Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/Qoh-mQtFhmk9RmMbQYi4wGQLmIo.roa
File:                     Qoh-mQtFhmk9RmMbQYi4wGQLmIo.roa (raw, json)
Hash identifier:          FLk2dQ12QiGiGMDaCmANmw1REdgZ58YZd5jB5YF0kq8=
Subject key identifier:   42:88:7E:99:0B:45:86:69:3D:46:63:1B:41:88:B8:C0:64:0B:98:8A
Certificate issuer:       /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial:       0185700277ED9AF2254FD444BF58CF86679F
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/Qoh-mQtFhmk9RmMbQYi4wGQLmIo.roa
Signing time:             Mon 02 Jan 2023 01:04:48 +0000
ROA not before:           Mon 02 Jan 2023 01:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41209
IP address blocks:        195.34.18.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 05 Dec 2023 16:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:77:ed:9a:f2:25:4f:d4:44:bf:58:cf:86:67:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
        Validity
            Not Before: Jan  2 01:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42887e990b4586693d46631b4188b8c0640b988a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4d:9c:31:3e:c0:06:95:e3:ec:c9:01:2a:86:
                    b9:90:1b:df:89:64:69:5a:ea:5e:2e:15:d9:c9:8c:
                    f5:5f:4d:46:58:6f:19:84:6a:4d:a6:a1:5a:29:9f:
                    e3:ba:06:74:6d:46:a3:d1:f2:ad:14:36:b5:53:65:
                    cd:aa:dc:cf:67:45:cc:ff:9e:d6:22:3c:57:24:f5:
                    27:79:ee:4d:dd:37:ae:da:45:0b:23:f9:7c:98:59:
                    57:33:66:f5:80:d1:22:3d:f0:58:fb:7c:b8:1c:e3:
                    c6:96:cc:96:11:a8:56:a1:71:97:fd:8e:59:50:fd:
                    71:d3:1d:7a:a1:e0:73:3e:21:dd:07:d1:a6:8e:7e:
                    9c:98:27:fd:1f:3e:64:48:52:0b:8c:e0:9a:3a:8f:
                    8f:12:70:0d:88:ee:f4:2a:ea:b7:6e:6d:40:41:47:
                    08:ae:68:69:8f:bb:92:66:e4:c0:42:1a:88:e9:49:
                    0f:73:9e:23:ee:a5:27:ef:ed:6d:38:ab:63:a6:7e:
                    95:bb:83:ce:ed:3a:e0:c8:b3:a0:92:36:af:21:c3:
                    79:7f:67:69:dd:c4:d6:d9:45:d9:4d:71:e5:34:a3:
                    66:5a:ab:28:e8:d7:60:85:a7:a4:0a:ea:29:44:d6:
                    84:88:7d:8a:c0:d3:db:89:61:fc:4f:b6:cd:97:a6:
                    8d:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:88:7E:99:0B:45:86:69:3D:46:63:1B:41:88:B8:C0:64:0B:98:8A
            X509v3 Authority Key Identifier:
                keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/Qoh-mQtFhmk9RmMbQYi4wGQLmIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.34.18.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:2e:23:36:d8:00:b2:45:c6:c6:53:b1:dc:0f:a2:8e:30:13:
         f9:2d:bf:fe:d6:e2:a0:98:2a:f6:ef:80:ae:c6:90:31:74:e6:
         b4:c6:24:da:b8:37:60:8d:87:b8:49:fc:cf:5a:86:81:e6:7e:
         5b:eb:79:df:65:78:60:06:4c:e3:fb:3f:2f:56:c4:99:e6:30:
         e6:71:ed:cc:d5:aa:25:0e:cf:a8:95:be:0e:91:d4:aa:7a:18:
         ed:a2:34:90:e4:5c:33:78:8f:91:ee:ea:f7:ba:09:14:ed:7e:
         eb:8d:cf:71:f6:77:91:f8:fe:f6:cc:d8:d1:dc:7d:18:f2:ee:
         00:a9:6b:f9:db:f8:1d:0e:aa:14:91:3f:d7:c3:17:cb:b4:91:
         13:51:c7:2e:cf:49:4d:99:a2:1a:45:48:c0:56:75:3b:09:5c:
         d7:7a:a0:73:ef:b8:a0:df:7f:f5:2c:bc:0a:32:6a:f2:8e:81:
         64:91:2f:78:10:a1:60:3f:12:6f:ee:14:26:04:3e:1d:68:bf:
         e4:71:36:ed:64:3f:f7:6a:cf:a6:ad:5a:bf:d6:f1:48:55:0d:
         8a:97:10:db:3e:20:b3:be:51:95:ac:67:72:7e:b2:f7:83:bd:
         c0:c3:d3:dc:f3:d6:43:13:58:de:fb:03:67:57:de:98:e1:f0:
         e6:8f:3d:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAnftmvIlT9REv1jPhmefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjg4N2U5OTBiNDU4NjY5M2Q0NjYzMWI0MTg4YjhjMDY0MGI5ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE2cMT7ABpXj7MkBKoa5kBvfiWRp
WupeLhXZyYz1X01GWG8ZhGpNpqFaKZ/jugZ0bUaj0fKtFDa1U2XNqtzPZ0XM/57W
IjxXJPUnee5N3Teu2kULI/l8mFlXM2b1gNEiPfBY+3y4HOPGlsyWEahWoXGX/Y5Z
UP1x0x16oeBzPiHdB9Gmjn6cmCf9Hz5kSFILjOCaOo+PEnANiO70Kuq3bm1AQUcI
rmhpj7uSZuTAQhqI6UkPc54j7qUn7+1tOKtjpn6Vu4PO7TrgyLOgkjavIcN5f2dp
3cTW2UXZTXHlNKNmWqso6NdghaekCuopRNaEiH2KwNPbiWH8T7bNl6aNeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKIfpkLRYZpPUZjG0GIuMBkC5iKMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvUW9oLW1RdEZobWs5Um1NYlFZaTR3R1FMbUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwyISMA0G
CSqGSIb3DQEBCwUAA4IBAQB7LiM22ACyRcbGU7HcD6KOMBP5Lb/+1uKgmCr274Cu
xpAxdOa0xiTauDdgjYe4SfzPWoaB5n5b63nfZXhgBkzj+z8vVsSZ5jDmce3M1aol
Ds+olb4OkdSqehjtojSQ5FwzeI+R7ur3ugkU7X7rjc9x9neR+P72zNjR3H0Y8u4A
qWv52/gdDqoUkT/XwxfLtJETUccuz0lNmaIaRUjAVnU7CVzXeqBz77ig33/1LLwK
MmryjoFkkS94EKFgPxJv7hQmBD4daL/kcTbtZD/3as+mrVq/1vFIVQ2KlxDbPiCz
vlGVrGdyfrL3g73Aw9Pc89ZDE1je+wNnV96Y4fDmjz0F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org