Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/481269-dbdb-425e-9642-e1ea41c9a2e6/1/C3QU_Yh7j5HDU2H-wxKe5N0_KYc.roa
File:                     C3QU_Yh7j5HDU2H-wxKe5N0_KYc.roa (raw, json)
Hash identifier:          yVGSXDjI/WwGZpk+pDdLh7VB1Qn9LnwKt6xEyjO9aYQ=
Subject key identifier:   0B:74:14:FD:88:7B:8F:91:C3:53:61:FE:C3:12:9E:E4:DD:3F:29:87
Certificate issuer:       /CN=9ce94757ac3f70b40f369307d365ebc9657bab69
Certificate serial:       01856F42E364938D9F6ED36764F83640B7DF
Authority key identifier: 9C:E9:47:57:AC:3F:70:B4:0F:36:93:07:D3:65:EB:C9:65:7B:AB:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nOlHV6w_cLQPNpMH02XryWV7q2k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/481269-dbdb-425e-9642-e1ea41c9a2e6/1/C3QU_Yh7j5HDU2H-wxKe5N0_KYc.roa
Signing time:             Sun 01 Jan 2023 21:35:32 +0000
ROA not before:           Sun 01 Jan 2023 21:35:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34572
IP address blocks:        156.28.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:e3:64:93:8d:9f:6e:d3:67:64:f8:36:40:b7:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ce94757ac3f70b40f369307d365ebc9657bab69
        Validity
            Not Before: Jan  1 21:35:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0b7414fd887b8f91c35361fec3129ee4dd3f2987
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:4b:69:eb:56:0b:61:5b:95:54:49:c6:ae:56:
                    63:c6:f6:cf:f5:7a:d5:da:66:ad:5e:d9:a5:07:09:
                    07:21:17:92:38:6a:9b:3c:28:05:c8:dd:8c:6d:4f:
                    2b:08:20:8d:06:0a:20:49:73:5a:97:19:45:b9:25:
                    70:a1:00:a7:7d:a3:29:da:45:e3:38:d8:ed:95:d1:
                    55:56:9c:c6:1f:99:02:3e:da:c2:aa:30:57:c5:5b:
                    41:ef:fb:b0:6d:aa:8e:8b:06:97:b2:4e:46:a7:47:
                    9b:5b:e4:82:21:90:7c:62:fc:95:17:45:75:66:df:
                    45:1d:a9:d5:3c:7c:13:83:2a:97:27:0c:98:6e:14:
                    83:fb:6d:91:c1:d5:2f:40:c1:a7:4c:b2:7e:40:1d:
                    35:b2:6e:f3:6c:45:22:68:bf:b1:fc:75:f1:ad:11:
                    ec:28:c9:8e:bb:d3:ff:ee:52:1d:33:09:0e:a2:d3:
                    21:4f:57:06:70:19:6b:b3:b0:d5:32:f6:7a:0b:88:
                    ec:d6:2a:30:96:4c:86:2f:86:bb:5f:1f:23:6e:22:
                    73:12:ee:31:d5:8c:67:00:c4:e1:95:73:9c:a1:4a:
                    f8:a9:f6:40:35:91:06:33:ab:09:dc:84:4a:92:72:
                    35:b0:c8:e3:96:84:53:37:9f:7e:d5:4a:18:76:ac:
                    e8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:74:14:FD:88:7B:8F:91:C3:53:61:FE:C3:12:9E:E4:DD:3F:29:87
            X509v3 Authority Key Identifier:
