Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qz-ybdTJaFsXhPEZFlZHibU95Yw.roa
File:                     qz-ybdTJaFsXhPEZFlZHibU95Yw.roa (raw, json)
Hash identifier:          XoXDYXQonJFZXMeBg5cRaWSAHmBErHwTZ++4tYdCxIk=
Subject key identifier:   AB:3F:B2:6D:D4:C9:68:5B:17:84:F1:19:16:56:47:89:B5:3D:E5:8C
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01889A428A7C9439B3463AFFDE54CF425297
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qz-ybdTJaFsXhPEZFlZHibU95Yw.roa
Signing time:             Thu 08 Jun 2023 09:07:12 +0000
ROA not before:           Thu 08 Jun 2023 09:07:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6830
IP address blocks:        88.216.224.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Dec 2023 08:35:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:9a:42:8a:7c:94:39:b3:46:3a:ff:de:54:cf:42:52:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jun  8 09:07:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ab3fb26dd4c9685b1784f11916564789b53de58c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:3b:ca:b0:5b:d9:6a:db:80:a3:ed:73:84:27:
                    87:28:ed:5d:d6:a3:55:10:6c:34:54:57:af:18:2c:
                    08:9f:ff:8f:ff:ba:86:90:09:b2:30:7a:c3:cd:2a:
                    06:fc:68:65:6c:81:51:50:7a:97:7f:e8:b0:6a:6f:
                    bc:11:7a:f1:b3:49:20:e2:4a:94:24:8c:76:f1:50:
                    5f:00:02:1e:e7:85:d2:d0:99:4d:37:e4:a8:da:2e:
                    27:54:58:45:28:a0:4f:4d:2a:49:0b:d6:b4:8a:23:
                    00:b6:19:88:75:c6:a0:97:48:31:33:61:11:6c:0f:
                    cd:25:78:3c:16:3f:24:e7:f6:7b:f8:03:eb:c0:90:
                    f7:94:dc:f4:ee:4e:f5:72:06:67:80:3e:91:54:90:
                    de:d4:c6:a0:d1:dc:5d:ea:81:83:8f:d0:3f:3b:f3:
                    d9:c8:19:b2:30:8a:fc:de:5e:b3:65:c8:b3:1e:7f:
                    5c:7a:ed:20:b9:28:f4:d3:ea:53:25:77:03:df:9d:
                    c5:48:ba:d4:26:d7:e1:35:1f:b8:87:50:64:7b:18:
                    48:54:70:8d:25:21:09:c2:e2:f6:7c:24:aa:ab:c6:
                    44:02:c3:6f:6e:ca:c6:2d:d0:43:d5:53:13:54:f1:
                    28:d2:26:63:87:30:3b:7f:be:dd:c0:8a:9f:cb:5a:
                    2a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:3F:B2:6D:D4:C9:68:5B:17:84:F1:19:16:56:47:89:B5:3D:E5:8C
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qz-ybdTJaFsXhPEZFlZHibU95Yw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:1b:f3:6a:47:b9:73:7d:a2:ab:98:d7:74:a6:3c:5f:3e:6a:
         c9:70:df:70:c4:d8:ba:7f:fa:b7:66:af:ea:a8:61:8d:45:c6:
         f7:3b:a2:c6:7f:67:55:b0:40:d7:bd:c7:ae:18:6b:43:b2:c4:
         60:5b:a8:48:81:e5:6d:06:64:e9:0f:ab:70:98:74:14:44:e5:
         d3:2b:07:53:27:05:6e:2a:c9:fc:b2:e5:24:5a:6f:d9:d8:91:
         1d:0f:92:06:c6:13:d2:38:31:1d:92:a3:bc:59:07:50:98:b6:
         4a:af:1d:63:15:2a:43:3c:33:de:42:4d:a9:b2:1f:3e:12:63:
         70:98:ea:7c:b8:22:5c:f0:d2:14:92:a5:1c:c9:62:b0:5f:a3:
         93:af:29:61:c9:dc:90:d9:53:26:e6:96:5c:34:7b:17:37:70:
         89:a0:cd:08:88:c8:ba:61:4f:1d:e0:a2:0c:80:ef:39:52:47:
         d3:94:fb:a9:cf:44:ae:02:ed:0a:01:eb:ea:09:48:e0:74:a4:
         b2:fc:60:e5:a2:40:20:7c:87:05:aa:1c:9d:c5:4e:0f:92:21:
         cb:b5:bf:29:04:69:9f:fa:67:35:0a:01:26:0d:26:d0:2e:a2:
         b9:0d:d1:69:be:2e:85:4c:53:66:de:32:43:b4:26:9a:3f:a3:
         68:a4:b8:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiaQop8lDmzRjr/3lTPQlKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA4MDkwNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNmYjI2ZGQ0Yzk2ODViMTc4NGYxMTkxNjU2NDc4OWI1M2RlNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTvKsFvZatuAo+1zhCeHKO1d1qNV
EGw0VFevGCwIn/+P/7qGkAmyMHrDzSoG/GhlbIFRUHqXf+iwam+8EXrxs0kg4kqU
JIx28VBfAAIe54XS0JlNN+So2i4nVFhFKKBPTSpJC9a0iiMAthmIdcagl0gxM2ER
bA/NJXg8Fj8k5/Z7+APrwJD3lNz07k71cgZngD6RVJDe1Mag0dxd6oGDj9A/O/PZ
yBmyMIr83l6zZcizHn9ceu0guSj00+pTJXcD353FSLrUJtfhNR+4h1BkexhIVHCN
JSEJwuL2fCSqq8ZEAsNvbsrGLdBD1VMTVPEo0iZjhzA7f77dwIqfy1oqcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKs/sm3UyWhbF4TxGRZWR4m1PeWMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcXoteWJkVEphRnNYaFBFWkZsWkhpYlU5NVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNjgMA0G
CSqGSIb3DQEBCwUAA4IBAQA5G/NqR7lzfaKrmNd0pjxfPmrJcN9wxNi6f/q3Zq/q
qGGNRcb3O6LGf2dVsEDXvceuGGtDssRgW6hIgeVtBmTpD6twmHQUROXTKwdTJwVu
Ksn8suUkWm/Z2JEdD5IGxhPSODEdkqO8WQdQmLZKrx1jFSpDPDPeQk2psh8+EmNw
mOp8uCJc8NIUkqUcyWKwX6OTrylhydyQ2VMm5pZcNHsXN3CJoM0IiMi6YU8d4KIM
gO85UkfTlPupz0SuAu0KAevqCUjgdKSy/GDlokAgfIcFqhydxU4PkiHLtb8pBGmf
+mc1CgEmDSbQLqK5DdFpvi6FTFNm3jJDtCaaP6NopLhN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org