Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/FQz-UBTyFK7IodOBwgr-2X7aGd4.roa
File:                     FQz-UBTyFK7IodOBwgr-2X7aGd4.roa (raw, json)
Hash identifier:          ANvJ1LNdCnmOFuvpOU2kWyJO4wiSvZFDAt62Nmc8+0E=
Subject key identifier:   15:0C:FE:50:14:F2:14:AE:C8:A1:D3:81:C2:0A:FE:D9:7E:DA:19:DE
Certificate issuer:       /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial:       018CC42457FB3FE5CC470381CA3217703254
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/FQz-UBTyFK7IodOBwgr-2X7aGd4.roa
Signing time:             Mon 01 Jan 2024 08:29:25 +0000
ROA not before:           Mon 01 Jan 2024 08:29:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197563
IP address blocks:        178.18.231.0/24 maxlen: 24
                          2a03:5f80:8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 01:54:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:57:fb:3f:e5:cc:47:03:81:ca:32:17:70:32:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
        Validity
            Not Before: Jan  1 08:29:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=150cfe5014f214aec8a1d381c20afed97eda19de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:08:41:c8:4c:1b:ef:c6:c2:57:7f:fe:3c:43:
                    ec:91:77:d3:f8:9b:59:6d:80:ae:fb:e2:8c:72:c7:
                    73:e4:80:61:f5:32:c6:7b:fd:7e:2a:ef:20:cd:23:
                    c3:d9:5d:b7:0e:06:22:34:1f:bc:c5:c8:1c:74:54:
                    9e:72:73:ad:aa:5c:a3:ba:f5:7b:92:3a:56:57:c6:
                    a7:f1:9d:64:36:4e:f3:b2:aa:73:a9:06:23:bb:00:
                    45:74:63:5a:51:e3:19:d8:48:fa:be:fd:47:fc:02:
                    ac:89:46:63:bc:11:c6:1e:98:95:d9:a5:d1:f8:d2:
                    9a:72:7b:da:20:37:e0:26:a6:ea:88:da:a0:23:7f:
                    56:e7:82:cc:8a:64:87:bf:61:c6:58:46:93:cb:9e:
                    cd:cd:05:ad:bd:6c:3d:61:f7:d6:a5:38:c0:c7:48:
                    86:29:4e:f1:a0:b6:4c:14:80:0e:d6:0a:9b:1e:60:
                    4c:65:77:96:17:eb:b5:af:7f:e3:a4:72:b3:a3:11:
                    73:b7:d0:cc:60:62:31:14:f3:6c:0d:63:b6:04:b2:
                    09:59:d8:82:ab:98:0f:a3:7d:fc:22:eb:ff:f0:c7:
                    41:09:f7:4c:05:99:96:bb:6a:96:4d:d5:a3:f1:b8:
                    e2:5d:ee:82:c5:c9:fb:68:f8:c6:31:1a:9a:0b:a4:
                    ae:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:0C:FE:50:14:F2:14:AE:C8:A1:D3:81:C2:0A:FE:D9:7E:DA:19:DE
            X509v3 Authority Key Identifier:
                keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/FQz-UBTyFK7IodOBwgr-2X7aGd4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.18.231.0/24
                IPv6:
                  2a03:5f80:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:5b:b5:8b:8b:34:00:27:9d:b4:b9:ae:d9:3d:00:01:70:61:
         58:30:54:47:c1:17:b5:f8:5c:74:8d:d2:b9:7d:39:84:cb:2e:
         3f:46:67:69:82:d9:77:bd:93:11:c9:67:fe:f6:3b:9e:92:a2:
         7f:10:ad:a5:10:0a:a1:6f:b8:d0:ac:ac:ba:ae:78:a8:e8:34:
         3a:6b:36:16:3a:f5:6e:4f:74:83:a3:8f:9e:7c:47:f6:ce:72:
         70:ad:2e:08:ae:54:51:3c:b7:2b:a2:bc:32:a7:ca:f3:60:c4:
         e9:46:2d:bc:c6:b7:12:2e:90:4e:60:f3:e0:e3:81:e9:2b:31:
         b1:b4:ea:91:4f:af:62:5d:3c:76:fc:a7:49:a2:e2:f6:7a:ad:
         2c:3b:31:03:92:96:eb:ff:bc:61:00:cd:c3:94:cf:4a:40:ce:
         3a:73:be:88:c9:a7:a8:ac:c8:40:3b:8b:f8:f0:25:c8:85:27:
         e2:b7:e4:5b:7e:4d:1d:11:38:77:ac:bd:af:81:f0:89:01:0d:
         98:b3:cb:b0:95:96:6d:08:32:58:f1:15:25:2f:0e:67:b3:3c:
         4c:a7:ed:5c:d0:ab:30:34:90:d4:45:61:d7:58:55:bd:c3:20:
         b6:af:32:07:03:7f:2c:97:2a:51:5f:d1:9f:44:f6:18:6e:de:
         a3:6c:6f:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJFf7P+XMRwOByjIXcDJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTBjZmU1MDE0ZjIxNGFlYzhhMWQzODFjMjBhZmVkOTdlZGExOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqghByEwb78bCV3/+PEPskXfT+JtZ
bYCu++KMcsdz5IBh9TLGe/1+Ku8gzSPD2V23DgYiNB+8xcgcdFSecnOtqlyjuvV7
kjpWV8an8Z1kNk7zsqpzqQYjuwBFdGNaUeMZ2Ej6vv1H/AKsiUZjvBHGHpiV2aXR
+NKacnvaIDfgJqbqiNqgI39W54LMimSHv2HGWEaTy57NzQWtvWw9YffWpTjAx0iG
KU7xoLZMFIAO1gqbHmBMZXeWF+u1r3/jpHKzoxFzt9DMYGIxFPNsDWO2BLIJWdiC
q5gPo338Iuv/8MdBCfdMBZmWu2qWTdWj8bjiXe6Cxcn7aPjGMRqaC6SumwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBUM/lAU8hSuyKHTgcIK/tl+2hneMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvRlF6LVVCVHlGSzdJb2RPQndnci0yWDdhR2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAshLnMA8E
AgACMAkDBwAqA1+AAAgwDQYJKoZIhvcNAQELBQADggEBAFFbtYuLNAAnnbS5rtk9
AAFwYVgwVEfBF7X4XHSN0rl9OYTLLj9GZ2mC2Xe9kxHJZ/72O56Son8QraUQCqFv
uNCsrLqueKjoNDprNhY69W5PdIOjj558R/bOcnCtLgiuVFE8tyuivDKnyvNgxOlG
LbzGtxIukE5g8+DjgekrMbG06pFPr2JdPHb8p0mi4vZ6rSw7MQOSluv/vGEAzcOU
z0pAzjpzvojJp6isyEA7i/jwJciFJ+K35Ft+TR0ROHesva+B8IkBDZizy7CVlm0I
MljxFSUvDmezPEyn7VzQqzA0kNRFYddYVb3DILavMgcDfyyXKlFf0Z9E9hhu3qNs
b0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:08 2024 by rpki-client on console-ams.rpki-client.org