Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/TQq_lc-p1ni1lisxa-eL16mezSE.roa
File:                     TQq_lc-p1ni1lisxa-eL16mezSE.roa (raw, json)
Hash identifier:          b6lFqt46lru/wVBBKkbmog/Lk2KhlhvvBIzxc+BYRFE=
Subject key identifier:   4D:0A:BF:95:CF:A9:D6:78:B5:96:2B:31:6B:E7:8B:D7:A9:9E:CD:21
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018DD1E8C762D5551F2D2964D09F4DEFCB2C
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/TQq_lc-p1ni1lisxa-eL16mezSE.roa
Signing time:             Thu 22 Feb 2024 17:41:49 +0000
ROA not before:           Thu 22 Feb 2024 17:41:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212667
IP address blocks:        2.59.48.0/24 maxlen: 24
                          37.221.80.0/24 maxlen: 24
                          45.11.22.0/24 maxlen: 24
                          45.14.221.0/24 maxlen: 24
                          45.89.68.0/24 maxlen: 24
                          45.89.71.0/24 maxlen: 24
                          91.188.220.0/24 maxlen: 24
                          94.158.188.0/24 maxlen: 24
                          176.124.34.0/24 maxlen: 24
                          185.212.112.0/24 maxlen: 24
                          193.3.18.0/24 maxlen: 24
                          193.201.114.0/24 maxlen: 24
                          194.32.240.0/24 maxlen: 24
                          195.18.26.0/24 maxlen: 24
                          195.69.148.0/24 maxlen: 24
                          195.69.150.0/24 maxlen: 24
                          195.225.96.0/24 maxlen: 24
                          212.18.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 18:35:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d1:e8:c7:62:d5:55:1f:2d:29:64:d0:9f:4d:ef:cb:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Feb 22 17:41:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4d0abf95cfa9d678b5962b316be78bd7a99ecd21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5a:f3:f3:6c:32:ca:1c:bb:df:ac:2d:5f:51:
                    05:52:89:90:bd:00:de:a5:0c:d3:6e:3b:58:7d:36:
                    01:da:ed:c3:a0:7d:1c:7a:db:38:0e:da:1c:40:80:
                    92:3a:a4:e2:dd:61:cf:63:c8:cc:d3:dc:95:96:10:
                    b6:4e:47:e0:0a:ba:39:13:aa:18:54:eb:c5:7c:68:
                    12:67:15:6e:50:1f:70:51:9f:6d:8d:37:a2:ac:37:
                    36:ee:dc:3a:6b:db:06:7d:39:97:a7:86:a8:a7:26:
                    e9:f2:79:57:1d:2e:4c:a0:10:96:53:da:ff:50:7f:
                    0e:ff:80:0d:e8:9a:fb:16:49:db:9c:1c:3e:54:4a:
                    f4:10:37:e9:7b:ef:c1:d9:14:13:6b:34:32:81:49:
                    d8:65:e2:9e:70:51:7b:80:31:a2:03:c0:d3:de:cd:
                    1d:42:5a:f4:43:38:4c:df:5b:03:74:35:cd:68:f7:
                    09:4b:89:dd:13:95:53:55:e1:f3:11:2d:cf:d9:8f:
                    a6:96:0e:9b:33:50:a1:18:c0:13:1c:83:05:2e:25:
                    2a:01:84:e7:7c:6d:65:23:67:d5:90:97:17:93:35:
                    82:9a:46:65:fc:73:b2:ec:4d:11:7c:0a:16:a3:ee:
                    8c:f0:b5:0b:da:2f:76:b6:b4:e6:20:87:a5:7d:41:
                    d7:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:0A:BF:95:CF:A9:D6:78:B5:96:2B:31:6B:E7:8B:D7:A9:9E:CD:21
