Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/qqZidQYnlkp8WeHXGPkSEWmJqQY.roa
File:                     qqZidQYnlkp8WeHXGPkSEWmJqQY.roa (raw, json)
Hash identifier:          V6GEMpa03ZQkcktTdQjvY9ylJYVaHeOiup08F5FixVQ=
Subject key identifier:   AA:A6:62:75:06:27:96:4A:7C:59:E1:D7:18:F9:12:11:69:89:A9:06
Certificate issuer:       /CN=d557f65aa23dbacea5b1cf833a63482ef3e43057
Certificate serial:       018570FBB8ADBFD1799695224A3FAED37FCC
Authority key identifier: D5:57:F6:5A:A2:3D:BA:CE:A5:B1:CF:83:3A:63:48:2E:F3:E4:30:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1Vf2WqI9us6lsc-DOmNILvPkMFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/qqZidQYnlkp8WeHXGPkSEWmJqQY.roa
Signing time:             Mon 02 Jan 2023 05:37:02 +0000
ROA not before:           Mon 02 Jan 2023 05:37:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.248.224.0/24 maxlen: 24
                          185.248.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:b8:ad:bf:d1:79:96:95:22:4a:3f:ae:d3:7f:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d557f65aa23dbacea5b1cf833a63482ef3e43057
        Validity
            Not Before: Jan  2 05:37:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aaa662750627964a7c59e1d718f912116989a906
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e8:f1:a9:58:d5:25:07:c8:be:08:df:8c:b8:
                    7b:29:fc:a4:f2:c3:20:b3:71:cc:12:7f:2e:b3:17:
                    53:90:d3:98:b4:8e:89:8b:78:ae:bf:f1:b5:28:88:
                    98:a0:71:64:66:a2:82:9c:43:a9:d2:fa:81:b2:af:
                    20:42:2c:a2:6b:b1:65:b7:fc:f8:ce:44:22:5b:6f:
                    a7:40:d7:4b:17:47:eb:e4:f6:19:27:ab:d0:90:54:
                    d4:31:9c:67:f7:8a:71:61:ce:f7:64:20:97:76:6b:
                    5f:36:ef:b1:fc:1e:06:b5:e0:86:e1:cd:e5:ab:c6:
                    d4:3d:8b:c6:de:e3:08:df:02:04:05:8b:69:3b:18:
                    18:a1:27:43:9a:49:81:b1:8a:f6:f8:b5:17:89:7c:
                    c4:2c:5e:6c:0a:df:eb:1b:3b:60:d7:b1:eb:51:ce:
                    90:3e:05:f5:d3:07:50:52:eb:f1:d0:14:50:a2:8d:
                    bc:d0:67:33:73:16:d3:83:9e:04:f1:b7:fb:8d:7a:
                    69:97:1d:dc:e3:8f:6f:27:56:fd:ed:8f:0f:39:4a:
                    12:6c:76:e0:e0:5b:6e:2b:98:9e:ec:9a:7a:7c:8c:
                    f9:77:b8:d9:e6:38:51:06:10:ed:0d:87:87:97:df:
                    96:7d:83:9d:24:19:37:d3:2b:53:9a:91:d1:ec:c4:
                    bd:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:A6:62:75:06:27:96:4A:7C:59:E1:D7:18:F9:12:11:69:89:A9:06
            X509v3 Authority Key Identifier:
