Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/QegpcqmymT35dFO3aU5WC6sZXdw.roa
File:                     QegpcqmymT35dFO3aU5WC6sZXdw.roa (raw, json)
Hash identifier:          W+AJxANQsbr3FAfaKrt0YphFqpPTPGltfFexbBw+pes=
Subject key identifier:   41:E8:29:72:A9:B2:99:3D:F9:74:53:B7:69:4E:56:0B:AB:19:5D:DC
Certificate issuer:       /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial:       018AB841E68444B7E5EFF954DFD6DF0B96BA
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/QegpcqmymT35dFO3aU5WC6sZXdw.roa
Signing time:             Thu 21 Sep 2023 15:00:41 +0000
ROA not before:           Thu 21 Sep 2023 15:00:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137502
IP address blocks:        213.248.254.0/24 maxlen: 24
                          213.248.255.0/24 maxlen: 24
                          2a01:618:402::/48 maxlen: 48
                          2a01:618:405::/48 maxlen: 48
                          2a01:618:400::/48 maxlen: 48
                          2a01:618:403::/48 maxlen: 48
                          2a01:618:401::/48 maxlen: 48
                          2a01:618:404::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 10:08:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b8:41:e6:84:44:b7:e5:ef:f9:54:df:d6:df:0b:96:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
        Validity
            Not Before: Sep 21 15:00:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=41e82972a9b2993df97453b7694e560bab195ddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:b7:94:b7:0c:b7:38:1c:b6:94:8a:e1:e5:e8:
                    b4:01:11:60:18:d0:cb:dd:0d:1e:04:f4:58:92:b1:
                    f1:d6:8e:0a:03:76:7e:6b:9f:fc:42:b0:ca:bd:da:
                    9a:2a:f6:f2:c0:32:6e:07:4c:73:da:87:3a:b4:ed:
                    2b:d0:99:e0:b4:9b:3e:0e:04:04:57:dd:a0:b3:81:
                    4b:9b:b3:49:22:ce:68:b0:72:ff:15:2b:4a:e0:b1:
                    b0:dd:d9:92:cd:7d:04:6a:f9:75:63:64:9b:e5:43:
                    33:5d:7f:8a:9b:29:42:7c:2a:f3:c7:46:1b:d7:98:
                    c2:67:50:be:78:4e:f7:37:9c:20:9a:e7:30:11:d2:
                    85:fe:b3:e8:45:03:59:df:07:c0:08:c7:1e:72:4a:
                    91:2c:c5:38:81:39:de:0c:2e:a1:76:34:b6:09:21:
                    81:83:85:9b:33:fc:6f:4a:0c:fb:02:f1:3e:d7:92:
                    7f:34:80:e1:b5:f6:47:33:d0:8c:3b:e7:e1:37:51:
                    6a:31:fc:b3:46:f3:db:7d:c3:7f:3b:04:ec:7d:31:
                    44:1f:76:61:d0:fb:98:c5:f1:e9:d7:c4:79:2f:b5:
                    11:95:c9:29:49:d3:79:68:41:da:d3:ea:ae:53:59:
                    91:b4:df:37:ca:ee:a2:f1:94:87:e4:36:54:4c:ac:
                    6e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:E8:29:72:A9:B2:99:3D:F9:74:53:B7:69:4E:56:0B:AB:19:5D:DC
            X509v3 Authority Key Identifier:
                keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/QegpcqmymT35dFO3aU5WC6sZXdw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.248.254.0/23
                IPv6:
                  2a01:618:400::-2a01:618:405:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         92:37:b0:30:b5:0b:2d:5a:03:94:fc:b3:c1:b8:17:15:be:9d:
         59:b9:80:c4:89:d8:d4:e7:0e:68:fd:f3:a9:07:c1:0f:98:cf:
         4c:7a:ce:2d:93:46:80:cd:94:e1:16:ce:87:4f:0e:5c:24:96:
         fe:91:d3:86:2a:89:c4:f6:d4:f9:fd:d4:67:18:d3:f9:d4:ec:
         8a:8b:37:fb:f6:2b:f1:2b:9a:b5:ac:1b:29:b7:2f:e6:e5:43:
         49:b0:5a:f3:cf:ee:40:6a:8d:23:b6:db:51:3c:0f:3e:ea:e5:
         63:40:55:e3:b9:78:31:77:dd:a2:32:ea:d4:7a:7e:98:89:a0:
         38:ac:bc:bd:69:cf:da:e1:e6:20:35:a4:1c:48:b7:0c:5d:c3:
         04:2c:0c:b5:28:1a:fe:5c:4f:10:36:14:59:3d:16:36:08:c6:
         4e:c7:29:f1:55:dd:36:18:d0:7d:bc:67:3c:73:45:45:50:bd:
         12:aa:26:8f:10:9e:72:8c:db:9c:9d:ee:4b:d8:86:59:99:00:
         c5:02:2d:af:c4:13:d0:a8:96:ec:c5:17:fe:31:cb:a4:0e:6f:
         a6:52:53:ab:da:b8:8d:a8:b8:3c:5a:8f:46:0d:63:b9:bf:bb:
         e2:14:62:a9:c1:4f:0f:5b:1a:d8:67:2b:dd:5d:40:ac:59:f1:
         5c:7c:d2:25
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYq4QeaERLfl7/lU39bfC5a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTIxMTUwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU4Mjk3MmE5YjI5OTNkZjk3NDUzYjc2OTRlNTYwYmFiMTk1ZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbeUtwy3OBy2lIrh5ei0ARFgGNDL
3Q0eBPRYkrHx1o4KA3Z+a5/8QrDKvdqaKvbywDJuB0xz2oc6tO0r0JngtJs+DgQE
V92gs4FLm7NJIs5osHL/FStK4LGw3dmSzX0Eavl1Y2Sb5UMzXX+KmylCfCrzx0Yb
15jCZ1C+eE73N5wgmucwEdKF/rPoRQNZ3wfACMceckqRLMU4gTneDC6hdjS2CSGB
g4WbM/xvSgz7AvE+15J/NIDhtfZHM9CMO+fhN1FqMfyzRvPbfcN/OwTsfTFEH3Zh
0PuYxfHp18R5L7URlckpSdN5aEHa0+quU1mRtN83yu6i8ZSH5DZUTKxuRQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEHoKXKpspk9+XRTt2lOVgurGV3cMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvUWVncGNxbXltVDM1ZEZPM2FVNVdDNnNaWGR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQB1fj+MBkE
AgACMBMwEQMGAioBBhgEAwcBKgEGGAQEMA0GCSqGSIb3DQEBCwUAA4IBAQCSN7Aw
tQstWgOU/LPBuBcVvp1ZuYDEidjU5w5o/fOpB8EPmM9Mes4tk0aAzZThFs6HTw5c
JJb+kdOGKonE9tT5/dRnGNP51OyKizf79ivxK5q1rBspty/m5UNJsFrzz+5Aao0j
tttRPA8+6uVjQFXjuXgxd92iMurUen6YiaA4rLy9ac/a4eYgNaQcSLcMXcMELAy1
KBr+XE8QNhRZPRY2CMZOxynxVd02GNB9vGc8c0VFUL0SqiaPEJ5yjNucne5L2IZZ
mQDFAi2vxBPQqJbsxRf+McukDm+mUlOr2riNqLg8Wo9GDWO5v7viFGKpwU8PWxrY
ZyvdXUCsWfFcfNIl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org