                keyid:9C:E9:47:57:AC:3F:70:B4:0F:36:93:07:D3:65:EB:C9:65:7B:AB:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOlHV6w_cLQPNpMH02XryWV7q2k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/481269-dbdb-425e-9642-e1ea41c9a2e6/1/C3QU_Yh7j5HDU2H-wxKe5N0_KYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/481269-dbdb-425e-9642-e1ea41c9a2e6/1/nOlHV6w_cLQPNpMH02XryWV7q2k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.28.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c8:91:11:57:74:30:c0:7f:c9:cc:3c:28:f6:31:90:1c:4d:c2:
         d0:a3:dd:19:db:63:f2:bf:7c:04:3f:ff:a4:bb:f5:57:1e:bb:
         86:88:8e:d3:6b:eb:8d:f7:69:b3:89:01:34:9e:57:f4:5f:77:
         03:9d:f4:7d:47:02:c5:1e:8d:43:95:c0:44:d6:8f:4d:98:01:
         d7:4f:1c:cb:b9:e6:a9:a5:4d:f2:91:67:fe:7c:ac:cd:6f:af:
         ea:b1:31:c1:3b:f0:60:15:ac:44:89:15:cf:47:20:b1:4e:bd:
         af:a8:22:49:a2:27:23:91:67:9b:1b:3e:9c:c1:9a:f8:db:e1:
         3e:8d:29:7e:95:65:09:ca:0a:e6:c8:da:db:31:39:69:75:2d:
         63:61:ce:4c:af:09:0d:3c:8c:e2:24:2d:da:d0:81:35:ac:1f:
         2e:c2:f0:78:9f:e0:ef:68:2a:d6:e0:6c:1b:4f:2f:7f:44:58:
         25:a6:fd:da:75:96:b3:5a:92:e5:f8:2a:25:7e:01:b3:0d:f1:
         52:00:1f:4a:f4:9f:91:27:0f:5b:46:7b:f3:b5:25:50:47:3e:
         7f:5a:e5:c2:a6:ba:25:0a:09:68:85:6b:b8:d0:2a:07:43:8b:
         61:ae:95:16:67:2e:63:f3:ac:86:e0:fc:26:48:3f:93:14:96:
         bb:4a:78:43
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVvQuNkk42fbtNnZPg2QLffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZTk0NzU3YWMzZjcwYjQwZjM2OTMwN2QzNjVlYmM5NjU3
YmFiNjkwHhcNMjMwMTAxMjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjc0MTRmZDg4N2I4ZjkxYzM1MzYxZmVjMzEyOWVlNGRkM2YyOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEtp61YLYVuVVEnGrlZjxvbP9XrV
2matXtmlBwkHIReSOGqbPCgFyN2MbU8rCCCNBgogSXNalxlFuSVwoQCnfaMp2kXj
ONjtldFVVpzGH5kCPtrCqjBXxVtB7/uwbaqOiwaXsk5Gp0ebW+SCIZB8YvyVF0V1
Zt9FHanVPHwTgyqXJwyYbhSD+22RwdUvQMGnTLJ+QB01sm7zbEUiaL+x/HXxrRHs
KMmOu9P/7lIdMwkOotMhT1cGcBlrs7DVMvZ6C4js1iowlkyGL4a7Xx8jbiJzEu4x
1YxnAMThlXOcoUr4qfZANZEGM6sJ3IRKknI1sMjjloRTN59+1UoYdqzoqQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFAt0FP2Ie4+Rw1Nh/sMSnuTdPymHMB8GA1UdIwQY
MBaAFJzpR1esP3C0DzaTB9Nl68lle6tpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk9sSFY2d19jTFFQTnBNSDAyWHJ5V1Y3cTJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80ODEyNjktZGJkYi00MjVlLTk2NDIt
ZTFlYTQxYzlhMmU2LzEvQzNRVV9ZaDdqNUhEVTJILXd4S2U1TjBfS1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80ODEyNjktZGJkYi00MjVlLTk2NDItZTFlYTQxYzlhMmU2
LzEvbk9sSFY2d19jTFFQTnBNSDAyWHJ5V1Y3cTJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnBwwDQYJ
KoZIhvcNAQELBQADggEBAMiREVd0MMB/ycw8KPYxkBxNwtCj3RnbY/K/fAQ//6S7
9Vceu4aIjtNr6433abOJATSeV/RfdwOd9H1HAsUejUOVwETWj02YAddPHMu55qml
TfKRZ/58rM1vr+qxMcE78GAVrESJFc9HILFOva+oIkmiJyORZ5sbPpzBmvjb4T6N
KX6VZQnKCubI2tsxOWl1LWNhzkyvCQ08jOIkLdrQgTWsHy7C8Hif4O9oKtbgbBtP
L39EWCWm/dp1lrNakuX4KiV+AbMN8VIAH0r0n5EnD1tGe/O1JVBHPn9a5cKmuiUK
CWiFa7jQKgdDi2GulRZnLmPzrIbg/CZIP5MUlrtKeEM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:40 2024 by rpki-client on console-fra.rpki-client.org