Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/rqdg8D9KQ67dkslWYV_lcTHobwY.roa
File:                     rqdg8D9KQ67dkslWYV_lcTHobwY.roa (raw, json)
Hash identifier:          6K07sGgBOVwhjIHQAwl//9zo3heDEWUE31pueugaFM4=
Subject key identifier:   AE:A7:60:F0:3F:4A:43:AE:DD:92:C9:56:61:5F:E5:71:31:E8:6F:06
Certificate issuer:       /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial:       018ACBCFF22090318226425A840B6CE4D923
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/rqdg8D9KQ67dkslWYV_lcTHobwY.roa
Signing time:             Mon 25 Sep 2023 10:08:37 +0000
ROA not before:           Mon 25 Sep 2023 10:08:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137502
IP address blocks:        213.248.254.0/24 maxlen: 24
                          213.248.255.0/24 maxlen: 24
                          2a01:618:402::/48 maxlen: 48
                          2a01:618:405::/48 maxlen: 48
                          2a01:618:400::/48 maxlen: 48
                          2a01:618:403::/48 maxlen: 48
                          2a01:618:406::/48 maxlen: 48
                          2a01:618:401::/48 maxlen: 48
                          2a01:618:404::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 11:09:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:cb:cf:f2:20:90:31:82:26:42:5a:84:0b:6c:e4:d9:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
        Validity
            Not Before: Sep 25 10:08:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aea760f03f4a43aedd92c956615fe57131e86f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:55:ea:85:25:c4:58:f3:d7:06:3d:e2:0c:6e:
                    4d:dd:3d:29:48:a0:08:6a:41:77:28:78:0f:59:98:
                    a2:62:63:90:7f:f1:7f:8f:a6:c3:5d:84:8e:1d:cb:
                    79:30:0d:0f:44:9b:c5:df:78:4b:1f:7d:c3:70:5d:
                    bf:44:b4:9d:20:2e:3e:d1:90:c0:57:e3:1d:3d:8f:
                    cc:a0:fc:cc:5b:1b:61:77:63:6f:f9:04:65:fd:03:
                    64:b8:19:d6:e4:56:2a:7c:75:b0:19:44:49:be:95:
                    2a:7d:b7:fc:a1:54:60:c3:70:77:51:4c:bc:82:9d:
                    10:a4:ae:58:dd:b4:b7:79:c6:af:32:8c:ad:80:72:
                    90:5a:11:78:f2:c6:ef:25:8d:ab:d6:a6:b0:98:81:
                    01:1d:ee:f6:48:f5:33:a7:4b:d3:eb:02:dc:55:52:
                    4f:64:1b:98:e4:0f:a4:c7:2c:1a:72:d7:e4:27:8e:
                    39:86:d2:1f:35:41:2b:09:66:b8:70:45:a5:48:76:
                    f7:30:a5:ca:28:5f:08:12:e1:01:17:1d:9b:95:d4:
                    bc:02:48:10:bd:ee:f9:6f:a2:ce:53:ae:26:01:1d:
                    60:2b:18:cf:d4:96:db:b1:b8:a8:df:e8:bb:d1:56:
                    12:88:e7:dc:eb:3a:61:00:1c:62:1e:e3:f7:0d:a0:
                    5d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:A7:60:F0:3F:4A:43:AE:DD:92:C9:56:61:5F:E5:71:31:E8:6F:06
            X509v3 Authority Key Identifier:
                keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/rqdg8D9KQ67dkslWYV_lcTHobwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.248.254.0/23
                IPv6:
                  2a01:618:400::-2a01:618:406:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         6f:02:bf:bf:49:b9:ea:51:3e:ba:32:1b:c6:38:9b:59:b0:00:
         87:64:d7:27:2f:e2:df:9b:2e:40:dc:06:a8:d6:90:91:6d:ac:
         ce:12:5f:c5:8d:31:5e:9d:f3:fe:ab:54:ab:c3:08:89:f3:96:
         85:48:9c:11:67:ff:48:de:8a:41:70:f7:a1:a4:4e:27:7c:db:
         7d:c7:10:fa:67:04:d6:99:02:57:97:da:64:f9:05:26:f1:ea:
         f6:66:46:ca:b0:6f:88:53:d2:66:04:eb:c7:27:24:d6:fd:a1:
         17:6a:2f:f0:eb:b5:73:9d:5e:08:e5:39:d8:8a:69:35:5e:6e:
         c1:da:c5:2c:84:bf:4b:88:72:36:ac:08:aa:ee:ed:0c:9e:4b:
         f1:eb:66:5d:66:00:61:60:cc:4f:69:90:54:a5:db:d6:70:ea:
         eb:24:f5:fd:cb:25:5d:bb:cb:63:c4:a2:a3:c7:c8:a9:4d:9e:
         9b:7c:c5:17:38:6c:1a:e0:6d:ab:28:4a:4f:4c:e0:d0:96:c1:
         5d:e5:80:18:56:9c:e7:a5:8f:72:6c:e2:b8:fb:9b:8f:78:ec:
         27:62:5f:a2:6a:13:ed:f1:67:9a:dd:0c:0e:52:2d:01:b7:7e:
         06:4a:00:88:e9:62:5d:37:1e:b9:80:fc:42:d4:e2:36:e3:f0:
         b6:74:33:92
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYrLz/IgkDGCJkJahAts5NkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTI1MTAwODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWE3NjBmMDNmNGE0M2FlZGQ5MmM5NTY2MTVmZTU3MTMxZTg2ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlXqhSXEWPPXBj3iDG5N3T0pSKAI
akF3KHgPWZiiYmOQf/F/j6bDXYSOHct5MA0PRJvF33hLH33DcF2/RLSdIC4+0ZDA
V+MdPY/MoPzMWxthd2Nv+QRl/QNkuBnW5FYqfHWwGURJvpUqfbf8oVRgw3B3UUy8
gp0QpK5Y3bS3ecavMoytgHKQWhF48sbvJY2r1qawmIEBHe72SPUzp0vT6wLcVVJP
ZBuY5A+kxywactfkJ445htIfNUErCWa4cEWlSHb3MKXKKF8IEuEBFx2bldS8AkgQ
ve75b6LOU64mAR1gKxjP1Jbbsbio3+i70VYSiOfc6zphABxiHuP3DaBdiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK6nYPA/SkOu3ZLJVmFf5XEx6G8GMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvcnFkZzhEOUtRNjdka3NsV1lWX2xjVEhvYndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQB1fj+MBkE
AgACMBMwEQMGAioBBhgEAwcAKgEGGAQGMA0GCSqGSIb3DQEBCwUAA4IBAQBvAr+/
SbnqUT66MhvGOJtZsACHZNcnL+Lfmy5A3Aao1pCRbazOEl/FjTFenfP+q1SrwwiJ
85aFSJwRZ/9I3opBcPehpE4nfNt9xxD6ZwTWmQJXl9pk+QUm8er2ZkbKsG+IU9Jm
BOvHJyTW/aEXai/w67VznV4I5TnYimk1Xm7B2sUshL9LiHI2rAiq7u0Mnkvx62Zd
ZgBhYMxPaZBUpdvWcOrrJPX9yyVdu8tjxKKjx8ipTZ6bfMUXOGwa4G2rKEpPTODQ
lsFd5YAYVpznpY9ybOK4+5uPeOwnYl+iahPt8Wea3QwOUi0Bt34GSgCI6WJdNx65
gPxC1OI24/C2dDOS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org