Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/qJ_SSIZfvXy1jdWAhwJDS1HG5yA.roa
File:                     qJ_SSIZfvXy1jdWAhwJDS1HG5yA.roa (raw, json)
Hash identifier:          F7vPez9DRBtd64oUxUsmPTONSK4QHlv0jcUshzIEcpI=
Subject key identifier:   A8:9F:D2:48:86:5F:BD:7C:B5:8D:D5:80:87:02:43:4B:51:C6:E7:20
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       0185E4417A384AC527C02EFB315C627E2190
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/qJ_SSIZfvXy1jdWAhwJDS1HG5yA.roa
Signing time:             Tue 24 Jan 2023 14:49:34 +0000
ROA not before:           Tue 24 Jan 2023 14:49:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200195
IP address blocks:        45.150.66.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 19:45:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:41:7a:38:4a:c5:27:c0:2e:fb:31:5c:62:7e:21:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jan 24 14:49:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a89fd248865fbd7cb58dd5808702434b51c6e720
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:bc:00:ae:38:c5:54:62:e9:7e:10:19:0d:15:
                    88:72:c4:3b:00:d2:58:37:1a:a6:42:9f:b1:2b:00:
                    2f:4f:46:27:5e:fa:9e:8a:db:ac:c9:8a:fb:8b:b7:
                    bc:c6:22:4d:03:86:8c:03:2b:04:1c:de:b1:ed:df:
                    90:55:36:67:5e:db:ce:84:dc:4d:8b:9f:c9:ea:31:
                    26:ba:64:80:80:0c:10:c5:c8:8c:13:0d:85:6c:14:
                    4d:b6:b2:96:6a:0c:9d:55:9b:40:4e:22:29:a1:b2:
                    46:0b:fc:db:5d:f7:a3:86:04:b1:4c:fd:7f:8e:0f:
                    1e:4d:0b:42:b9:a1:2b:96:fa:99:b0:f6:5f:11:4c:
                    6a:ea:c9:e3:05:2a:79:4c:8d:3f:5c:77:1b:f3:8e:
                    de:da:6b:cc:d0:25:20:dd:51:4e:b9:cb:ec:b8:3e:
                    ad:99:09:f8:72:3f:8f:53:c6:52:00:dd:b5:94:08:
                    71:14:c4:56:f7:7a:f6:c2:38:6b:61:49:29:34:ab:
                    b2:23:e7:41:b4:ef:57:f3:1e:29:87:08:1c:d9:2e:
                    9b:89:1e:e3:41:e8:35:b4:96:7c:66:2a:06:1d:7e:
                    19:f6:ab:c3:f7:83:67:ed:41:dd:31:18:a7:c3:f2:
                    4c:f3:1c:0c:31:f9:a3:56:0d:de:7b:c7:d5:4e:8f:
                    18:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:9F:D2:48:86:5F:BD:7C:B5:8D:D5:80:87:02:43:4B:51:C6:E7:20
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/qJ_SSIZfvXy1jdWAhwJDS1HG5yA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:24:fe:c0:24:a8:4b:7b:ab:88:a5:72:ce:f2:a3:30:1e:64:
         bc:70:67:c7:11:da:56:1f:fa:9d:b4:34:83:04:02:86:4c:55:
         1b:76:d1:f0:3f:61:dc:65:38:84:40:49:d3:ab:d3:15:1c:a0:
         90:65:ca:2c:41:0f:1b:b2:9a:98:3e:fd:88:9b:05:b2:ce:58:
         4f:f8:86:58:e0:dd:dd:29:d1:0b:91:03:e2:14:9e:50:6f:3d:
         25:65:18:72:37:0c:5a:da:78:11:c9:7e:bc:3d:01:34:a1:9d:
         d1:c2:07:63:c9:83:b0:41:36:68:20:8d:e4:60:e8:79:66:0a:
         66:37:c6:b6:96:6e:d7:33:a3:9b:4a:5f:2b:d0:8f:b3:54:ba:
         75:9e:4c:42:a4:4e:d0:18:7e:5d:15:fa:22:86:fb:3b:e7:f5:
         db:ba:2b:0f:a3:d9:0c:04:61:12:6c:57:fb:18:6c:1c:6d:54:
         88:f6:0c:f6:1e:c7:8b:35:4f:6e:93:e8:d3:b0:81:70:df:25:
         b4:2a:aa:67:55:66:cc:80:16:31:ee:c1:24:59:57:67:d0:c5:
         dd:3b:ba:dd:6b:6f:bc:fe:65:10:cf:92:6b:6a:47:9e:15:04:
         27:64:f4:67:b2:b7:32:b0:86:fb:9c:00:91:fc:e3:26:5c:cf:
         47:56:5f:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXkQXo4SsUnwC77MVxifiGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMTI0MTQ0OTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODlmZDI0ODg2NWZiZDdjYjU4ZGQ1ODA4NzAyNDM0YjUxYzZlNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7wArjjFVGLpfhAZDRWIcsQ7ANJY
NxqmQp+xKwAvT0YnXvqeitusyYr7i7e8xiJNA4aMAysEHN6x7d+QVTZnXtvOhNxN
i5/J6jEmumSAgAwQxciMEw2FbBRNtrKWagydVZtATiIpobJGC/zbXfejhgSxTP1/
jg8eTQtCuaErlvqZsPZfEUxq6snjBSp5TI0/XHcb847e2mvM0CUg3VFOucvsuD6t
mQn4cj+PU8ZSAN21lAhxFMRW93r2wjhrYUkpNKuyI+dBtO9X8x4phwgc2S6biR7j
Qeg1tJZ8ZioGHX4Z9qvD94Nn7UHdMRinw/JM8xwMMfmjVg3ee8fVTo8YTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKif0kiGX718tY3VgIcCQ0tRxucgMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvcUpfU1NJWmZ2WHkxamRXQWh3SkRTMUhHNXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZZCMA0G
CSqGSIb3DQEBCwUAA4IBAQCLJP7AJKhLe6uIpXLO8qMwHmS8cGfHEdpWH/qdtDSD
BAKGTFUbdtHwP2HcZTiEQEnTq9MVHKCQZcosQQ8bspqYPv2ImwWyzlhP+IZY4N3d
KdELkQPiFJ5Qbz0lZRhyNwxa2ngRyX68PQE0oZ3RwgdjyYOwQTZoII3kYOh5Zgpm
N8a2lm7XM6ObSl8r0I+zVLp1nkxCpE7QGH5dFfoihvs75/XbuisPo9kMBGESbFf7
GGwcbVSI9gz2HseLNU9uk+jTsIFw3yW0KqpnVWbMgBYx7sEkWVdn0MXdO7rda2+8
/mUQz5JrakeeFQQnZPRnsrcysIb7nACR/OMmXM9HVl9r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:38 2024 by rpki-client on console-fra.rpki-client.org