Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/JQtNlpqCTAmIPkcWmrc7LdV5aL4.roa
File:                     JQtNlpqCTAmIPkcWmrc7LdV5aL4.roa (raw, json)
Hash identifier:          FNG4Lmr0ylifx/1lFYdQcRKoLtkX+z+4KXaOs7uHg/U=
Subject key identifier:   25:0B:4D:96:9A:82:4C:09:88:3E:47:16:9A:B7:3B:2D:D5:79:68:BE
Certificate issuer:       /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial:       01857102CD4B5ED1FD3B902B7FD6A25C6E6D
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/JQtNlpqCTAmIPkcWmrc7LdV5aL4.roa
Signing time:             Mon 02 Jan 2023 05:44:47 +0000
ROA not before:           Mon 02 Jan 2023 05:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43110
IP address blocks:        46.172.64.0/24 maxlen: 24
                          46.172.70.0/24 maxlen: 24
                          46.172.69.0/24 maxlen: 24
                          46.172.65.0/24 maxlen: 24
                          46.172.66.0/24 maxlen: 24
                          46.172.71.0/24 maxlen: 24
                          46.172.78.0/24 maxlen: 24
                          46.172.92.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Jun 2023 10:09:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:02:cd:4b:5e:d1:fd:3b:90:2b:7f:d6:a2:5c:6e:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
        Validity
            Not Before: Jan  2 05:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=250b4d969a824c09883e47169ab73b2dd57968be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:20:8e:c1:99:41:34:7d:9c:dc:27:be:47:fd:
                    d9:8e:8c:60:be:d8:17:35:24:e7:a5:6f:e1:2a:7a:
                    31:ba:02:9d:cb:c4:7e:c8:59:c1:51:2d:a0:a4:4d:
                    32:f6:49:06:eb:fd:a8:36:81:89:20:98:02:c4:a7:
                    1d:e3:d5:27:ae:87:ff:e7:3d:d6:59:1d:b5:32:0b:
                    87:73:f7:31:67:ab:5f:ce:46:ab:2c:96:b3:d1:20:
                    f2:d2:27:8a:e4:4a:2f:41:aa:bb:b8:13:fd:bb:1b:
                    68:07:28:35:78:ce:f3:4f:7c:4b:43:88:1f:26:b0:
                    67:79:26:df:8d:25:a3:8b:1c:bf:9c:68:c3:e4:3b:
                    23:d9:df:4e:3e:79:21:4f:5c:5b:bc:de:a3:aa:38:
                    5a:16:9e:e8:91:b1:5a:1d:57:18:2c:d7:c0:7f:4f:
                    61:8b:39:a1:67:37:d1:cd:21:ad:06:ca:5a:b5:ab:
                    f1:39:29:04:79:ac:da:32:ae:5a:ae:dc:96:d1:44:
                    e9:2c:4c:b1:6e:88:b1:77:e5:3b:3d:6a:4b:81:9f:
                    08:64:5c:cf:08:32:c2:bc:ea:12:e6:3a:b2:01:73:
                    6a:ec:69:32:7a:4c:e6:4d:60:08:ec:2e:79:44:11:
                    10:e5:9a:32:24:a7:6e:8d:14:68:42:7f:52:18:f8:
                    08:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:0B:4D:96:9A:82:4C:09:88:3E:47:16:9A:B7:3B:2D:D5:79:68:BE
            X509v3 Authority Key Identifier:
                keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/JQtNlpqCTAmIPkcWmrc7LdV5aL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.172.64.0-46.172.66.255
                  46.172.69.0-46.172.71.255
                  46.172.78.0/24
                  46.172.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:f5:15:f5:96:22:76:98:b6:ed:c8:72:75:f4:41:d0:62:95:
         e7:b0:33:0c:47:08:43:fe:0e:5d:5a:7e:2a:dc:6a:a8:28:77:
         8a:11:03:ad:48:07:d8:8f:fa:e7:f4:7a:de:71:4b:6e:57:cb:
         5d:b4:bd:44:28:35:63:1b:88:87:34:fb:dc:30:83:78:ff:c3:
         18:2f:de:59:9d:39:00:bf:d9:59:d0:58:35:78:84:67:24:e8:
         bc:50:aa:93:b7:36:23:71:c5:02:24:86:dc:ef:ae:96:39:72:
         d0:8a:6d:73:02:4f:1f:12:26:28:e5:1b:f8:d1:90:e8:6b:cc:
         a9:ec:e5:f0:fa:a4:c8:fa:8e:41:0c:cf:b7:79:92:7f:60:e4:
         1c:74:59:ca:cf:fa:37:0b:60:b1:45:f7:9f:d3:42:50:33:ab:
         ce:19:36:5a:84:08:34:9a:b8:a4:3e:b7:d9:46:c0:7e:c6:95:
         43:6e:1b:af:f5:1b:9b:62:1e:ab:03:29:64:12:75:49:47:d2:
         ab:4c:00:44:7b:e4:d5:96:f1:05:aa:d2:9a:e2:79:90:93:56:
         05:ed:f3:94:d7:c9:16:c7:bf:e9:f6:38:92:6c:3b:f1:96:83:
         88:e5:02:64:13:cc:12:a5:ef:80:24:35:94:8c:63:c6:64:37:
         cd:83:9b:af
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVxAs1LXtH9O5Arf9aiXG5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWU5MTI5NmM5NDk5MmQxNTFhMjMyMjQwZTZjZjNhMTc2
ZDIwMzkwHhcNMjMwMTAyMDU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBiNGQ5NjlhODI0YzA5ODgzZTQ3MTY5YWI3M2IyZGQ1Nzk2OGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviCOwZlBNH2c3Ce+R/3ZjoxgvtgX
NSTnpW/hKnoxugKdy8R+yFnBUS2gpE0y9kkG6/2oNoGJIJgCxKcd49Unrof/5z3W
WR21MguHc/cxZ6tfzkarLJaz0SDy0ieK5EovQaq7uBP9uxtoByg1eM7zT3xLQ4gf
JrBneSbfjSWjixy/nGjD5Dsj2d9OPnkhT1xbvN6jqjhaFp7okbFaHVcYLNfAf09h
izmhZzfRzSGtBspatavxOSkEeazaMq5artyW0UTpLEyxboixd+U7PWpLgZ8IZFzP
CDLCvOoS5jqyAXNq7GkyekzmTWAI7C55RBEQ5ZoyJKdujRRoQn9SGPgIPwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCULTZaagkwJiD5HFpq3Oy3VeWi+MB8GA1UdIwQY
MBaAFBzukSlslJktFRojIkDmzzoXbSA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQt
YmFjYWI0NzVlNmNjLzEvSlF0TmxwcUNUQW1JUGtjV21yYzdMZFY1YUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQtYmFjYWI0NzVlNmNj
LzEvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAYurEAD
BAAurEIwDAMEAC6sRQMEAy6sQAMEAC6sTgMEAC6sXDANBgkqhkiG9w0BAQsFAAOC
AQEAlfUV9ZYidpi27chydfRB0GKV57AzDEcIQ/4OXVp+KtxqqCh3ihEDrUgH2I/6
5/R63nFLblfLXbS9RCg1YxuIhzT73DCDeP/DGC/eWZ05AL/ZWdBYNXiEZyTovFCq
k7c2I3HFAiSG3O+uljly0IptcwJPHxImKOUb+NGQ6GvMqezl8PqkyPqOQQzPt3mS
f2DkHHRZys/6NwtgsUX3n9NCUDOrzhk2WoQINJq4pD632UbAfsaVQ24br/Ubm2Ie
qwMpZBJ1SUfSq0wARHvk1ZbxBarSmuJ5kJNWBe3zlNfJFse/6fY4kmw78ZaDiOUC
ZBPMEqXvgCQ1lIxjxmQ3zYObrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:04 2024 by rpki-client on console-fra.rpki-client.org