Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-QGKlT-71TfHSlbtYkmMONMIdKA.roa
File:                     1-QGKlT-71TfHSlbtYkmMONMIdKA.roa (raw, json)
Hash identifier:          QHsMlAAmeX2ZbIeqK+98Du+ifoIfMxGHAIiv19w2CnI=
Subject key identifier:   F9:01:8A:95:3F:BB:D5:37:C7:4A:56:ED:62:49:8C:38:D3:08:74:A0
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0185F3C53D270C5E08276C3A7F85BEE75E53
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-QGKlT-71TfHSlbtYkmMONMIdKA.roa
Signing time:             Fri 27 Jan 2023 15:07:47 +0000
ROA not before:           Fri 27 Jan 2023 15:07:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47418
IP address blocks:        193.233.242.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Feb 2023 19:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f3:c5:3d:27:0c:5e:08:27:6c:3a:7f:85:be:e7:5e:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan 27 15:07:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9018a953fbbd537c74a56ed62498c38d30874a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:4d:21:fa:fa:53:85:f5:89:7b:bc:b8:f4:ae:
                    bd:50:52:4e:6c:ae:b7:8a:16:ea:65:14:6c:b9:52:
                    66:51:6d:22:9b:67:82:e3:8d:0b:4d:1e:94:8c:75:
                    60:4d:9b:6d:5b:4c:76:50:eb:3e:e5:48:63:55:26:
                    42:29:ab:75:2e:71:31:9d:18:a4:4e:4d:7e:89:d5:
                    c4:a6:dd:9c:97:33:34:00:6f:09:4a:e4:a6:9e:0b:
                    49:05:5b:28:57:e7:59:2d:c7:b1:c4:70:34:ba:98:
                    e5:85:af:1f:d7:a9:9b:1e:6e:ae:3d:aa:3a:a5:ab:
                    a0:93:fc:41:d4:13:50:61:01:aa:a2:af:4e:57:d5:
                    34:cc:e7:a5:16:9e:d0:ab:45:ef:6d:6f:e4:3e:b5:
                    88:0c:3c:6c:e6:6a:53:3d:0f:1e:3c:47:70:17:15:
                    22:0d:7d:4e:41:e7:7f:fe:5f:f0:d9:2e:8c:e3:0f:
                    fd:11:bd:62:0e:bb:d1:c6:e9:c2:56:29:d8:c0:e6:
                    37:fa:ad:c2:45:dd:ae:1b:fa:15:62:3d:1e:96:24:
                    97:90:75:a8:5c:35:37:9e:2b:3f:a7:34:6f:58:b5:
                    eb:8b:13:93:36:6c:df:56:a2:30:07:ff:7d:d1:40:
                    5a:ab:ca:71:15:4b:f3:14:5f:8c:a3:80:e6:3e:9c:
                    22:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:01:8A:95:3F:BB:D5:37:C7:4A:56:ED:62:49:8C:38:D3:08:74:A0
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-QGKlT-71TfHSlbtYkmMONMIdKA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:82:2f:3c:e0:74:ec:41:18:ad:cc:16:ab:db:11:1d:8d:5f:
         0b:64:94:11:65:a8:cf:65:f4:ed:50:33:fa:5c:fd:2f:f2:d0:
         a0:0c:bc:82:86:f9:05:95:aa:bf:69:0d:0c:0d:6f:a4:25:cf:
         80:75:b2:49:aa:3f:8b:9c:82:9c:27:06:a1:39:82:18:0e:ad:
         a9:a9:9f:f1:9f:5a:74:25:41:5e:d3:13:c8:d8:93:5a:c6:69:
         29:1d:90:ef:52:41:57:0a:fa:0e:1a:7c:ef:26:3e:3b:1b:b0:
         bc:9c:60:fc:b0:8d:34:44:fd:f4:3c:76:82:76:93:d1:8a:b2:
         f9:15:fd:3f:d9:d7:9e:9a:b9:3f:59:dc:15:76:8b:fb:3d:03:
         b6:10:59:c5:45:c7:17:75:a2:e9:2c:6d:9e:f7:44:76:17:8b:
         71:df:22:49:45:32:5a:84:e4:e7:72:a2:4c:35:65:76:1f:ef:
         e2:07:ac:cb:27:79:ac:c7:4a:eb:24:12:dd:69:57:1f:d7:8d:
         6d:65:81:51:64:d1:b3:a4:ce:81:a0:4d:b1:f7:c2:d8:12:7c:
         1b:33:6c:72:17:86:03:45:22:d6:c0:ae:f0:85:ec:e2:8c:38:
         e2:08:54:02:87:5f:cb:24:e8:8a:43:52:bf:4c:51:7a:1b:82:
         b1:76:59:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYXzxT0nDF4IJ2w6f4W+515TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTI3MTUwNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTAxOGE5NTNmYmJkNTM3Yzc0YTU2ZWQ2MjQ5OGMzOGQzMDg3NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU0h+vpThfWJe7y49K69UFJObK63
ihbqZRRsuVJmUW0im2eC440LTR6UjHVgTZttW0x2UOs+5UhjVSZCKat1LnExnRik
Tk1+idXEpt2clzM0AG8JSuSmngtJBVsoV+dZLcexxHA0upjlha8f16mbHm6uPao6
paugk/xB1BNQYQGqoq9OV9U0zOelFp7Qq0XvbW/kPrWIDDxs5mpTPQ8ePEdwFxUi
DX1OQed//l/w2S6M4w/9Eb1iDrvRxunCVinYwOY3+q3CRd2uG/oVYj0eliSXkHWo
XDU3nis/pzRvWLXrixOTNmzfVqIwB/990UBaq8pxFUvzFF+Mo4DmPpwiGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkBipU/u9U3x0pW7WJJjDjTCHSgMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMS1RR0tsVC03MVRmSFNsYnRZa21NT05NSWRLQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0
OS8xL2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHp8jAN
BgkqhkiG9w0BAQsFAAOCAQEANYIvPOB07EEYrcwWq9sRHY1fC2SUEWWoz2X07VAz
+lz9L/LQoAy8gob5BZWqv2kNDA1vpCXPgHWySao/i5yCnCcGoTmCGA6tqamf8Z9a
dCVBXtMTyNiTWsZpKR2Q71JBVwr6Dhp87yY+OxuwvJxg/LCNNET99Dx2gnaT0Yqy
+RX9P9nXnpq5P1ncFXaL+z0DthBZxUXHF3Wi6SxtnvdEdheLcd8iSUUyWoTk53Ki
TDVldh/v4gesyyd5rMdK6yQS3WlXH9eNbWWBUWTRs6TOgaBNsffC2BJ8GzNscheG
A0Ui1sCu8IXs4ow44ghUAodfyyToikNSv0xRehuCsXZZaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org