:6b:83:b5:
                    84:5b:db:f8:30:0e:c0:20:9a:09:62:11:b7:48:01:
                    8a:56:ca:ab:88:59:cb:cb:17:45:fa:f6:1a:e9:ae:
                    8f:c2:9d:24:b9:d6:be:02:ed:99:a9:41:e0:11:5e:
                    84:a7:e9:c0:bc:f0:05:33:4d:49:0f:bb:16:9b:ad:
                    cb:6b:d6:2c:84:40:17:22:96:e2:f4:47:58:96:1f:
                    3c:45:e9:83:18:95:ab:6f:a7:26:e9:74:4e:6a:4f:
                    b6:f6:a1:66:a0:49:42:09:6e:57:e8:63:c8:19:44:
                    b2:10:f9:e3:35:b6:ce:43:3d:92:4b:31:de:b0:07:
                    a4:2e:a5:42:e6:02:99:01:0b:9f:4b:e4:e1:3c:db:
                    08:18:01:d7:90:5d:58:9d:90:29:f8:fe:9e:97:cc:
                    c2:5c:5c:0a:e6:3f:0f:96:fa:57:c3:69:3f:5c:de:
                    b1:88:b2:99:7e:0e:c9:8a:2b:ce:c0:e8:0b:45:0e:
                    ee:84:ca:11:f9:00:84:89:55:e1:76:0d:e1:26:6e:
                    45:1a:f7:90:fb:78:49:ad:dd:cb:14:b9:93:e0:09:
                    d8:2d:3d:1a:83:16:1e:40:ab:8a:06:7f:d6:80:c6:
                    ec:4a:3a:da:e7:69:3e:c4:ba:64:9a:f0:3c:13:b8:
                    88:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:AD:3B:19:86:1D:74:D2:BA:82:06:65:5F:B5:2F:BC:59:A6:2D:E9
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qa07GYYddNK6ggZlX7UvvFmmLek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.249.99.0/24
                  91.132.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:03:41:94:ae:85:99:d2:42:75:d7:bc:60:07:f5:05:3d:3d:
         d1:a0:81:4a:96:36:54:77:ec:64:ce:29:32:d9:94:5d:c8:04:
         8f:e3:6a:9f:08:12:92:f4:0a:6e:f0:88:9e:09:25:01:e7:85:
         87:de:1f:db:f1:fe:c0:4f:fc:8e:a8:e5:bf:17:53:25:ac:92:
         0d:b7:39:a3:3d:85:25:6b:e6:91:7e:f8:6a:ef:83:b8:59:45:
         e8:8d:1e:34:0e:5e:9f:4c:2c:10:ca:df:7e:e5:57:a7:67:0a:
         1e:2c:22:a6:93:dd:f3:c4:ee:c2:d1:da:37:7b:1b:b8:8c:45:
         dc:78:26:9a:b5:38:60:b2:94:84:5b:4d:a0:f9:c6:ff:03:40:
         3c:83:04:2e:d6:f8:b4:35:0e:8d:4e:22:79:e5:d8:05:70:3c:
         6b:d7:4b:1c:f3:3c:10:b7:7b:49:ee:93:94:9d:74:96:c4:dc:
         4b:b0:47:0e:ad:c0:4c:9b:c9:70:dd:5b:8a:3b:58:95:b6:8b:
         5f:22:82:5d:64:4b:5a:61:84:d9:63:93:3b:13:b5:be:49:e4:
         c4:c1:c4:16:2b:e4:ba:f5:13:b1:bf:c7:52:ce:96:f6:ce:bf:
         a6:d0:21:bb:ec:65:ae:74:b7:5c:98:a0:eb:e9:f1:ac:23:77:
         df:dd:33:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYo2sO2Z8VGt3l6hbwUzvJbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODI3MTExMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFkM2IxOTg2MWQ3NGQyYmE4MjA2NjU1ZmI1MmZiYzU5YTYyZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCLsKCHFETdX2atrg7WEW9v4MA7A
IJoJYhG3SAGKVsqriFnLyxdF+vYa6a6Pwp0kuda+Au2ZqUHgEV6Ep+nAvPAFM01J
D7sWm63La9YshEAXIpbi9EdYlh88RemDGJWrb6cm6XROak+29qFmoElCCW5X6GPI
GUSyEPnjNbbOQz2SSzHesAekLqVC5gKZAQufS+ThPNsIGAHXkF1YnZAp+P6el8zC
XFwK5j8PlvpXw2k/XN6xiLKZfg7JiivOwOgLRQ7uhMoR+QCEiVXhdg3hJm5FGveQ
+3hJrd3LFLmT4AnYLT0agxYeQKuKBn/WgMbsSjra52k+xLpkmvA8E7iIxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKmtOxmGHXTSuoIGZV+1L7xZpi3pMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcWEwN0dZWWRkTks2Z2dabFg3VXZ2Rm1tTGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALvljAwQA
W4Q4MA0GCSqGSIb3DQEBCwUAA4IBAQBkA0GUroWZ0kJ117xgB/UFPT3RoIFKljZU
d+xkziky2ZRdyASP42qfCBKS9Apu8IieCSUB54WH3h/b8f7AT/yOqOW/F1MlrJIN
tzmjPYUla+aRfvhq74O4WUXojR40Dl6fTCwQyt9+5VenZwoeLCKmk93zxO7C0do3
exu4jEXceCaatThgspSEW02g+cb/A0A8gwQu1vi0NQ6NTiJ55dgFcDxr10sc8zwQ
t3tJ7pOUnXSWxNxLsEcOrcBMm8lw3VuKO1iVtotfIoJdZEtaYYTZY5M7E7W+SeTE
wcQWK+S69ROxv8dSzpb2zr+m0CG77GWudLdcmKDr6fGsI3ff3TNN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org