Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_QGjHIalhLRchOKjEA4ne79kiWc.roa
File:                     _QGjHIalhLRchOKjEA4ne79kiWc.roa (raw, json)
Hash identifier:          2EjOjbnQbaQLTnw8fxPqtm06Tz3yhW1giT5gA7Nnlu0=
Subject key identifier:   FD:01:A3:1C:86:A5:84:B4:5C:84:E2:A3:10:0E:27:7B:BF:64:89:67
Certificate issuer:       /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial:       01856F42ACE3E3B9DC74A7160DA70E06DFF4
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_QGjHIalhLRchOKjEA4ne79kiWc.roa
Signing time:             Sun 01 Jan 2023 21:35:18 +0000
ROA not before:           Sun 01 Jan 2023 21:35:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197726
IP address blocks:        212.86.111.0/24 maxlen: 24
                          212.86.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:ac:e3:e3:b9:dc:74:a7:16:0d:a7:0e:06:df:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
        Validity
            Not Before: Jan  1 21:35:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd01a31c86a584b45c84e2a3100e277bbf648967
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c7:6e:54:3a:45:8b:34:56:f9:6d:e7:bc:41:
                    e7:9d:7b:22:f2:4c:4b:ea:8c:4e:cc:0d:33:c4:4b:
                    db:d9:e3:b6:c7:c8:2c:d9:e8:f5:33:75:9e:81:c0:
                    ad:9a:70:f9:86:69:c6:43:6b:47:7a:20:ff:51:1a:
                    77:bb:58:9a:5c:69:60:71:d6:32:85:56:26:f5:52:
                    dc:73:7c:1c:32:cc:ba:75:70:3a:ac:0c:e6:02:5e:
                    ce:1f:e5:0f:66:a9:e3:11:2c:f4:aa:a4:1d:84:e6:
                    77:df:c7:db:e3:ca:00:8e:a4:6a:8a:15:b1:f0:c6:
                    b0:e7:1d:f2:b6:7f:8f:b4:2b:19:7d:87:3a:58:9b:
                    51:8b:36:a0:3a:cd:4c:fa:40:27:03:a5:2a:4d:7a:
                    21:8b:60:29:1c:ed:b2:92:38:14:d9:08:5d:26:2d:
                    dc:34:c4:ad:ac:1b:f4:e0:d1:94:0b:11:62:c5:ad:
                    fa:09:bf:52:94:f9:cc:d2:e0:7f:30:c4:39:f5:39:
                    53:ad:e8:74:6a:95:31:1e:c4:90:39:84:1c:30:d8:
                    24:54:17:c9:bb:f0:e6:df:8e:13:d7:ca:1e:85:ae:
                    87:d0:2c:95:c4:bb:ad:65:7a:1e:a2:4b:43:dd:ed:
                    83:3d:b8:a8:c3:03:b3:33:41:83:c6:58:aa:46:dd:
                    65:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:01:A3:1C:86:A5:84:B4:5C:84:E2:A3:10:0E:27:7B:BF:64:89:67
            X509v3 Authority Key Identifier:
                keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_QGjHIalhLRchOKjEA4ne79kiWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.86.110.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:d0:95:44:52:57:8f:60:29:e8:ef:af:6c:44:c0:79:50:17:
         ae:0d:b8:1e:ad:a8:06:b4:60:3f:ec:63:36:56:b6:d6:c9:ae:
         73:ff:ff:48:43:03:4a:85:0f:88:93:ec:2d:94:be:b4:b4:85:
         8c:d8:ca:e3:fc:02:a2:ca:e7:9a:7d:de:67:45:37:fb:7e:ff:
         4a:53:f4:fd:29:96:d2:79:12:c3:91:5e:97:6c:2a:7f:33:ea:
         a2:6e:98:1e:1c:44:3e:c5:93:79:c5:44:22:d9:99:e4:1b:f7:
         83:52:b9:ba:ed:a0:9e:c9:23:35:e6:fa:e4:c5:84:ee:25:ac:
         28:b8:96:f1:46:42:42:85:f9:86:cd:6b:29:0f:a9:0c:0f:6c:
         98:9f:f7:7c:f5:cc:51:be:4a:30:07:fa:c9:20:d7:63:61:85:
         92:52:a5:52:df:9e:26:17:4f:31:66:eb:ed:d0:51:75:ce:c5:
         d8:c9:30:ce:dd:b9:85:28:aa:4d:19:e3:5b:46:04:bb:63:9c:
         3f:41:f6:7e:70:7e:45:4c:42:b6:32:db:9f:19:6e:ee:4b:77:
         69:df:28:a6:d4:ee:3b:99:84:23:3c:54:2f:9e:bf:a1:2b:2b:
         34:05:3c:bc:3c:6e:32:5b:58:0a:61:c7:df:2c:1e:22:cc:20:
         26:7c:af:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqzj47ncdKcWDacOBt/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAxYTMxYzg2YTU4NGI0NWM4NGUyYTMxMDBlMjc3YmJmNjQ4OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsduVDpFizRW+W3nvEHnnXsi8kxL
6oxOzA0zxEvb2eO2x8gs2ej1M3WegcCtmnD5hmnGQ2tHeiD/URp3u1iaXGlgcdYy
hVYm9VLcc3wcMsy6dXA6rAzmAl7OH+UPZqnjESz0qqQdhOZ338fb48oAjqRqihWx
8Maw5x3ytn+PtCsZfYc6WJtRizagOs1M+kAnA6UqTXohi2ApHO2ykjgU2QhdJi3c
NMStrBv04NGUCxFixa36Cb9SlPnM0uB/MMQ59TlTreh0apUxHsSQOYQcMNgkVBfJ
u/Dm344T18oeha6H0CyVxLutZXoeoktD3e2DPbiowwOzM0GDxliqRt1lLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0BoxyGpYS0XITioxAOJ3u/ZIlnMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvX1FHakhJYWxoTFJjaE9LakVBNG5lNzlraVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FZuMA0G
CSqGSIb3DQEBCwUAA4IBAQAE0JVEUlePYCno769sRMB5UBeuDbgeragGtGA/7GM2
VrbWya5z//9IQwNKhQ+Ik+wtlL60tIWM2Mrj/AKiyueafd5nRTf7fv9KU/T9KZbS
eRLDkV6XbCp/M+qibpgeHEQ+xZN5xUQi2ZnkG/eDUrm67aCeySM15vrkxYTuJawo
uJbxRkJChfmGzWspD6kMD2yYn/d89cxRvkowB/rJINdjYYWSUqVS354mF08xZuvt
0FF1zsXYyTDO3bmFKKpNGeNbRgS7Y5w/QfZ+cH5FTEK2MtufGW7uS3dp3yim1O47
mYQjPFQvnr+hKys0BTy8PG4yW1gKYcffLB4izCAmfK8t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org