Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/772fea-4715-4010-8c1e-dee66a35506c/1/RqkiJv9w7VdDW32f-JeMqYezhT0.roa
File:                     RqkiJv9w7VdDW32f-JeMqYezhT0.roa (raw, json)
Hash identifier:          nSidsI7h+1oJaCv/rb+irTwwLuY++IInh+UHJ5TEVDk=
Subject key identifier:   46:A9:22:26:FF:70:ED:57:43:5B:7D:9F:F8:97:8C:A9:87:B3:85:3D
Certificate issuer:       /CN=29d950bc184557bf504cf2b7c94a7dcec0876d66
Certificate serial:       018AD55142E61A6D3A7824A318DF3C575CC7
Authority key identifier: 29:D9:50:BC:18:45:57:BF:50:4C:F2:B7:C9:4A:7D:CE:C0:87:6D:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdlQvBhFV79QTPK3yUp9zsCHbWY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/772fea-4715-4010-8c1e-dee66a35506c/1/RqkiJv9w7VdDW32f-JeMqYezhT0.roa
Signing time:             Wed 27 Sep 2023 06:26:27 +0000
ROA not before:           Wed 27 Sep 2023 06:26:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15907
IP address blocks:        185.114.188.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 27 Sep 2023 07:17:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d5:51:42:e6:1a:6d:3a:78:24:a3:18:df:3c:57:5c:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d950bc184557bf504cf2b7c94a7dcec0876d66
        Validity
            Not Before: Sep 27 06:26:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46a92226ff70ed57435b7d9ff8978ca987b3853d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b5:6b:93:5d:a4:ee:ef:14:e2:1b:48:8e:65:
                    5b:87:23:1b:97:4a:ee:a3:b7:e4:1f:da:90:d1:fa:
                    66:14:35:f3:5b:50:e1:28:e8:14:a8:30:6d:5d:1b:
                    fb:42:2a:70:2c:d8:fc:d0:f6:0a:cd:72:48:e8:f9:
                    94:34:29:ba:84:1b:d3:64:54:60:69:2c:4c:e6:d6:
                    18:21:85:99:aa:73:e0:e4:e3:4a:9c:8d:69:48:6a:
                    9d:85:63:66:51:f3:59:88:36:35:0c:6b:4b:41:83:
                    9e:ac:63:b7:75:e4:71:3a:b0:e0:ab:b4:5a:b6:e9:
                    5c:ac:17:0b:2b:09:7e:eb:cb:73:99:ab:b6:1c:52:
                    28:ea:b5:46:55:0b:ba:a7:d8:86:79:a4:a2:a1:10:
                    08:03:3e:28:65:a0:b1:ab:ef:1f:cb:01:8e:0d:bc:
                    f3:bc:46:93:ea:36:23:10:19:b1:45:86:04:e6:02:
                    0d:31:70:a2:1e:5c:2b:1a:f3:2c:e8:c3:23:ac:04:
                    c4:b0:c6:7e:75:c9:ff:91:7a:44:70:6f:81:50:c6:
                    53:53:21:7a:63:d8:c4:65:0c:a7:b5:1d:c4:06:0f:
                    86:a0:3d:58:31:39:f0:7b:24:8d:3a:2b:b8:ed:7e:
                    17:ab:6b:d3:58:35:76:f4:e5:50:98:9f:f3:45:ab:
                    1e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:A9:22:26:FF:70:ED:57:43:5B:7D:9F:F8:97:8C:A9:87:B3:85:3D
            X509v3 Authority Key Identifier:
                keyid:29:D9:50:BC:18:45:57:BF:50:4C:F2:B7:C9:4A:7D:CE:C0:87:6D:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdlQvBhFV79QTPK3yUp9zsCHbWY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/772fea-4715-4010-8c1e-dee66a35506c/1/RqkiJv9w7VdDW32f-JeMqYezhT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/772fea-4715-4010-8c1e-dee66a35506c/1/KdlQvBhFV79QTPK3yUp9zsCHbWY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.114.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:cf:b2:a6:01:30:cf:82:04:e2:fd:f6:23:87:e6:46:34:c6:
         65:c4:26:9e:36:3b:79:8a:58:9d:ce:bf:ba:50:5e:0b:5b:c1:
         8e:90:ef:f4:d1:67:22:a5:4c:51:4b:c5:20:fc:46:0a:84:2a:
         4c:28:2c:bc:f5:c9:67:a0:20:26:d4:23:1d:65:e1:bd:64:59:
         5a:fc:75:f0:f0:ed:58:3f:0d:c1:02:7f:10:f1:5b:47:7c:6d:
         d7:ce:52:81:96:60:25:f7:8f:60:1b:b3:ec:3d:5d:77:b4:82:
         13:99:73:da:be:ac:21:45:d0:0b:50:8a:7f:96:c7:1c:3a:7a:
         53:02:39:17:04:80:e7:88:cd:55:c6:a0:23:91:c1:b8:ba:9f:
         e5:3e:ee:bf:62:d3:13:19:a1:c8:dc:1d:34:7c:ba:d1:94:14:
         f1:52:2d:16:3e:05:1c:9d:76:aa:95:96:67:d3:aa:4e:08:9e:
         7b:57:b1:8c:e0:dc:b3:94:14:c2:03:ce:21:3c:06:a6:92:ef:
         df:ed:12:26:d2:a1:a7:a5:aa:51:74:aa:b2:31:9f:bd:18:b9:
         2e:14:74:d6:b8:a9:e0:3f:fc:5e:db:fd:ff:3b:ae:71:24:1d:
         11:83:e4:8e:7c:90:a9:2e:dc:77:e9:d1:72:17:1f:06:5a:d4:
         cc:73:5a:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrVUULmGm06eCSjGN88V1zHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDk1MGJjMTg0NTU3YmY1MDRjZjJiN2M5NGE3ZGNlYzA4
NzZkNjYwHhcNMjMwOTI3MDYyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmE5MjIyNmZmNzBlZDU3NDM1YjdkOWZmODk3OGNhOTg3YjM4NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Vrk12k7u8U4htIjmVbhyMbl0ru
o7fkH9qQ0fpmFDXzW1DhKOgUqDBtXRv7QipwLNj80PYKzXJI6PmUNCm6hBvTZFRg
aSxM5tYYIYWZqnPg5ONKnI1pSGqdhWNmUfNZiDY1DGtLQYOerGO3deRxOrDgq7Ra
tulcrBcLKwl+68tzmau2HFIo6rVGVQu6p9iGeaSioRAIAz4oZaCxq+8fywGODbzz
vEaT6jYjEBmxRYYE5gINMXCiHlwrGvMs6MMjrATEsMZ+dcn/kXpEcG+BUMZTUyF6
Y9jEZQyntR3EBg+GoD1YMTnweySNOiu47X4Xq2vTWDV29OVQmJ/zRaseJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEapIib/cO1XQ1t9n/iXjKmHs4U9MB8GA1UdIwQY
MBaAFCnZULwYRVe/UEzyt8lKfc7Ah21mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RsUXZCaEZWNzlRVFBLM3lVcDl6c0NIYldZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83NzJmZWEtNDcxNS00MDEwLThjMWUt
ZGVlNjZhMzU1MDZjLzEvUnFraUp2OXc3VmREVzMyZi1KZU1xWWV6aFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83NzJmZWEtNDcxNS00MDEwLThjMWUtZGVlNjZhMzU1MDZj
LzEvS2RsUXZCaEZWNzlRVFBLM3lVcDl6c0NIYldZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXK8MA0G
CSqGSIb3DQEBCwUAA4IBAQBXz7KmATDPggTi/fYjh+ZGNMZlxCaeNjt5ilidzr+6
UF4LW8GOkO/00WcipUxRS8Ug/EYKhCpMKCy89clnoCAm1CMdZeG9ZFla/HXw8O1Y
Pw3BAn8Q8VtHfG3XzlKBlmAl949gG7PsPV13tIITmXPavqwhRdALUIp/lsccOnpT
AjkXBIDniM1VxqAjkcG4up/lPu6/YtMTGaHI3B00fLrRlBTxUi0WPgUcnXaqlZZn
06pOCJ57V7GM4NyzlBTCA84hPAamku/f7RIm0qGnpapRdKqyMZ+9GLkuFHTWuKng
P/xe2/3/O65xJB0Rg+SOfJCpLtx36dFyFx8GWtTMc1p8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:08 2024 by rpki-client on console-fra.rpki-client.org