Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/qnAhv-bi3Cxe8jYROfo0EPUL1cE.roa
File:                     qnAhv-bi3Cxe8jYROfo0EPUL1cE.roa (raw, json)
Hash identifier:          8ihvhR6uoHfJs5VMnKBOle+yxN7vTDFOzTVaXwtzbnw=
Subject key identifier:   AA:70:21:BF:E6:E2:DC:2C:5E:F2:36:11:39:FA:34:10:F5:0B:D5:C1
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       01856FF97A99CC2B62655B35B5E9CD4007A2
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/qnAhv-bi3Cxe8jYROfo0EPUL1cE.roa
Signing time:             Mon 02 Jan 2023 00:54:58 +0000
ROA not before:           Mon 02 Jan 2023 00:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56539
IP address blocks:        78.83.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:7a:99:cc:2b:62:65:5b:35:b5:e9:cd:40:07:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Jan  2 00:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa7021bfe6e2dc2c5ef2361139fa3410f50bd5c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:83:38:f2:7f:91:e8:5a:b5:cd:16:c8:87:fa:
                    21:21:36:d3:36:89:9f:dc:74:6d:ae:33:f1:9e:8c:
                    35:ff:a9:e4:d2:87:89:ef:6d:63:3d:01:ca:95:6a:
                    6d:99:58:3f:29:30:8d:e9:ab:6a:9c:10:96:45:7f:
                    33:58:49:88:a0:b1:6b:d6:f1:a8:1a:d0:25:82:e0:
                    0f:6a:65:e4:02:19:0e:ee:77:ec:c6:22:e8:d5:52:
                    cd:3b:77:90:8b:a1:da:48:8c:8e:39:76:37:a7:30:
                    5b:6a:22:f1:8b:49:30:8a:a4:5f:00:3f:07:0b:f1:
                    9c:03:8e:06:06:48:ca:39:7e:e3:74:ca:d1:7f:71:
                    7c:37:70:65:74:65:a3:f9:8c:50:cf:c1:09:32:0e:
                    25:cd:18:45:f2:fe:c8:0d:9e:ba:df:a1:4e:32:92:
                    e9:05:9d:e1:78:eb:ba:39:8d:61:4c:e8:95:27:48:
                    02:1a:67:6b:63:e3:8a:92:51:f8:1d:d5:52:18:51:
                    4e:3d:2d:0b:c9:81:5d:71:be:b0:cc:7f:3e:fd:bc:
                    8a:36:3b:57:ea:78:5d:8e:d0:23:d9:df:59:f3:e5:
                    0d:30:ac:3a:f5:31:15:a5:59:e6:51:d4:90:b7:02:
                    cf:b6:31:14:98:79:6b:b2:21:1a:80:d3:e3:b0:9c:
                    3f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:70:21:BF:E6:E2:DC:2C:5E:F2:36:11:39:FA:34:10:F5:0B:D5:C1
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/qnAhv-bi3Cxe8jYROfo0EPUL1cE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.83.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:4d:2f:8b:ef:76:6a:74:2b:83:cb:78:32:a0:6a:4a:44:45:
         e1:c8:f2:66:ad:cf:a6:20:82:a1:a0:02:35:21:c7:86:1c:7e:
         bb:9f:90:4c:6f:3c:0b:bd:58:40:f6:81:42:38:0b:fe:80:15:
         11:d3:eb:79:b2:97:4f:c7:9d:fb:88:24:b9:83:93:e5:49:8f:
         c2:32:21:f3:b1:f8:98:07:2f:f5:fe:86:5b:46:64:e7:f6:4e:
         28:20:b0:f3:9b:60:71:ca:d3:12:9f:0e:4d:49:fe:61:bf:e9:
         be:1f:14:d7:67:4d:5a:df:88:1c:b3:fc:0d:51:5f:4e:05:f4:
         61:cb:36:bf:d0:5b:f1:83:5f:67:65:6f:0f:54:ea:01:2a:f7:
         5d:ea:49:e6:29:bd:05:e0:9b:94:25:8d:0c:d4:d0:61:c3:ff:
         1a:5d:f6:51:04:f1:6b:f2:4d:74:70:45:91:f9:44:90:23:d0:
         65:46:0c:1f:93:26:e3:93:2d:d5:29:1b:be:fd:c7:10:c0:5c:
         f1:90:5d:29:97:72:77:1b:b2:12:69:85:dc:5e:ad:8a:7d:62:
         7e:76:a0:47:6e:94:d9:51:1b:35:60:01:5f:21:a2:c0:c1:3e:
         d7:98:8c:83:d2:6e:6b:0a:ca:98:f8:15:e3:1f:c9:b8:5d:cb:
         70:a4:59:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+XqZzCtiZVs1tenNQAeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTcwMjFiZmU2ZTJkYzJjNWVmMjM2MTEzOWZhMzQxMGY1MGJkNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoM48n+R6Fq1zRbIh/ohITbTNomf
3HRtrjPxnow1/6nk0oeJ721jPQHKlWptmVg/KTCN6atqnBCWRX8zWEmIoLFr1vGo
GtAlguAPamXkAhkO7nfsxiLo1VLNO3eQi6HaSIyOOXY3pzBbaiLxi0kwiqRfAD8H
C/GcA44GBkjKOX7jdMrRf3F8N3BldGWj+YxQz8EJMg4lzRhF8v7IDZ6636FOMpLp
BZ3heOu6OY1hTOiVJ0gCGmdrY+OKklH4HdVSGFFOPS0LyYFdcb6wzH8+/byKNjtX
6nhdjtAj2d9Z8+UNMKw69TEVpVnmUdSQtwLPtjEUmHlrsiEagNPjsJw/fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpwIb/m4twsXvI2ETn6NBD1C9XBMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvcW5BaHYtYmkzQ3hlOGpZUk9mbzBFUFVMMWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATlPsMA0G
CSqGSIb3DQEBCwUAA4IBAQA2TS+L73ZqdCuDy3gyoGpKREXhyPJmrc+mIIKhoAI1
IceGHH67n5BMbzwLvVhA9oFCOAv+gBUR0+t5spdPx537iCS5g5PlSY/CMiHzsfiY
By/1/oZbRmTn9k4oILDzm2BxytMSnw5NSf5hv+m+HxTXZ01a34gcs/wNUV9OBfRh
yza/0Fvxg19nZW8PVOoBKvdd6knmKb0F4JuUJY0M1NBhw/8aXfZRBPFr8k10cEWR
+USQI9BlRgwfkybjky3VKRu+/ccQwFzxkF0pl3J3G7ISaYXcXq2KfWJ+dqBHbpTZ
URs1YAFfIaLAwT7XmIyD0m5rCsqY+BXjH8m4XctwpFkb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org