Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/cf36e2-bc7f-425d-a821-4016f6b445a0/1/Qw8bjn4_UUf-4QXiiVOEZDkzBb0.roa
File:                     Qw8bjn4_UUf-4QXiiVOEZDkzBb0.roa (raw, json)
Hash identifier:          2ReV7ON58Zk/NnzzqiAsETcbl73fNiBYPQ3v1k8dLjw=
Subject key identifier:   43:0F:1B:8E:7E:3F:51:47:FE:E1:05:E2:89:53:84:64:39:33:05:BD
Certificate issuer:       /CN=fd0576f863df7e321b1ca5050ce2c2dd2fcadb09
Certificate serial:       0185707999769D9685DF19561B28BCF5720D
Authority key identifier: FD:05:76:F8:63:DF:7E:32:1B:1C:A5:05:0C:E2:C2:DD:2F:CA:DB:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_QV2-GPffjIbHKUFDOLC3S_K2wk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/cf36e2-bc7f-425d-a821-4016f6b445a0/1/Qw8bjn4_UUf-4QXiiVOEZDkzBb0.roa
Signing time:             Mon 02 Jan 2023 03:14:55 +0000
ROA not before:           Mon 02 Jan 2023 03:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12808
IP address blocks:        193.242.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:99:76:9d:96:85:df:19:56:1b:28:bc:f5:72:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd0576f863df7e321b1ca5050ce2c2dd2fcadb09
        Validity
            Not Before: Jan  2 03:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=430f1b8e7e3f5147fee105e289538464393305bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:69:36:70:7e:bb:48:04:f0:cc:98:8f:df:8d:
                    6f:a9:ce:05:66:0d:c5:82:e8:60:af:34:da:ef:15:
                    e0:ef:32:ae:ae:67:dc:fc:d2:c2:61:55:46:c3:31:
                    11:fa:fe:23:83:88:70:8c:5d:dc:2e:b3:56:ad:b3:
                    00:9f:9d:a1:47:18:6a:8e:e8:34:9a:c4:d1:f1:10:
                    d3:d4:45:1d:f3:40:e3:ef:29:cd:ee:43:6e:1a:38:
                    05:df:14:37:12:88:fd:ef:cb:91:4a:0b:ef:32:59:
                    3a:dc:f1:58:25:26:4e:70:cd:ff:4a:f2:06:8d:19:
                    bc:11:7f:d8:a0:66:31:02:5f:7e:92:0d:ea:65:ea:
                    72:80:68:08:d4:7b:97:21:67:b3:96:28:22:e6:f6:
                    27:2a:64:c4:36:28:ee:2c:88:4f:f4:ff:f1:29:dd:
                    2b:eb:0f:a7:4b:f9:a3:65:d8:cb:e9:01:44:a2:de:
                    40:14:48:db:0d:0b:bb:11:03:1e:1e:c8:a0:9b:6f:
                    99:68:40:e1:d7:57:e8:09:1a:69:bc:d2:8a:6c:a2:
                    e9:0f:42:37:e8:e6:17:d0:35:5f:8b:89:1d:ee:f8:
                    82:90:1e:29:12:c8:cc:4a:c1:1c:3e:1a:54:53:e4:
                    2d:10:1e:c0:98:fa:d1:b6:60:57:35:7d:97:e9:00:
                    50:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:0F:1B:8E:7E:3F:51:47:FE:E1:05:E2:89:53:84:64:39:33:05:BD
            X509v3 Authority Key Identifier:
