Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/q63C4-F5cpElsxeScoQ7IMuoiLk.roa
File:                     q63C4-F5cpElsxeScoQ7IMuoiLk.roa (raw, json)
Hash identifier:          4WSkozW5imcQdr8V2+qUWIK2jDaqCEwY8C/srLuRqdg=
Subject key identifier:   AB:AD:C2:E3:E1:79:72:91:25:B3:17:92:72:84:3B:20:CB:A8:88:B9
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       018CC56DE69F408121EA04E0155C8405B0A5
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/q63C4-F5cpElsxeScoQ7IMuoiLk.roa
Signing time:             Mon 01 Jan 2024 14:29:23 +0000
ROA not before:           Mon 01 Jan 2024 14:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34984
IP address blocks:        185.169.181.0/24 maxlen: 24
                          185.174.22.0/24 maxlen: 24
                          185.174.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 20:18:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6d:e6:9f:40:81:21:ea:04:e0:15:5c:84:05:b0:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Jan  1 14:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=abadc2e3e179729125b3179272843b20cba888b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2b:ae:29:2a:88:34:06:79:94:60:42:62:31:
                    8b:ae:a8:52:8b:cc:72:85:37:f4:c5:46:ab:32:25:
                    0e:2d:64:bb:20:a9:5e:2c:9d:45:4a:33:25:5b:c2:
                    51:6e:dc:99:57:28:b0:71:c4:2f:72:fc:d0:89:29:
                    29:2d:0a:4c:c4:00:6b:f3:17:fa:61:b4:74:96:0f:
                    72:ad:08:40:7e:c7:e6:9c:d2:6b:92:c8:21:96:dc:
                    ac:d0:fa:c0:65:68:68:24:7a:dc:16:71:81:06:37:
                    3c:7a:36:46:e3:a3:a9:0d:f1:6b:7d:55:81:43:8a:
                    fb:b5:22:09:60:14:15:98:af:40:ab:50:1b:78:a6:
                    29:4f:d4:d7:17:53:e2:34:5a:f2:98:b4:79:16:1e:
                    9b:ab:78:1e:96:93:5f:6f:6a:8d:d5:df:0c:5e:9e:
                    ce:f8:31:a4:7a:40:bc:e8:52:f1:c5:b4:eb:f8:75:
                    9c:9a:da:f7:5c:1d:3f:f6:e4:8c:15:64:4c:45:66:
                    c7:ed:23:d0:0b:6c:40:6f:e3:bd:85:93:23:04:e8:
                    29:54:fc:8b:6b:4c:93:c5:5c:5f:68:6e:94:d3:c7:
                    43:26:39:ff:69:e7:f2:a1:dc:bd:b6:67:8a:ae:a4:
                    6d:de:56:0b:0d:b6:e2:5d:e5:cf:ea:4b:72:ed:9b:
                    5b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:AD:C2:E3:E1:79:72:91:25:B3:17:92:72:84:3B:20:CB:A8:88:B9
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/q63C4-F5cpElsxeScoQ7IMuoiLk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.169.181.0/24
                  185.174.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:1b:f1:ec:41:50:b9:2e:7a:2b:bc:f8:aa:5d:ae:d2:82:2b:
         4f:9d:de:81:4c:21:35:70:51:27:ff:42:93:e0:b1:40:1b:16:
         87:1f:6e:12:9b:a6:ad:e0:c8:31:f7:c4:c4:73:3a:30:65:30:
         2a:0b:6d:f8:82:e4:88:d4:4d:c7:59:b5:b4:3e:e3:f5:00:e6:
         5d:e5:dc:b3:e5:ed:76:4f:b9:26:1f:f2:5f:11:d3:2c:24:d2:
         69:26:40:67:05:6e:18:4a:5a:39:1e:ab:df:f6:2c:45:13:c2:
         b3:95:8a:44:16:98:01:2f:02:78:a0:ef:ec:b7:b3:0c:38:c1:
         f9:10:34:5d:e5:88:da:10:17:b0:f2:bb:df:23:c6:c9:8d:64:
         73:fd:92:20:2c:4d:1b:99:3b:cf:23:90:fb:08:2c:55:15:b4:
         c8:00:b2:45:57:30:ea:1c:a1:37:55:f3:e6:0a:6d:9d:ef:2e:
         28:55:df:da:55:82:01:4f:35:86:91:19:4a:ba:18:3e:f6:c9:
         7c:98:2d:cd:13:70:58:f7:fe:01:33:d7:ff:3f:51:e5:d0:a7:
         62:9b:20:fd:48:f2:52:c9:12:76:0b:08:df:aa:7a:c3:a3:d9:
         51:bb:1e:fc:c6:b0:7e:d2:46:d8:df:7e:a9:5d:90:03:79:12:
         67:55:0f:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbeafQIEh6gTgFVyEBbClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFkYzJlM2UxNzk3MjkxMjViMzE3OTI3Mjg0M2IyMGNiYTg4OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiuuKSqINAZ5lGBCYjGLrqhSi8xy
hTf0xUarMiUOLWS7IKleLJ1FSjMlW8JRbtyZVyiwccQvcvzQiSkpLQpMxABr8xf6
YbR0lg9yrQhAfsfmnNJrksghltys0PrAZWhoJHrcFnGBBjc8ejZG46OpDfFrfVWB
Q4r7tSIJYBQVmK9Aq1AbeKYpT9TXF1PiNFrymLR5Fh6bq3gelpNfb2qN1d8MXp7O
+DGkekC86FLxxbTr+HWcmtr3XB0/9uSMFWRMRWbH7SPQC2xAb+O9hZMjBOgpVPyL
a0yTxVxfaG6U08dDJjn/aefyody9tmeKrqRt3lYLDbbiXeXP6kty7ZtbUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKutwuPheXKRJbMXknKEOyDLqIi5MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvcTYzQzQtRjVjcEVsc3hlU2NvUTdJTXVvaUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuam1AwQB
ua4WMA0GCSqGSIb3DQEBCwUAA4IBAQB5G/HsQVC5LnorvPiqXa7SgitPnd6BTCE1
cFEn/0KT4LFAGxaHH24Sm6at4Mgx98TEczowZTAqC234guSI1E3HWbW0PuP1AOZd
5dyz5e12T7kmH/JfEdMsJNJpJkBnBW4YSlo5Hqvf9ixFE8KzlYpEFpgBLwJ4oO/s
t7MMOMH5EDRd5YjaEBew8rvfI8bJjWRz/ZIgLE0bmTvPI5D7CCxVFbTIALJFVzDq
HKE3VfPmCm2d7y4oVd/aVYIBTzWGkRlKuhg+9sl8mC3NE3BY9/4BM9f/P1Hl0Kdi
myD9SPJSyRJ2CwjfqnrDo9lRux78xrB+0kbY336pXZADeRJnVQ8W
-----END CERTIFICATE-----
Generated at Wed Sep 11 21:46:36 2024 by rpki-client on console-fra.rpki-client.org