Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/QUxIJzgWWF7kXfLbEEq1p5QoCxA.roa
File:                     QUxIJzgWWF7kXfLbEEq1p5QoCxA.roa (raw, json)
Hash identifier:          mg9+3QGtw0iqdCb00AWGmS7SzyHTQOhJH98Paq94WZQ=
Subject key identifier:   41:4C:48:27:38:16:58:5E:E4:5D:F2:DB:10:4A:B5:A7:94:28:0B:10
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018A237E14A2AED07B391C7C2B9F86110658
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/QUxIJzgWWF7kXfLbEEq1p5QoCxA.roa
Signing time:             Wed 23 Aug 2023 17:42:59 +0000
ROA not before:           Wed 23 Aug 2023 17:42:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15490
IP address blocks:        2.56.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:23:7e:14:a2:ae:d0:7b:39:1c:7c:2b:9f:86:11:06:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Aug 23 17:42:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=414c48273816585ee45df2db104ab5a794280b10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a8:3a:19:b7:1a:a9:71:23:e2:cc:09:0f:17:
                    9f:d4:ae:bb:7e:f7:52:06:de:8a:98:da:ad:4f:bb:
                    d9:2d:4d:6d:dc:aa:e4:5e:de:7a:8c:5d:2a:52:58:
                    e9:9c:87:6d:6c:ff:62:13:0f:8b:c4:db:b4:31:b0:
                    66:16:0a:84:90:47:27:e4:b0:8c:6e:32:9c:d5:c2:
                    b0:96:1e:84:71:2e:00:85:86:f3:77:66:e8:ef:31:
                    ca:54:aa:bb:bd:62:09:5b:ff:38:8a:ea:27:00:fe:
                    fa:d9:1b:c3:59:09:fc:86:19:82:3b:32:6a:27:05:
                    7d:ea:fa:ae:17:9a:9d:8c:7c:5a:66:0b:96:d8:16:
                    b3:71:24:f0:dd:87:13:87:e7:f1:68:3f:7f:ae:93:
                    b6:ec:93:45:84:62:bd:ed:86:58:a6:5a:af:58:1b:
                    33:59:5b:7b:c1:ce:f8:60:bb:42:38:38:b3:9d:5c:
                    25:c7:56:96:46:55:bd:e8:d0:77:81:c1:91:bf:62:
                    51:f3:f7:fc:e4:61:6a:9b:ee:84:0e:9c:19:96:d5:
                    3a:6c:20:f4:4a:d7:9c:27:f1:f8:5a:48:57:9f:48:
                    3e:78:7e:dd:75:82:bc:49:85:05:c2:6c:d5:8a:3e:
                    c1:0e:fd:b5:09:3d:66:eb:87:1b:a8:da:66:a4:16:
                    dc:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:4C:48:27:38:16:58:5E:E4:5D:F2:DB:10:4A:B5:A7:94:28:0B:10
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/QUxIJzgWWF7kXfLbEEq1p5QoCxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:23:6e:c4:4a:25:3d:c7:15:a9:1f:57:ec:af:46:b7:ea:c4:
         ef:d7:ed:a3:c8:6c:fa:13:59:c0:60:40:68:18:3b:e2:21:56:
         9b:92:9a:3c:af:9b:22:e5:f9:9d:32:ee:13:c1:e0:7b:21:2f:
         52:04:4f:a7:27:28:f1:d0:2e:cb:6c:22:d4:d9:14:34:2f:b6:
         9a:92:62:87:49:1d:d0:d2:d0:76:9f:41:48:be:9c:95:02:89:
         09:1a:12:fc:ed:e5:fe:67:39:92:92:ab:a8:a1:7d:4b:d0:94:
         20:0f:89:46:09:c0:5e:57:68:ee:cb:0e:f6:91:ba:83:c7:9f:
         cd:f8:8c:ce:71:4e:f7:5a:f0:47:20:a9:72:12:3d:22:a0:05:
         36:a2:2d:04:4a:ce:ee:33:a3:4e:f3:0f:b0:ac:46:b2:b0:c8:
         65:a2:f2:3f:bb:f3:96:f7:d7:f5:2e:9c:d9:4e:54:50:2c:a1:
         c9:0e:11:40:5c:a9:29:f7:c0:bd:66:99:4c:04:7e:a4:b4:e4:
         6c:43:61:07:a7:29:5f:49:22:15:d4:22:f7:2f:97:cc:48:04:
         ee:ee:96:75:86:cb:34:d9:ef:02:3f:99:30:f4:3d:98:b5:6d:
         8e:c5:7c:34:ca:92:3f:8f:6a:8c:fa:aa:71:65:e8:52:43:9a:
         71:c6:4a:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYojfhSirtB7ORx8K5+GEQZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwODIzMTc0MjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTRjNDgyNzM4MTY1ODVlZTQ1ZGYyZGIxMDRhYjVhNzk0MjgwYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6g6GbcaqXEj4swJDxef1K67fvdS
Bt6KmNqtT7vZLU1t3KrkXt56jF0qUljpnIdtbP9iEw+LxNu0MbBmFgqEkEcn5LCM
bjKc1cKwlh6EcS4AhYbzd2bo7zHKVKq7vWIJW/84iuonAP762RvDWQn8hhmCOzJq
JwV96vquF5qdjHxaZguW2BazcSTw3YcTh+fxaD9/rpO27JNFhGK97YZYplqvWBsz
WVt7wc74YLtCODiznVwlx1aWRlW96NB3gcGRv2JR8/f85GFqm+6EDpwZltU6bCD0
StecJ/H4WkhXn0g+eH7ddYK8SYUFwmzVij7BDv21CT1m64cbqNpmpBbc8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFMSCc4Flhe5F3y2xBKtaeUKAsQMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUVV4SUp6Z1dXRjdrWGZMYkVFcTFwNVFvQ3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjimMA0G
CSqGSIb3DQEBCwUAA4IBAQBcI27ESiU9xxWpH1fsr0a36sTv1+2jyGz6E1nAYEBo
GDviIVabkpo8r5si5fmdMu4TweB7IS9SBE+nJyjx0C7LbCLU2RQ0L7aakmKHSR3Q
0tB2n0FIvpyVAokJGhL87eX+ZzmSkquooX1L0JQgD4lGCcBeV2juyw72kbqDx5/N
+IzOcU73WvBHIKlyEj0ioAU2oi0ESs7uM6NO8w+wrEaysMhlovI/u/OW99f1LpzZ
TlRQLKHJDhFAXKkp98C9ZplMBH6ktORsQ2EHpylfSSIV1CL3L5fMSATu7pZ1hss0
2e8CP5kw9D2YtW2OxXw0ypI/j2qM+qpxZehSQ5pxxkp6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org