Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qa70xHQRy6SI0TiwcD1kWcdiG-M.roa
File:                     qa70xHQRy6SI0TiwcD1kWcdiG-M.roa (raw, json)
Hash identifier:          KLtHwkNhNyXONNV4uBXe0u9v5GtRcB374GOcird8nDQ=
Subject key identifier:   A9:AE:F4:C4:74:11:CB:A4:88:D1:38:B0:70:3D:64:59:C7:62:1B:E3
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       018896F2C4029D55F90670B40F90D711EFB3
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qa70xHQRy6SI0TiwcD1kWcdiG-M.roa
Signing time:             Wed 07 Jun 2023 17:41:12 +0000
ROA not before:           Wed 07 Jun 2023 17:41:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49453
IP address blocks:        178.20.31.0/24 maxlen: 24
                          178.20.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:96:f2:c4:02:9d:55:f9:06:70:b4:0f:90:d7:11:ef:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Jun  7 17:41:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a9aef4c47411cba488d138b0703d6459c7621be3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:17:47:b3:4e:88:ba:8c:bf:bd:3d:ea:36:94:
                    fb:b0:5c:02:e2:87:99:28:9b:fb:b7:5c:ee:77:ed:
                    36:40:08:98:c1:f7:72:f8:13:41:f3:8c:e4:0b:8f:
                    71:17:2f:f7:0f:14:1c:11:6f:65:fc:61:c8:63:18:
                    14:2e:0b:05:f3:66:60:68:ec:52:62:0e:01:ee:c9:
                    19:a1:6b:f9:8c:28:f0:f4:b0:39:23:0c:0e:1c:b7:
                    ea:fe:4e:62:bb:77:bd:d2:9b:83:0e:11:d3:13:35:
                    55:e0:83:91:3d:4c:a5:e8:76:b5:8c:c0:07:5a:b4:
                    7a:96:45:7e:b6:73:ff:d2:b0:a2:53:90:3e:7b:4f:
                    08:f4:79:4f:73:93:ea:30:9f:c6:b0:ed:fa:09:7a:
                    7f:cc:05:f8:11:b7:0f:f8:5c:3e:cc:be:30:cb:0b:
                    92:92:95:41:45:cd:06:cd:85:97:e4:9c:a8:63:e3:
                    6c:2b:2b:17:ea:74:2c:92:1e:35:89:5f:18:4f:e6:
                    a8:cb:cd:db:e1:51:b9:00:b9:47:33:6b:6b:bf:bc:
                    13:bf:77:f6:95:0d:7a:a3:25:46:0f:22:9c:06:e6:
                    0c:f2:c2:a8:55:13:c8:fe:75:13:44:0b:c3:fb:65:
                    bf:49:c5:31:a9:e6:70:a2:99:36:f0:ec:00:de:3b:
                    df:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:AE:F4:C4:74:11:CB:A4:88:D1:38:B0:70:3D:64:59:C7:62:1B:E3
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qa70xHQRy6SI0TiwcD1kWcdiG-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.20.29.0/24
                  178.20.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:2c:bd:52:b4:8c:23:a2:6d:85:57:ac:65:4a:62:aa:c9:0c:
         21:ec:5a:f9:e5:5b:4c:ae:55:99:85:f9:ee:22:35:3b:2c:88:
         81:69:75:e7:da:0c:65:48:4d:f1:d0:a4:2d:4d:c5:f2:a1:ac:
         02:9c:4e:4c:2a:91:dc:d6:b0:2b:41:29:1c:99:c9:d4:5a:de:
         fb:91:66:fd:6e:ec:0e:04:da:ac:2f:09:81:6a:37:67:a4:1a:
         c4:52:bf:25:81:4c:4c:33:8f:a6:99:e8:e9:d9:21:13:44:40:
         63:5c:3a:4d:77:da:f4:f0:8e:b1:e7:ad:23:f6:5d:d0:7c:aa:
         1c:6d:73:53:b4:8c:ee:77:e9:7b:d1:5b:2f:e9:e9:b7:cc:aa:
         5f:ce:44:a1:d7:c9:dd:17:06:a0:c8:c0:52:ca:ac:03:39:59:
         19:55:a2:fc:8d:2e:dd:63:7b:d8:46:46:be:c6:c3:cc:61:99:
         d1:de:74:5b:98:ed:fc:9f:1e:c6:bd:be:60:e2:00:71:da:f3:
         8a:f7:20:84:17:6b:c1:7b:cf:21:25:28:d7:6f:0b:37:d1:32:
         d7:b2:c5:86:76:27:d7:05:16:43:7a:ef:f1:a0:af:6d:e6:98:
         3d:40:f7:33:2a:60:91:82:16:45:b7:03:5c:fe:a0:ac:a4:6a:
         32:02:83:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiW8sQCnVX5BnC0D5DXEe+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNjA3MTc0MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFlZjRjNDc0MTFjYmE0ODhkMTM4YjA3MDNkNjQ1OWM3NjIxYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhdHs06Iuoy/vT3qNpT7sFwC4oeZ
KJv7t1zud+02QAiYwfdy+BNB84zkC49xFy/3DxQcEW9l/GHIYxgULgsF82ZgaOxS
Yg4B7skZoWv5jCjw9LA5IwwOHLfq/k5iu3e90puDDhHTEzVV4IORPUyl6Ha1jMAH
WrR6lkV+tnP/0rCiU5A+e08I9HlPc5PqMJ/GsO36CXp/zAX4EbcP+Fw+zL4wywuS
kpVBRc0GzYWX5JyoY+NsKysX6nQskh41iV8YT+aoy83b4VG5ALlHM2trv7wTv3f2
lQ16oyVGDyKcBuYM8sKoVRPI/nUTRAvD+2W/ScUxqeZwopk28OwA3jvfSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKmu9MR0EcukiNE4sHA9ZFnHYhvjMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvcWE3MHhIUVJ5NlNJMFRpd2NEMWtXY2RpRy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAshQdAwQA
shQfMA0GCSqGSIb3DQEBCwUAA4IBAQCKLL1StIwjom2FV6xlSmKqyQwh7Fr55VtM
rlWZhfnuIjU7LIiBaXXn2gxlSE3x0KQtTcXyoawCnE5MKpHc1rArQSkcmcnUWt77
kWb9buwOBNqsLwmBajdnpBrEUr8lgUxMM4+mmejp2SETREBjXDpNd9r08I6x560j
9l3QfKocbXNTtIzud+l70Vsv6em3zKpfzkSh18ndFwagyMBSyqwDOVkZVaL8jS7d
Y3vYRka+xsPMYZnR3nRbmO38nx7Gvb5g4gBx2vOK9yCEF2vBe88hJSjXbws30TLX
ssWGdifXBRZDeu/xoK9t5pg9QPczKmCRghZFtwNc/qCspGoyAoOH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org