                keyid:FD:05:76:F8:63:DF:7E:32:1B:1C:A5:05:0C:E2:C2:DD:2F:CA:DB:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_QV2-GPffjIbHKUFDOLC3S_K2wk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/cf36e2-bc7f-425d-a821-4016f6b445a0/1/Qw8bjn4_UUf-4QXiiVOEZDkzBb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/cf36e2-bc7f-425d-a821-4016f6b445a0/1/_QV2-GPffjIbHKUFDOLC3S_K2wk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.242.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:30:15:f3:8f:c2:1c:01:32:8e:f1:b5:40:ab:dd:31:c3:9f:
         16:98:02:54:70:fd:ec:e5:a8:68:8f:8a:f8:3d:88:ef:e1:9b:
         eb:31:59:e5:2a:ec:c6:03:97:7a:0b:43:e3:21:39:eb:54:f5:
         2a:64:6e:ce:ed:44:ee:4f:ec:48:47:c5:bb:3e:f1:65:36:8b:
         96:df:54:6b:4c:ea:99:63:80:4e:16:38:99:87:ef:d9:97:7c:
         c2:20:ee:ff:c0:9b:80:b2:e3:80:c8:a0:eb:86:d1:f0:e5:29:
         dc:f4:cc:93:f1:84:ec:a3:b1:41:f9:8d:cc:41:5b:98:13:a9:
         20:3e:d1:79:72:b0:3b:10:10:3b:96:9c:aa:54:56:8a:1c:6d:
         29:f1:13:47:25:68:1f:5b:6a:08:e7:9e:16:0c:e8:2f:1b:a0:
         f3:94:50:55:f6:80:7a:2d:85:ca:72:15:c8:63:7a:91:a6:49:
         71:c2:47:88:86:02:e9:6f:4c:67:16:ec:23:e4:30:8c:b4:2d:
         b0:ff:6b:cb:88:d5:3d:3f:51:6e:d6:08:95:6f:6b:4a:66:57:
         a4:b2:c3:27:63:32:8b:9c:95:48:69:d3:fb:d7:89:d8:79:76:
         d2:32:c6:20:4d:d6:f5:44:bf:bf:00:33:df:19:b0:38:21:9b:
         f7:f0:3e:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweZl2nZaF3xlWGyi89XINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMDU3NmY4NjNkZjdlMzIxYjFjYTUwNTBjZTJjMmRkMmZj
YWRiMDkwHhcNMjMwMTAyMDMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzBmMWI4ZTdlM2Y1MTQ3ZmVlMTA1ZTI4OTUzODQ2NDM5MzMwNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2k2cH67SATwzJiP341vqc4FZg3F
guhgrzTa7xXg7zKurmfc/NLCYVVGwzER+v4jg4hwjF3cLrNWrbMAn52hRxhqjug0
msTR8RDT1EUd80Dj7ynN7kNuGjgF3xQ3Eoj978uRSgvvMlk63PFYJSZOcM3/SvIG
jRm8EX/YoGYxAl9+kg3qZepygGgI1HuXIWezligi5vYnKmTENijuLIhP9P/xKd0r
6w+nS/mjZdjL6QFEot5AFEjbDQu7EQMeHsigm2+ZaEDh11foCRppvNKKbKLpD0I3
6OYX0DVfi4kd7viCkB4pEsjMSsEcPhpUU+QtEB7AmPrRtmBXNX2X6QBQzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMPG45+P1FH/uEF4olThGQ5MwW9MB8GA1UdIwQY
MBaAFP0Fdvhj334yGxylBQziwt0vytsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1FWMi1HUGZmakliSEtVRkRPTEMzU19LMndrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jZjM2ZTItYmM3Zi00MjVkLWE4MjEt
NDAxNmY2YjQ0NWEwLzEvUXc4YmpuNF9VVWYtNFFYaWlWT0VaRGt6QmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jZjM2ZTItYmM3Zi00MjVkLWE4MjEtNDAxNmY2YjQ0NWEw
LzEvX1FWMi1HUGZmakliSEtVRkRPTEMzU19LMndrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfJ7MA0G
CSqGSIb3DQEBCwUAA4IBAQARMBXzj8IcATKO8bVAq90xw58WmAJUcP3s5ahoj4r4
PYjv4ZvrMVnlKuzGA5d6C0PjITnrVPUqZG7O7UTuT+xIR8W7PvFlNouW31RrTOqZ
Y4BOFjiZh+/Zl3zCIO7/wJuAsuOAyKDrhtHw5Snc9MyT8YTso7FB+Y3MQVuYE6kg
PtF5crA7EBA7lpyqVFaKHG0p8RNHJWgfW2oI554WDOgvG6DzlFBV9oB6LYXKchXI
Y3qRpklxwkeIhgLpb0xnFuwj5DCMtC2w/2vLiNU9P1Fu1giVb2tKZlekssMnYzKL
nJVIadP714nYeXbSMsYgTdb1RL+/ADPfGbA4IZv38D4y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:17 2024 by rpki-client on console-ams.rpki-client.org