Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sqsV-jqhNt4cQGZRNvF79QA56PE.roa
File:                     sqsV-jqhNt4cQGZRNvF79QA56PE.roa (raw, json)
Hash identifier:          v4EqLPuhMEVNGtvctqYrn8mLQw/VOGokr2LS3EqEmH4=
Subject key identifier:   B2:AB:15:FA:3A:A1:36:DE:1C:40:66:51:36:F1:7B:F5:00:39:E8:F1
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018E2DD740E96E55DE254809F51D81354BEE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sqsV-jqhNt4cQGZRNvF79QA56PE.roa
Signing time:             Mon 11 Mar 2024 14:07:45 +0000
ROA not before:           Mon 11 Mar 2024 14:07:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215987
IP address blocks:        141.98.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Jun 2024 06:18:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:2d:d7:40:e9:6e:55:de:25:48:09:f5:1d:81:35:4b:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Mar 11 14:07:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b2ab15fa3aa136de1c40665136f17bf50039e8f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6b:dd:87:76:12:e4:0d:69:55:bf:f9:ec:f6:
                    e5:e8:c4:32:3d:32:21:25:9f:68:7b:9f:12:da:63:
                    bd:51:cc:db:3a:bc:e5:4b:c0:ab:fe:77:2d:18:d0:
                    cf:d4:db:57:de:2f:50:2e:db:21:37:c9:b4:d9:9b:
                    ec:71:15:28:0c:2e:67:a8:f5:d7:36:cf:56:07:14:
                    c4:c4:0f:7e:09:06:ac:03:7e:c8:74:a1:d3:ec:9d:
                    b6:2a:41:b1:97:1f:3d:39:5a:c7:83:d3:b4:ae:94:
                    c0:a7:4e:92:d6:a7:f0:6c:52:e7:c7:09:91:b9:87:
                    dd:2a:07:1d:eb:0f:d5:13:61:2d:6b:a3:f3:b5:38:
                    40:37:5d:e5:87:6a:27:ba:c1:e1:2c:51:4f:d5:f3:
                    84:2c:99:f2:d5:c2:4e:60:ee:2f:cd:ca:31:1d:d0:
                    ab:45:56:48:ce:6e:81:ce:14:da:92:14:32:7b:36:
                    71:52:b8:f8:c6:85:79:ea:db:e8:a5:4b:73:1d:80:
                    36:f7:99:21:92:29:23:d1:c4:5b:e3:9f:b9:fe:b7:
                    86:e1:db:70:cd:93:7e:c3:3e:55:37:cc:f2:9e:a7:
                    b1:72:c2:8d:3e:26:96:67:58:0b:b8:1e:e2:0e:ec:
                    f5:c5:c2:e1:63:62:5b:19:98:38:a6:d9:a8:18:63:
                    83:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:AB:15:FA:3A:A1:36:DE:1C:40:66:51:36:F1:7B:F5:00:39:E8:F1
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sqsV-jqhNt4cQGZRNvF79QA56PE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:a0:65:e7:70:bd:63:f3:a6:72:49:97:6c:a2:8d:9c:d5:cc:
         76:3b:28:52:04:4b:90:4d:ea:26:6e:c8:7e:91:11:92:5b:79:
         a0:46:dc:9b:93:63:b5:c3:1f:63:da:0b:58:14:dc:de:32:00:
         83:97:ea:6d:43:40:8f:f7:f1:b4:0f:2b:c3:9f:72:c3:75:e9:
         f5:ed:07:e3:50:dc:9c:15:17:ee:1a:e0:af:bf:02:85:0d:c8:
         b7:92:4f:26:cb:0c:3a:ed:49:27:fa:54:15:31:86:4f:f8:e4:
         28:7b:20:c5:63:aa:e7:8c:ec:a2:23:9f:00:42:01:62:c7:0f:
         24:da:75:8f:e0:3f:f2:c6:d2:45:99:31:f4:fc:0c:a1:20:90:
         48:8f:cc:b6:9e:55:d1:9a:1d:ba:57:15:ac:76:fa:0e:2e:15:
         41:35:29:db:b7:46:32:e5:67:af:42:70:6d:cb:b3:e2:4e:ae:
         88:c4:fa:37:41:c3:72:29:f5:9a:17:62:25:dd:01:7b:a4:c9:
         6f:33:42:f5:de:c8:4b:65:bf:63:0b:fe:2c:14:e8:c7:5e:3a:
         a3:26:aa:3e:34:3d:cf:c0:d3:ae:47:30:e9:21:48:67:51:39:
         a6:49:9e:07:8f:ea:55:56:7d:83:7e:e1:14:ff:db:36:4d:cd:
         1b:96:c9:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4t10DpblXeJUgJ9R2BNUvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzExMTQwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmFiMTVmYTNhYTEzNmRlMWM0MDY2NTEzNmYxN2JmNTAwMzllOGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2vdh3YS5A1pVb/57Pbl6MQyPTIh
JZ9oe58S2mO9UczbOrzlS8Cr/nctGNDP1NtX3i9QLtshN8m02ZvscRUoDC5nqPXX
Ns9WBxTExA9+CQasA37IdKHT7J22KkGxlx89OVrHg9O0rpTAp06S1qfwbFLnxwmR
uYfdKgcd6w/VE2Eta6PztThAN13lh2onusHhLFFP1fOELJny1cJOYO4vzcoxHdCr
RVZIzm6BzhTakhQyezZxUrj4xoV56tvopUtzHYA295khkikj0cRb45+5/reG4dtw
zZN+wz5VN8zynqexcsKNPiaWZ1gLuB7iDuz1xcLhY2JbGZg4ptmoGGOD7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKrFfo6oTbeHEBmUTbxe/UAOejxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc3FzVi1qcWhOdDRjUUdaUk52Rjc5UUE1NlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWIHMA0G
CSqGSIb3DQEBCwUAA4IBAQCDoGXncL1j86ZySZdsoo2c1cx2OyhSBEuQTeombsh+
kRGSW3mgRtybk2O1wx9j2gtYFNzeMgCDl+ptQ0CP9/G0DyvDn3LDden17QfjUNyc
FRfuGuCvvwKFDci3kk8myww67Ukn+lQVMYZP+OQoeyDFY6rnjOyiI58AQgFixw8k
2nWP4D/yxtJFmTH0/AyhIJBIj8y2nlXRmh26VxWsdvoOLhVBNSnbt0Yy5WevQnBt
y7PiTq6IxPo3QcNyKfWaF2Il3QF7pMlvM0L13shLZb9jC/4sFOjHXjqjJqo+ND3P
wNOuRzDpIUhnUTmmSZ4Hj+pVVn2DfuEU/9s2Tc0blslk
-----END CERTIFICATE-----
Generated at Thu Jun 20 09:13:20 2024 by rpki-client on console-ams.rpki-client.org