                keyid:D5:57:F6:5A:A2:3D:BA:CE:A5:B1:CF:83:3A:63:48:2E:F3:E4:30:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Vf2WqI9us6lsc-DOmNILvPkMFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/qqZidQYnlkp8WeHXGPkSEWmJqQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/1Vf2WqI9us6lsc-DOmNILvPkMFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         98:36:0e:4b:84:b6:bf:be:4c:42:1e:c3:21:b2:4a:7e:5b:68:
         40:8c:d2:d3:2a:ca:c8:50:22:98:dc:95:74:c6:2a:f8:4a:c4:
         e1:d5:bd:28:c3:59:85:d4:85:28:08:09:04:21:41:3b:cf:24:
         64:db:1b:06:b4:82:c3:61:78:26:48:1e:1a:c7:f4:1e:43:94:
         ec:f5:f2:e6:da:e7:6f:10:af:4d:36:88:0f:5e:76:83:ed:0c:
         59:fd:1d:f3:b9:73:3a:c2:dc:7b:a9:df:5c:95:b0:f4:99:59:
         2a:d9:4a:1e:07:79:11:b0:f0:a3:ee:bc:fd:52:43:2f:03:d7:
         f2:00:8c:af:d9:fc:83:12:09:32:60:08:98:c4:30:00:e4:3a:
         af:af:ee:e0:af:01:e0:6e:25:4c:8c:0f:f9:f4:cc:e2:f7:47:
         7e:9d:be:d0:23:8e:f4:b4:82:31:fe:73:05:88:7f:30:03:96:
         6a:60:3f:0d:9a:48:c2:19:86:08:0e:e3:5d:cd:f2:60:cd:bf:
         ea:bf:b9:86:96:96:22:b1:06:ed:7e:43:58:31:45:85:5c:cb:
         81:4e:1e:b0:69:a6:49:cc:92:c4:1f:ad:ed:40:82:94:bf:08:
         91:e5:44:61:f1:33:3e:86:7d:46:ed:1c:dd:73:3b:4b:ac:0f:
         72:d4:31:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7itv9F5lpUiSj+u03/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NTdmNjVhYTIzZGJhY2VhNWIxY2Y4MzNhNjM0ODJlZjNl
NDMwNTcwHhcNMjMwMTAyMDUzNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWE2NjI3NTA2Mjc5NjRhN2M1OWUxZDcxOGY5MTIxMTY5ODlhOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnejxqVjVJQfIvgjfjLh7Kfyk8sMg
s3HMEn8usxdTkNOYtI6Ji3iuv/G1KIiYoHFkZqKCnEOp0vqBsq8gQiyia7Flt/z4
zkQiW2+nQNdLF0fr5PYZJ6vQkFTUMZxn94pxYc73ZCCXdmtfNu+x/B4GteCG4c3l
q8bUPYvG3uMI3wIEBYtpOxgYoSdDmkmBsYr2+LUXiXzELF5sCt/rGztg17HrUc6Q
PgX10wdQUuvx0BRQoo280GczcxbTg54E8bf7jXpplx3c449vJ1b97Y8POUoSbHbg
4FtuK5ie7Jp6fIz5d7jZ5jhRBhDtDYeHl9+WfYOdJBk30ytTmpHR7MS9ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqmYnUGJ5ZKfFnh1xj5EhFpiakGMB8GA1UdIwQY
MBaAFNVX9lqiPbrOpbHPgzpjSC7z5DBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVZmMldxSTl1czZsc2MtRE9tTklMdlBrTUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi83OTUxYjUtOWNiNi00NTM1LTk1YzYt
NjNjNTJlOTJjNDdlLzEvcXFaaWRRWW5sa3A4V2VIWEdQa1NFV21KcVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi83OTUxYjUtOWNiNi00NTM1LTk1YzYtNjNjNTJlOTJjNDdl
LzEvMVZmMldxSTl1czZsc2MtRE9tTklMdlBrTUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufjgMA0G
CSqGSIb3DQEBCwUAA4IBAQCYNg5LhLa/vkxCHsMhskp+W2hAjNLTKsrIUCKY3JV0
xir4SsTh1b0ow1mF1IUoCAkEIUE7zyRk2xsGtILDYXgmSB4ax/QeQ5Ts9fLm2udv
EK9NNogPXnaD7QxZ/R3zuXM6wtx7qd9clbD0mVkq2UoeB3kRsPCj7rz9UkMvA9fy
AIyv2fyDEgkyYAiYxDAA5Dqvr+7grwHgbiVMjA/59Mzi90d+nb7QI470tIIx/nMF
iH8wA5ZqYD8NmkjCGYYIDuNdzfJgzb/qv7mGlpYisQbtfkNYMUWFXMuBTh6waaZJ
zJLEH63tQIKUvwiR5URh8TM+hn1G7RzdcztLrA9y1DHc
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:43 2024 by rpki-client on console-fra.rpki-client.org