Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/qBaVmIgyaKNGwa7EpYRIyUNcmIk.roa
File:                     qBaVmIgyaKNGwa7EpYRIyUNcmIk.roa (raw, json)
Hash identifier:          /IVpAc+oSQx9pJ5tiPzpDIZFbwThBS/yLW4Mayf6L/U=
Subject key identifier:   A8:16:95:98:88:32:68:A3:46:C1:AE:C4:A5:84:48:C9:43:5C:98:89
Certificate issuer:       /CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Certificate serial:       01857295AD6B5A9FEFB5D74E5BCFB8ACEB34
Authority key identifier: 77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/qBaVmIgyaKNGwa7EpYRIyUNcmIk.roa
Signing time:             Mon 02 Jan 2023 13:04:49 +0000
ROA not before:           Mon 02 Jan 2023 13:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202773
IP address blocks:        46.226.209.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:95:ad:6b:5a:9f:ef:b5:d7:4e:5b:cf:b8:ac:eb:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
        Validity
            Not Before: Jan  2 13:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a8169598883268a346c1aec4a58448c9435c9889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:97:50:8e:4f:b4:5f:80:a2:e3:ec:b9:5b:07:
                    48:10:b4:0a:12:fc:ab:1b:0d:2c:50:11:df:ba:a8:
                    a5:17:5a:0e:11:28:38:dc:d9:af:91:43:20:c5:1e:
                    e4:c6:10:80:5d:d5:a7:19:48:8d:13:63:16:6f:52:
                    46:fb:28:cf:15:04:94:59:18:5b:1c:e5:69:0c:d0:
                    7d:4a:a1:50:6e:66:f3:eb:ec:60:c2:4b:17:97:2b:
                    39:d7:ec:3c:6b:b4:f2:72:31:01:03:f5:eb:5c:91:
                    bf:e9:a3:a3:08:6b:f4:c7:36:8a:c6:a0:b9:5d:ba:
                    a3:c5:8a:fc:f0:91:19:11:87:21:02:5a:df:90:2b:
                    be:ab:12:5b:b3:b4:e9:34:d0:fa:b2:e9:55:c4:5b:
                    b7:34:6b:6f:a5:1a:9b:ba:4b:67:1a:8d:70:34:cf:
                    fc:55:57:30:73:a6:0a:72:da:c7:17:a9:d5:6c:e0:
                    18:48:a1:18:3d:b1:6b:d0:51:cc:81:bd:9c:4e:ce:
                    e5:79:d6:23:0a:ce:db:50:68:f3:34:d3:78:6c:53:
                    5d:6f:6b:73:68:2e:18:4d:f8:2b:d5:20:ee:87:c6:
                    51:9d:0d:04:e2:54:06:8b:a7:56:86:52:12:23:b1:
                    f6:2b:b6:16:74:87:92:d2:25:59:a7:ec:da:bf:43:
                    c4:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:16:95:98:88:32:68:A3:46:C1:AE:C4:A5:84:48:C9:43:5C:98:89
            X509v3 Authority Key Identifier:
                keyid:77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/qBaVmIgyaKNGwa7EpYRIyUNcmIk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.226.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:82:86:bc:d2:d4:8a:0d:b3:e3:b6:91:09:b5:dd:e6:71:cb:
         04:3b:2b:3d:41:6a:14:9f:18:a2:e4:77:dd:8f:93:f3:ed:e1:
         7f:46:c8:dd:d3:2c:bc:d5:a8:41:aa:a7:bb:00:1b:d4:1c:8b:
         62:e5:be:98:41:a9:3a:82:18:db:c0:e4:c6:c5:a3:38:02:f3:
         b8:1d:6e:eb:0e:a5:16:3c:1d:72:ad:33:05:39:33:ad:2d:c5:
         97:77:26:00:56:27:05:ce:18:28:c2:a0:69:72:30:81:8d:59:
         bf:3f:ae:42:71:d8:ac:c2:f1:0b:62:d4:20:13:a8:10:ec:9a:
         a5:4d:4b:78:c0:32:0c:ab:a3:8c:68:48:af:34:ca:77:7d:03:
         d8:5c:48:8f:25:65:1d:4a:8d:36:38:70:69:68:8a:77:2d:31:
         bd:21:5e:fd:b3:de:a5:16:62:aa:fa:02:d8:03:40:5f:57:b3:
         70:97:64:37:35:ad:d4:a7:7a:fb:00:d6:0c:1c:c6:5b:8b:78:
         44:47:93:46:3b:fa:74:42:ac:44:6c:4c:4d:24:73:d8:00:4e:
         79:e3:1e:d4:f6:1f:d3:42:98:c4:dc:d9:e4:b3:b9:35:c7:25:
         f2:f2:9d:64:a7:d8:62:db:fc:87:b6:b3:21:d8:00:14:35:d8:
         0f:41:d9:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyla1rWp/vtddOW8+4rOs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZTNjMjkwMGI1OTk3NTQyODNmMjdmM2I0ZThkN2Y2YzQ1
MTA5NzIwHhcNMjMwMTAyMTMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE2OTU5ODg4MzI2OGEzNDZjMWFlYzRhNTg0NDhjOTQzNWM5ODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZdQjk+0X4Ci4+y5WwdIELQKEvyr
Gw0sUBHfuqilF1oOESg43NmvkUMgxR7kxhCAXdWnGUiNE2MWb1JG+yjPFQSUWRhb
HOVpDNB9SqFQbmbz6+xgwksXlys51+w8a7TycjEBA/XrXJG/6aOjCGv0xzaKxqC5
XbqjxYr88JEZEYchAlrfkCu+qxJbs7TpNND6sulVxFu3NGtvpRqbuktnGo1wNM/8
VVcwc6YKctrHF6nVbOAYSKEYPbFr0FHMgb2cTs7ledYjCs7bUGjzNNN4bFNdb2tz
aC4YTfgr1SDuh8ZRnQ0E4lQGi6dWhlISI7H2K7YWdIeS0iVZp+zav0PEeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgWlZiIMmijRsGuxKWESMlDXJiJMB8GA1UdIwQY
MBaAFHfjwpALWZdUKD8n87To1/bEUQlyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEt
ZDNjNTVkNGZkYTlkLzEvcUJhVm1JZ3lhS05Hd2E3RXBZUkl5VU5jbUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEtZDNjNTVkNGZkYTlk
LzEvZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuLRMA0G
CSqGSIb3DQEBCwUAA4IBAQAKgoa80tSKDbPjtpEJtd3mccsEOys9QWoUnxii5Hfd
j5Pz7eF/Rsjd0yy81ahBqqe7ABvUHIti5b6YQak6ghjbwOTGxaM4AvO4HW7rDqUW
PB1yrTMFOTOtLcWXdyYAVicFzhgowqBpcjCBjVm/P65CcdiswvELYtQgE6gQ7Jql
TUt4wDIMq6OMaEivNMp3fQPYXEiPJWUdSo02OHBpaIp3LTG9IV79s96lFmKq+gLY
A0BfV7Nwl2Q3Na3Up3r7ANYMHMZbi3hER5NGO/p0QqxEbExNJHPYAE554x7U9h/T
QpjE3Nnks7k1xyXy8p1kp9hi2/yHtrMh2AAUNdgPQdk2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:26 2024 by rpki-client on console-fra.rpki-client.org