Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/qGV3yv5rbW0q-hDrLe7SLjT7HwY.roa
File:                     qGV3yv5rbW0q-hDrLe7SLjT7HwY.roa (raw, json)
Hash identifier:          xEfqqJg5EiDFvz9OXJc2Q9RKjUE/NRsRg6mmLa3TnJ0=
Subject key identifier:   A8:65:77:CA:FE:6B:6D:6D:2A:FA:10:EB:2D:EE:D2:2E:34:FB:1F:06
Certificate issuer:       /CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Certificate serial:       018572558B2DA46E4D4D12FFB0E8F55BC29E
Authority key identifier: 3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/qGV3yv5rbW0q-hDrLe7SLjT7HwY.roa
Signing time:             Mon 02 Jan 2023 11:54:46 +0000
ROA not before:           Mon 02 Jan 2023 11:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48329
IP address blocks:        185.159.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:55:8b:2d:a4:6e:4d:4d:12:ff:b0:e8:f5:5b:c2:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
        Validity
            Not Before: Jan  2 11:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a86577cafe6b6d6d2afa10eb2deed22e34fb1f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:34:fc:1d:c0:78:3e:a1:f9:e4:ba:9c:d7:fa:
                    f1:08:c5:3c:dc:0c:71:33:01:a6:07:d5:da:f3:0d:
                    e0:ee:22:17:ae:5d:0e:cb:73:ee:20:d4:58:de:93:
                    76:8c:42:7a:4c:a0:05:52:cf:67:41:49:8a:bb:f6:
                    2c:27:f0:6c:7a:fe:f2:90:e1:3d:8d:64:eb:cf:3d:
                    79:59:57:b0:02:be:3b:52:3f:1e:28:28:8e:4d:3d:
                    25:7d:b8:80:c3:7b:50:22:b9:19:d9:9a:e2:47:6a:
                    87:bc:16:d6:0b:5a:c5:60:b3:86:40:3b:61:24:43:
                    05:84:f9:ad:08:1f:80:48:15:d2:bd:c7:df:6c:8e:
                    ea:08:9e:70:37:44:44:b1:46:48:be:fb:76:7c:55:
                    6d:5c:bb:2c:df:c0:ed:06:e9:e5:1e:5b:43:6f:aa:
                    e3:c4:1a:84:73:e4:5b:ec:6c:5a:c4:50:de:74:87:
                    e6:47:53:87:07:cd:7a:c4:ea:ef:4c:83:1f:81:73:
                    25:31:22:95:a0:f3:a5:83:53:c5:61:19:f3:21:5d:
                    67:0f:b7:f6:8a:d2:20:ca:95:d5:fa:1f:e5:54:5a:
                    9b:38:ce:00:82:a5:52:c4:d1:d8:54:6a:24:01:20:
                    22:7d:ab:be:ea:2f:87:e3:f2:e6:a2:c6:74:81:0f:
                    f2:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:65:77:CA:FE:6B:6D:6D:2A:FA:10:EB:2D:EE:D2:2E:34:FB:1F:06
            X509v3 Authority Key Identifier:
                keyid:3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/qGV3yv5rbW0q-hDrLe7SLjT7HwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:c5:1c:fe:1a:9a:ef:71:68:09:e0:67:5e:54:a6:79:2d:9d:
         0b:c8:0e:9a:ac:00:59:73:7e:f5:91:9e:56:c8:c9:24:df:5b:
         41:90:11:5a:b8:d7:24:11:33:79:15:4e:2e:d8:08:22:d6:01:
         d3:65:4b:d4:e3:f2:0e:1c:dd:ad:3c:31:5e:ed:29:aa:b8:7b:
         ea:33:17:fb:5d:7d:c0:3b:c2:0c:f8:1c:ef:11:74:62:4f:42:
         33:e3:71:b4:75:2f:62:17:a0:4b:b5:0c:4d:f9:a7:1f:40:5f:
         90:c9:9a:ea:63:b2:f0:28:5f:34:02:95:b4:30:3d:27:5d:a4:
         10:ab:6d:1c:93:e3:f8:0a:78:5c:d8:14:a6:5c:48:64:62:31:
         f3:8f:ff:e6:da:74:0e:ea:a3:ce:09:00:a3:4e:91:47:d0:cb:
         e5:c2:8c:1f:0c:86:90:8f:6d:67:6c:22:b4:ac:6f:6f:2e:85:
         2f:7e:52:dd:3a:03:ce:ca:f9:f2:db:3e:f8:a4:18:11:94:2e:
         0a:da:53:11:14:60:94:c5:03:eb:21:7a:3d:c2:94:54:ff:38:
         6b:87:7b:06:81:80:12:47:b5:ab:87:68:68:d3:2d:67:e8:65:
         d3:47:0b:99:39:48:7b:d2:ac:8c:89:4c:43:35:be:94:44:1f:
         e2:31:aa:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVYstpG5NTRL/sOj1W8KeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlY2Q1M2M2NjQyNGMzZjM2OWNhODhlZTdhZjc2YWRiMjVl
MTg0NTEwHhcNMjMwMTAyMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODY1NzdjYWZlNmI2ZDZkMmFmYTEwZWIyZGVlZDIyZTM0ZmIxZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzT8HcB4PqH55Lqc1/rxCMU83Axx
MwGmB9Xa8w3g7iIXrl0Oy3PuINRY3pN2jEJ6TKAFUs9nQUmKu/YsJ/Bsev7ykOE9
jWTrzz15WVewAr47Uj8eKCiOTT0lfbiAw3tQIrkZ2ZriR2qHvBbWC1rFYLOGQDth
JEMFhPmtCB+ASBXSvcffbI7qCJ5wN0REsUZIvvt2fFVtXLss38DtBunlHltDb6rj
xBqEc+Rb7GxaxFDedIfmR1OHB816xOrvTIMfgXMlMSKVoPOlg1PFYRnzIV1nD7f2
itIgypXV+h/lVFqbOM4AgqVSxNHYVGokASAifau+6i+H4/LmosZ0gQ/yCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhld8r+a21tKvoQ6y3u0i40+x8GMB8GA1UdIwQY
MBaAFD7NU8ZkJMPzacqI7nr3atsl4YRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAt
YzIyNTY4MDRlOTIyLzEvcUdWM3l2NXJiVzBxLWhEckxlN1NMalQ3SHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAtYzIyNTY4MDRlOTIy
LzEvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ9WMA0G
CSqGSIb3DQEBCwUAA4IBAQCpxRz+GprvcWgJ4GdeVKZ5LZ0LyA6arABZc371kZ5W
yMkk31tBkBFauNckETN5FU4u2Agi1gHTZUvU4/IOHN2tPDFe7SmquHvqMxf7XX3A
O8IM+BzvEXRiT0Iz43G0dS9iF6BLtQxN+acfQF+QyZrqY7LwKF80ApW0MD0nXaQQ
q20ck+P4Cnhc2BSmXEhkYjHzj//m2nQO6qPOCQCjTpFH0MvlwowfDIaQj21nbCK0
rG9vLoUvflLdOgPOyvny2z74pBgRlC4K2lMRFGCUxQPrIXo9wpRU/zhrh3sGgYAS
R7Wrh2ho0y1n6GXTRwuZOUh70qyMiUxDNb6URB/iMapK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:11 2024 by rpki-client on console-fra.rpki-client.org