Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PQH1A1PISDLb_n7swNCFw1gyfag.roa
File:                     PQH1A1PISDLb_n7swNCFw1gyfag.roa (raw, json)
Hash identifier:          cmq7JRGznDPTHPa7EAVrZ5rpMRfYN8sQjnm0pySwnJY=
Subject key identifier:   3D:01:F5:03:53:C8:48:32:DB:FE:7E:EC:C0:D0:85:C3:58:32:7D:A8
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018B5B608D712BACCC46497E47FD85AF2ED1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PQH1A1PISDLb_n7swNCFw1gyfag.roa
Signing time:             Mon 23 Oct 2023 07:12:16 +0000
ROA not before:           Mon 23 Oct 2023 07:12:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213200
IP address blocks:        94.156.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Nov 2023 10:35:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5b:60:8d:71:2b:ac:cc:46:49:7e:47:fd:85:af:2e:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Oct 23 07:12:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d01f50353c84832dbfe7eecc0d085c358327da8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b3:7a:23:9c:27:13:56:1d:74:d7:8e:e1:7f:
                    f1:27:a5:16:d6:89:c2:af:af:df:29:c4:51:15:02:
                    8f:3c:d3:bc:78:db:1c:6c:bb:22:25:e2:f7:aa:b5:
                    f3:65:15:e6:26:3f:e3:4e:92:48:04:0c:f1:b6:28:
                    e3:dc:a4:c4:32:c7:a4:0a:3c:39:2b:57:51:03:fe:
                    3a:48:e4:60:06:75:b8:8c:08:d2:24:a1:39:3c:b5:
                    a5:7b:4b:c9:68:bb:a2:e2:85:3a:d1:af:92:c0:2e:
                    81:7b:80:43:f0:61:43:c0:1d:d2:c4:e7:a4:61:11:
                    38:5d:73:e0:02:fd:a0:65:15:5d:a4:aa:b7:0b:1b:
                    46:93:60:99:e7:33:23:16:9c:34:db:4f:6c:b7:25:
                    08:34:ed:f2:7d:74:69:9b:cc:6b:6e:30:71:06:c8:
                    a1:3c:77:b9:f2:6d:c2:bb:19:fb:0b:0e:33:69:ef:
                    50:1a:09:b6:2a:b0:4d:db:7c:ae:9f:d0:10:d9:a5:
                    ab:1c:8f:eb:92:da:08:1c:16:d5:34:ae:78:69:34:
                    7c:4a:b6:20:28:b7:bf:8a:10:e4:b1:bb:22:4a:47:
                    e0:6d:7e:71:0d:f8:43:f0:9d:55:fe:5d:0e:7c:6e:
                    74:97:a2:dd:92:41:9c:d1:9c:92:bf:1e:d8:6b:5c:
                    d5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:01:F5:03:53:C8:48:32:DB:FE:7E:EC:C0:D0:85:C3:58:32:7D:A8
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PQH1A1PISDLb_n7swNCFw1gyfag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.156.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:b3:2f:3b:bc:69:10:47:4a:b3:42:12:f1:88:00:41:4c:25:
         10:b8:08:8f:33:d3:66:0a:65:22:2e:e9:49:a8:8d:90:33:29:
         e6:ae:b2:75:59:b3:75:bb:52:4a:70:c4:52:01:d6:88:d0:09:
         9d:d9:10:de:9f:87:36:f4:7b:d7:40:64:7c:a8:fe:82:d3:bf:
         62:da:df:0c:46:a0:7a:e8:e0:35:cf:bf:e4:4d:17:31:17:71:
         6b:96:29:4b:36:2a:ac:1f:b0:5f:39:e0:4a:42:fc:4a:20:fc:
         6c:55:e6:8d:e9:de:9f:6f:43:cf:59:38:13:9a:c5:e1:5b:35:
         3e:b4:80:df:b6:58:79:f9:f6:14:37:38:4f:c0:dd:3f:86:a0:
         71:42:b6:1c:e4:3e:f7:0f:ad:8e:ff:b7:04:2a:fd:10:7c:dc:
         7c:53:bf:47:6a:f0:b6:e7:76:b4:d7:a0:6a:b4:66:3c:bf:3a:
         56:fd:b4:9c:6f:fd:5a:aa:6f:0a:2a:7e:1b:52:67:cf:2a:bf:
         35:57:36:bc:21:36:98:b0:db:87:3e:f6:1a:e8:80:e3:94:7a:
         05:b8:04:8f:fd:24:1a:02:86:a0:a0:fd:9c:92:1b:7c:11:13:
         c9:74:6b:65:93:2b:32:19:29:be:aa:fa:55:15:ae:46:01:b4:
         ff:d5:69:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtbYI1xK6zMRkl+R/2Fry7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDIzMDcxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDAxZjUwMzUzYzg0ODMyZGJmZTdlZWNjMGQwODVjMzU4MzI3ZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbN6I5wnE1YddNeO4X/xJ6UW1onC
r6/fKcRRFQKPPNO8eNscbLsiJeL3qrXzZRXmJj/jTpJIBAzxtijj3KTEMsekCjw5
K1dRA/46SORgBnW4jAjSJKE5PLWle0vJaLui4oU60a+SwC6Be4BD8GFDwB3SxOek
YRE4XXPgAv2gZRVdpKq3CxtGk2CZ5zMjFpw0209styUINO3yfXRpm8xrbjBxBsih
PHe58m3Cuxn7Cw4zae9QGgm2KrBN23yun9AQ2aWrHI/rktoIHBbVNK54aTR8SrYg
KLe/ihDksbsiSkfgbX5xDfhD8J1V/l0OfG50l6LdkkGc0ZySvx7Ya1zVzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0B9QNTyEgy2/5+7MDQhcNYMn2oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUFFIMUExUElTRExiX243c3dOQ0Z3MWd5ZmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpwIMA0G
CSqGSIb3DQEBCwUAA4IBAQBnsy87vGkQR0qzQhLxiABBTCUQuAiPM9NmCmUiLulJ
qI2QMynmrrJ1WbN1u1JKcMRSAdaI0Amd2RDen4c29HvXQGR8qP6C079i2t8MRqB6
6OA1z7/kTRcxF3FrlilLNiqsH7BfOeBKQvxKIPxsVeaN6d6fb0PPWTgTmsXhWzU+
tIDftlh5+fYUNzhPwN0/hqBxQrYc5D73D62O/7cEKv0QfNx8U79HavC253a016Bq
tGY8vzpW/bScb/1aqm8KKn4bUmfPKr81Vza8ITaYsNuHPvYa6IDjlHoFuASP/SQa
AoagoP2ckht8ERPJdGtlkysyGSm+qvpVFa5GAbT/1WnV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:06 2024 by rpki-client on console-fra.rpki-client.org