Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Q7wkC68LInD6z1C2SIf6vBhRln4.roa
File:                     Q7wkC68LInD6z1C2SIf6vBhRln4.roa (raw, json)
Hash identifier:          Y7bTYtn59qshMfkJa7ajUGNx5+U2eAZfXlAEz+rAydY=
Subject key identifier:   43:BC:24:0B:AF:0B:22:70:FA:CF:50:B6:48:87:FA:BC:18:51:96:7E
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       01856F42D114B576C5877AE9D2419CDA54FF
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Q7wkC68LInD6z1C2SIf6vBhRln4.roa
Signing time:             Sun 01 Jan 2023 21:35:27 +0000
ROA not before:           Sun 01 Jan 2023 21:35:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206477
IP address blocks:        2a0e:8f02:f02e::/48 maxlen: 48
                          2a0e:8f02:f02b::/48 maxlen: 48
                          2a0e:8f02:f02d::/48 maxlen: 48
                          2a0e:8f02:f02c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:d1:14:b5:76:c5:87:7a:e9:d2:41:9c:da:54:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 21:35:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=43bc240baf0b2270facf50b64887fabc1851967e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:a8:ad:84:9b:59:f9:73:81:84:b1:79:97:40:
                    0a:71:75:0a:a6:13:c2:ee:71:13:45:98:01:01:c7:
                    2d:f8:02:7a:e2:18:e4:61:56:a4:dd:79:00:61:7c:
                    32:b4:98:12:49:de:5b:6b:10:a8:b2:19:8f:68:d5:
                    29:99:ba:0e:b6:8e:33:fb:3f:ea:a3:47:2b:97:ee:
                    7e:61:c1:fc:e2:aa:ab:6d:95:26:31:26:dc:3b:ec:
                    4a:fe:7c:c0:d5:0d:5b:34:e5:07:0a:b1:72:24:1a:
                    8a:d7:8d:07:00:5e:f4:3f:78:dc:c2:a7:df:de:66:
                    2c:1d:23:20:98:9e:eb:1b:ee:4f:a5:43:f2:55:94:
                    19:05:3e:01:cd:a4:67:b3:81:a4:8d:e7:f5:27:ea:
                    41:2e:1f:f5:61:af:fe:ce:b2:cf:9a:b7:dc:84:58:
                    10:42:4a:1c:4d:05:6f:da:82:52:78:ee:6e:b9:3d:
                    2e:6c:08:f2:4f:73:45:05:7a:4d:53:2d:68:20:c6:
                    ce:4e:a6:83:f2:cd:54:ce:ca:3c:64:df:3c:ef:dc:
                    b0:a5:42:bd:f1:23:44:62:c5:ef:83:b8:f6:72:cb:
                    eb:3b:55:44:4f:14:4c:05:e5:86:9e:5b:24:ad:ec:
                    2b:45:9c:0f:5e:3e:8f:d2:0e:1f:81:97:9d:76:98:
                    26:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:BC:24:0B:AF:0B:22:70:FA:CF:50:B6:48:87:FA:BC:18:51:96:7E
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Q7wkC68LInD6z1C2SIf6vBhRln4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f02b::-2a0e:8f02:f02e:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         92:b8:c6:a1:92:6a:be:7b:19:a8:99:53:ea:84:92:76:86:12:
         1d:79:05:3b:42:24:15:44:a4:11:fc:ac:8d:d8:fd:5d:41:0b:
         4a:99:fe:39:03:c2:0b:48:74:b9:94:7d:21:50:38:1d:b7:dd:
         65:47:61:4c:ef:b6:ff:f1:8a:1f:13:f8:5e:71:b7:44:70:c3:
         e6:14:66:ac:81:9f:35:5b:f9:d6:bb:ac:c9:27:9d:76:67:02:
         43:e5:e1:b9:d2:45:03:50:e4:c7:02:88:fe:ca:41:6b:81:a5:
         cc:e9:dc:7b:be:3b:a1:22:99:5f:49:b6:fd:fc:40:d4:70:4a:
         5f:12:e7:da:c3:a5:b4:27:de:7e:37:45:69:98:a3:ba:06:85:
         eb:17:3c:19:7b:f0:06:00:4d:0c:07:0f:02:18:61:d7:8a:ad:
         26:66:9c:4c:d1:55:c4:7e:78:8b:a9:8b:87:72:81:a2:03:ca:
         d3:2e:d0:24:e1:c3:82:b6:c2:e8:4a:ab:1a:33:13:ac:e7:61:
         ce:62:ed:67:0d:f5:f6:43:57:c9:13:ae:c2:02:38:0f:e9:4c:
         4e:6b:89:5c:4f:27:24:a5:fd:1d:92:be:e6:f9:68:07:00:00:
         33:02:b6:36:35:e7:99:5d:c0:28:90:b4:ad:f9:a1:47:a1:8e:
         a0:eb:25:dc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvQtEUtXbFh3rp0kGc2lT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JjMjQwYmFmMGIyMjcwZmFjZjUwYjY0ODg3ZmFiYzE4NTE5NjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaithJtZ+XOBhLF5l0AKcXUKphPC
7nETRZgBAcct+AJ64hjkYVak3XkAYXwytJgSSd5baxCoshmPaNUpmboOto4z+z/q
o0crl+5+YcH84qqrbZUmMSbcO+xK/nzA1Q1bNOUHCrFyJBqK140HAF70P3jcwqff
3mYsHSMgmJ7rG+5PpUPyVZQZBT4BzaRns4Gkjef1J+pBLh/1Ya/+zrLPmrfchFgQ
QkocTQVv2oJSeO5uuT0ubAjyT3NFBXpNUy1oIMbOTqaD8s1Uzso8ZN8879ywpUK9
8SNEYsXvg7j2csvrO1VETxRMBeWGnlskrewrRZwPXj6P0g4fgZeddpgmywIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEO8JAuvCyJw+s9QtkiH+rwYUZZ+MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvUTd3a0M2OExJbkQ2ejFDMlNJZjZ2QmhSbG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDo8C
8CsDBwAqDo8C8C4wDQYJKoZIhvcNAQELBQADggEBAJK4xqGSar57GaiZU+qEknaG
Eh15BTtCJBVEpBH8rI3Y/V1BC0qZ/jkDwgtIdLmUfSFQOB233WVHYUzvtv/xih8T
+F5xt0Rww+YUZqyBnzVb+da7rMknnXZnAkPl4bnSRQNQ5McCiP7KQWuBpczp3Hu+
O6EimV9Jtv38QNRwSl8S59rDpbQn3n43RWmYo7oGhesXPBl78AYATQwHDwIYYdeK
rSZmnEzRVcR+eIupi4dygaIDytMu0CThw4K2wuhKqxozE6znYc5i7WcN9fZDV8kT
rsICOA/pTE5riVxPJySl/R2Svub5aAcAADMCtjY155ldwCiQtK35oUehjqDrJdw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org