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/TQq_lc-p1ni1lisxa-eL16mezSE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.48.0/24
                  37.221.80.0/24
                  45.11.22.0/24
                  45.14.221.0/24
                  45.89.68.0/24
                  45.89.71.0/24
                  91.188.220.0/24
                  94.158.188.0/24
                  176.124.34.0/24
                  185.212.112.0/24
                  193.3.18.0/24
                  193.201.114.0/24
                  194.32.240.0/24
                  195.18.26.0/24
                  195.69.148.0/24
                  195.69.150.0/24
                  195.225.96.0/24
                  212.18.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:7a:42:08:5d:46:ea:0f:18:b4:05:15:f0:d8:b4:0a:b1:37:
         54:0a:25:b6:29:83:68:58:6a:52:fd:95:81:1c:4e:00:1f:06:
         8b:11:d7:89:14:24:36:9d:b2:d7:30:40:0b:35:7d:7f:11:1e:
         df:8f:fe:75:b2:69:41:77:57:0f:83:82:bc:63:5e:89:54:0e:
         47:92:36:9b:8a:ff:b6:47:a2:7c:e0:db:7e:4d:4b:fd:9b:b6:
         72:84:74:62:de:a5:e1:23:fe:c3:06:f0:98:69:01:02:fa:b8:
         e4:ea:7b:a7:72:8e:75:31:39:4e:d0:bc:db:77:eb:e2:26:4c:
         1c:b5:69:9e:0a:52:e8:0f:c2:f0:a0:d2:d1:c5:85:b6:eb:cf:
         76:af:39:b1:6e:aa:56:46:51:9c:82:16:9c:5b:84:e6:09:2c:
         45:ea:7b:bd:73:2b:60:a6:d0:ab:79:07:c0:b4:e7:35:e2:41:
         70:e4:40:77:cf:2c:69:78:8f:e1:0a:25:e4:a0:42:fb:44:92:
         42:e3:ba:1f:83:ea:53:c1:86:e6:4f:e1:26:06:22:38:de:3e:
         63:6d:2d:1f:0c:2d:c1:48:f8:78:72:fd:aa:2f:03:dc:3e:ba:
         a7:14:8b:e9:9c:eb:15:15:8f:c4:10:6d:ab:bc:97:c3:2a:e6:
         d4:95:13:49
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY3R6Mdi1VUfLSlk0J9N78ssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIyMTc0MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBhYmY5NWNmYTlkNjc4YjU5NjJiMzE2YmU3OGJkN2E5OWVjZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1rz82wyyhy736wtX1EFUomQvQDe
pQzTbjtYfTYB2u3DoH0cets4DtocQICSOqTi3WHPY8jM09yVlhC2TkfgCro5E6oY
VOvFfGgSZxVuUB9wUZ9tjTeirDc27tw6a9sGfTmXp4aopybp8nlXHS5MoBCWU9r/
UH8O/4AN6Jr7FknbnBw+VEr0EDfpe+/B2RQTazQygUnYZeKecFF7gDGiA8DT3s0d
Qlr0QzhM31sDdDXNaPcJS4ndE5VTVeHzES3P2Y+mlg6bM1ChGMATHIMFLiUqAYTn
fG1lI2fVkJcXkzWCmkZl/HOy7E0RfAoWo+6M8LUL2i92trTmIIelfUHXdwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFE0Kv5XPqdZ4tZYrMWvni9epns0hMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvVFFxX2xjLXAxbmkxbGlzeGEtZUwxNm1lelNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAAI7MAME
ACXdUAMEAC0LFgMEAC0O3QMEAC1ZRAMEAC1ZRwMEAFu83AMEAF6evAMEALB8IgME
ALnUcAMEAMEDEgMEAMHJcgMEAMIg8AMEAMMSGgMEAMNFlAMEAMNFlgMEAMPhYAME
ANQSZDANBgkqhkiG9w0BAQsFAAOCAQEAk3pCCF1G6g8YtAUV8Ni0CrE3VAoltimD
aFhqUv2VgRxOAB8GixHXiRQkNp2y1zBACzV9fxEe34/+dbJpQXdXD4OCvGNeiVQO
R5I2m4r/tkeifODbfk1L/Zu2coR0Yt6l4SP+wwbwmGkBAvq45Op7p3KOdTE5TtC8
23fr4iZMHLVpngpS6A/C8KDS0cWFtuvPdq85sW6qVkZRnIIWnFuE5gksRep7vXMr
YKbQq3kHwLTnNeJBcORAd88saXiP4Qol5KBC+0SSQuO6H4PqU8GG5k/hJgYiON4+
Y20tHwwtwUj4eHL9qi8D3D66pxSL6ZzrFRWPxBBtq7yXwyrm1JUTSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org