Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/QjRq3iSV3MET4Q9fpOw4VNvGMVk.roa
File:                     QjRq3iSV3MET4Q9fpOw4VNvGMVk.roa (raw, json)
Hash identifier:          dF7ASPzFOsNFk/6RUuZMBa6k70wauFtH/mn24x4irkM=
Subject key identifier:   42:34:6A:DE:24:95:DC:C1:13:E1:0F:5F:A4:EC:38:54:DB:C6:31:59
Certificate issuer:       /CN=1efa596a3126ace029c6d70d529257e07b38ba06
Certificate serial:       018756888E3D43779DC51BF99D3DAA8F1D1A
Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/QjRq3iSV3MET4Q9fpOw4VNvGMVk.roa
Signing time:             Thu 06 Apr 2023 12:26:42 +0000
ROA not before:           Thu 06 Apr 2023 12:26:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        128.139.0.0/17 maxlen: 17
                          128.139.128.0/17 maxlen: 17

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:56:88:8e:3d:43:77:9d:c5:1b:f9:9d:3d:aa:8f:1d:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06
        Validity
            Not Before: Apr  6 12:26:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42346ade2495dcc113e10f5fa4ec3854dbc63159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:69:99:0b:2f:d3:f7:13:7d:41:43:17:37:81:
                    78:aa:f0:12:81:e9:56:5a:87:ab:3d:2e:a0:69:76:
                    f1:de:ea:b0:2e:0e:1a:5b:f1:b0:50:0f:91:7b:88:
                    79:88:0b:d0:bb:f4:fe:21:c8:30:3b:90:4a:ce:c2:
                    98:5a:b4:f7:ae:e7:fa:fe:48:58:7e:f3:d2:25:c9:
                    22:ce:cc:0f:e8:1c:ee:d5:81:b6:82:38:6f:11:43:
                    b0:2a:8d:34:20:33:b7:d9:24:2f:f7:5d:7c:ea:65:
                    74:d0:7a:b7:1c:55:73:30:3e:3c:e8:6d:96:a3:bc:
                    cb:c2:fb:2c:e0:f2:57:ca:08:ec:c2:26:92:3f:f6:
                    61:63:d6:2c:4e:01:25:8c:57:a9:a4:27:ea:e1:a2:
                    ff:38:f5:4c:a2:ae:64:dc:d5:47:1e:d6:1d:19:b4:
                    00:6b:a3:59:5e:80:60:bf:25:17:32:13:0c:9c:9c:
                    76:4c:74:58:10:53:4e:0c:fb:f4:f3:03:43:2b:a2:
                    9f:86:02:9c:fe:4e:25:22:93:7d:f3:c9:b7:e1:42:
                    c4:de:48:e5:0b:6d:2f:29:41:a4:8b:75:6b:a4:68:
                    51:a2:9d:39:6a:ce:5e:03:5b:20:f2:5f:d2:31:27:
                    34:1e:44:c9:6d:1f:b3:72:ab:d1:0a:56:57:ba:b2:
                    e5:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:34:6A:DE:24:95:DC:C1:13:E1:0F:5F:A4:EC:38:54:DB:C6:31:59
            X509v3 Authority Key Identifier:
                keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/QjRq3iSV3MET4Q9fpOw4VNvGMVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.139.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6a:5c:ce:91:fa:f0:35:ca:b1:16:1b:4f:c7:b1:41:14:8f:a0:
         00:36:67:1c:94:c1:08:2f:f7:1b:bd:9d:16:4f:4e:3c:5f:f9:
         76:50:cb:7d:c2:1b:a3:27:20:e7:9e:d1:d1:a4:82:21:03:14:
         30:aa:d2:a9:4d:11:95:54:65:18:b5:25:4b:3b:9a:80:a5:2e:
         67:ac:ea:b3:79:d8:a3:61:b9:ff:64:ce:76:29:2c:a4:f7:b0:
         78:de:b1:7f:b3:f1:fc:3a:e5:2d:b2:eb:a1:8f:63:6f:ba:5a:
         21:35:c8:f6:05:5f:15:e7:b0:76:ed:52:47:16:f2:9a:d0:e5:
         2d:65:bf:b1:03:1e:4d:55:f7:b0:5d:fa:77:f8:f5:c1:cd:6b:
         32:7f:d7:07:74:aa:b3:9f:d6:4b:ea:7a:90:35:39:4b:e9:72:
         af:92:82:d8:49:df:ef:36:8a:fd:be:9d:9e:89:68:72:fb:e9:
         0d:c2:13:45:df:ff:b0:e7:7c:57:0b:aa:75:00:0c:cf:4b:06:
         4f:da:c6:b1:fe:96:bc:a0:57:e1:6c:96:57:85:91:6f:01:bf:
         52:d4:97:de:2a:20:26:4a:39:7f:ee:79:91:cc:8a:8b:9f:c0:
         c0:5d:e7:48:3b:c9:6f:ec:38:76:bd:66:70:7c:12:20:74:d4:
         79:6e:b2:46
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdWiI49Q3edxRv5nT2qjx0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz
OGJhMDYwHhcNMjMwNDA2MTIyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjM0NmFkZTI0OTVkY2MxMTNlMTBmNWZhNGVjMzg1NGRiYzYzMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWmZCy/T9xN9QUMXN4F4qvASgelW
WoerPS6gaXbx3uqwLg4aW/GwUA+Re4h5iAvQu/T+IcgwO5BKzsKYWrT3ruf6/khY
fvPSJckizswP6Bzu1YG2gjhvEUOwKo00IDO32SQv91186mV00Hq3HFVzMD486G2W
o7zLwvss4PJXygjswiaSP/ZhY9YsTgEljFeppCfq4aL/OPVMoq5k3NVHHtYdGbQA
a6NZXoBgvyUXMhMMnJx2THRYEFNODPv08wNDK6KfhgKc/k4lIpN988m34ULE3kjl
C20vKUGki3VrpGhRop05as5eA1sg8l/SMSc0HkTJbR+zcqvRClZXurLljwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEI0at4kldzBE+EPX6TsOFTbxjFZMB8GA1UdIwQY
MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt
OWQwYzYyMDczNWYxLzEvUWpScTNpU1YzTUVUNFE5ZnBPdzRWTnZHTVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx
LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAgIswDQYJ
KoZIhvcNAQELBQADggEBAGpczpH68DXKsRYbT8exQRSPoAA2ZxyUwQgv9xu9nRZP
Tjxf+XZQy33CG6MnIOee0dGkgiEDFDCq0qlNEZVUZRi1JUs7moClLmes6rN52KNh
uf9kznYpLKT3sHjesX+z8fw65S2y66GPY2+6WiE1yPYFXxXnsHbtUkcW8prQ5S1l
v7EDHk1V97Bd+nf49cHNazJ/1wd0qrOf1kvqepA1OUvpcq+SgthJ3+82iv2+nZ6J
aHL76Q3CE0Xf/7DnfFcLqnUADM9LBk/axrH+lrygV+FslleFkW8Bv1LUl94qICZK
OX/ueZHMioufwMBd50g7yW/sOHa9ZnB8EiB01HluskY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:31 2024 by rpki-client on console-fra.rpki-client.org