Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/CtWQ7sq9Td7hlDpRm_djLU8mYH0.roa
File:                     CtWQ7sq9Td7hlDpRm_djLU8mYH0.roa (raw, json)
Hash identifier:          i2jiYWQRZ1/YrcpHqrCGR63uk9wHymq9FKX/M/dpYI4=
Subject key identifier:   0A:D5:90:EE:CA:BD:4D:DE:E1:94:3A:51:9B:F7:63:2D:4F:26:60:7D
Certificate issuer:       /CN=4116f0e9aff39a8b196c483e085de79f246d9fdd
Certificate serial:       01856F3019880D53E5F11E30991DEE4E6085
Authority key identifier: 41:16:F0:E9:AF:F3:9A:8B:19:6C:48:3E:08:5D:E7:9F:24:6D:9F:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/CtWQ7sq9Td7hlDpRm_djLU8mYH0.roa
Signing time:             Sun 01 Jan 2023 21:15:01 +0000
ROA not before:           Sun 01 Jan 2023 21:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209659
IP address blocks:        94.142.251.0/24 maxlen: 24
                          2a12:5bc1::/48 maxlen: 48
                          2a12:5bc0::/32 maxlen: 48

Validation:               Failed, certificate revoked on Fri 22 Sep 2023 12:52:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:30:19:88:0d:53:e5:f1:1e:30:99:1d:ee:4e:60:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4116f0e9aff39a8b196c483e085de79f246d9fdd
        Validity
            Not Before: Jan  1 21:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ad590eecabd4ddee1943a519bf7632d4f26607d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:06:6d:d4:83:c1:72:b8:bd:fa:dd:e8:a3:9e:
                    3a:ec:1d:b0:32:c6:d3:c2:71:16:68:48:c5:e9:ce:
                    76:35:ce:27:4d:b7:73:df:66:e9:c9:fd:bb:19:3d:
                    10:ba:2a:3f:1b:65:01:9c:39:ad:c1:9c:a7:cd:f7:
                    a0:37:0a:6e:ff:59:21:7f:23:2f:48:7e:27:7c:0e:
                    df:69:50:8c:51:59:4d:2a:53:f9:3b:ef:07:ad:76:
                    d4:78:ed:8b:f9:1a:88:f5:1a:11:dc:ff:6d:e9:b5:
                    60:5e:41:f3:02:0e:6a:a8:34:d6:53:60:40:c0:d7:
                    25:4a:30:cf:84:20:0d:87:4d:fd:80:c8:38:cb:12:
                    f4:83:91:88:05:69:f7:ac:de:f4:47:2b:88:12:37:
                    c5:a4:e9:60:25:bc:65:ab:a1:eb:f0:ac:35:4e:f4:
                    b6:d0:24:86:a9:cb:a5:4a:0c:d6:c8:bc:57:7d:3b:
                    52:fb:fd:12:24:e5:85:a7:9c:07:9d:6c:53:de:0a:
                    5b:c6:70:91:49:92:c5:32:f4:cf:d5:66:2f:aa:8e:
                    59:84:b6:c0:11:08:ad:ed:af:2e:02:1b:b5:fe:a7:
                    23:dc:3a:83:e5:bf:f3:9a:76:d7:7d:e7:a5:fb:59:
                    0c:dd:60:ff:b0:bf:5c:db:83:27:1a:02:bc:f9:24:
                    42:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D5:90:EE:CA:BD:4D:DE:E1:94:3A:51:9B:F7:63:2D:4F:26:60:7D
            X509v3 Authority Key Identifier:
                keyid:41:16:F0:E9:AF:F3:9A:8B:19:6C:48:3E:08:5D:E7:9F:24:6D:9F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/CtWQ7sq9Td7hlDpRm_djLU8mYH0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/QRbw6a_zmosZbEg-CF3nnyRtn90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.142.251.0/24
                IPv6:
                  2a12:5bc0::-2a12:5bc1:0:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         29:31:d0:f7:6d:80:f2:d9:cc:75:6a:ec:57:25:32:2b:5d:bf:
         38:17:42:a8:1a:21:75:98:77:f8:06:6b:84:29:58:7d:b8:93:
         b3:0f:48:2e:a0:b1:2b:9e:ae:fc:d6:09:9c:0d:ca:fa:19:71:
         09:83:4b:a1:f3:d4:8a:14:bd:32:00:2d:bb:bb:4f:8e:9c:82:
         7f:b8:4f:5f:5a:47:58:c8:50:e0:96:81:39:48:51:8c:5d:c7:
         c2:90:1a:1c:ba:ef:78:bb:09:7e:39:d6:eb:4a:ec:aa:c4:be:
         97:85:63:d7:55:73:f7:b7:86:bb:ba:5b:86:8e:89:5e:66:57:
         70:09:1a:16:7b:8b:96:69:ce:46:66:fb:bd:a5:92:2b:3c:8d:
         f6:cc:3c:30:85:6a:da:0f:bd:dc:f4:54:0d:85:07:c1:00:34:
         d0:b3:85:2b:2d:56:f0:5e:b4:2d:4f:87:7c:3c:1c:3d:fb:84:
         ad:4c:db:ce:fe:90:fe:c9:f3:c0:d9:60:35:52:09:9e:33:d4:
         cb:b4:54:b4:8c:26:fe:f9:ed:3c:de:47:2a:9d:31:1b:6f:a6:
         57:4b:c8:3b:46:70:8a:7e:80:a3:e7:98:71:a5:c7:3e:0b:74:
         29:a1:75:59:73:6f:3a:08:e2:9b:aa:47:96:22:74:b6:c6:16:
         ee:51:4c:8d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvMBmIDVPl8R4wmR3uTmCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMTZmMGU5YWZmMzlhOGIxOTZjNDgzZTA4NWRlNzlmMjQ2
ZDlmZGQwHhcNMjMwMTAxMjExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ1OTBlZWNhYmQ0ZGRlZTE5NDNhNTE5YmY3NjMyZDRmMjY2MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQZt1IPBcri9+t3oo5467B2wMsbT
wnEWaEjF6c52Nc4nTbdz32bpyf27GT0Quio/G2UBnDmtwZynzfegNwpu/1khfyMv
SH4nfA7faVCMUVlNKlP5O+8HrXbUeO2L+RqI9RoR3P9t6bVgXkHzAg5qqDTWU2BA
wNclSjDPhCANh039gMg4yxL0g5GIBWn3rN70RyuIEjfFpOlgJbxlq6Hr8Kw1TvS2
0CSGqculSgzWyLxXfTtS+/0SJOWFp5wHnWxT3gpbxnCRSZLFMvTP1WYvqo5ZhLbA
EQit7a8uAhu1/qcj3DqD5b/zmnbXfeel+1kM3WD/sL9c24MnGgK8+SRCMQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFArVkO7KvU3e4ZQ6UZv3Yy1PJmB9MB8GA1UdIwQY
MBaAFEEW8Omv85qLGWxIPghd558kbZ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJidzZhX3ptb3NaYkVnLUNGM25ueVJ0bjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iYzNmZjctYWE4Ny00Mjk3LWFkZjAt
MjQwZDFmZmQwOWI4LzEvQ3RXUTdzcTlUZDdobERwUm1fZGpMVThtWUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iYzNmZjctYWE4Ny00Mjk3LWFkZjAtMjQwZDFmZmQwOWI4
LzEvUVJidzZhX3ptb3NaYkVnLUNGM25ueVJ0bjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAXo77MBgE
AgACMBIwEAMFBioSW8ADBwAqElvBAAAwDQYJKoZIhvcNAQELBQADggEBACkx0Pdt
gPLZzHVq7FclMitdvzgXQqgaIXWYd/gGa4QpWH24k7MPSC6gsSuervzWCZwNyvoZ
cQmDS6Hz1IoUvTIALbu7T46cgn+4T19aR1jIUOCWgTlIUYxdx8KQGhy673i7CX45
1utK7KrEvpeFY9dVc/e3hru6W4aOiV5mV3AJGhZ7i5ZpzkZm+72lkis8jfbMPDCF
atoPvdz0VA2FB8EANNCzhSstVvBetC1Ph3w8HD37hK1M287+kP7J88DZYDVSCZ4z
1Mu0VLSMJv757TzeRyqdMRtvpldLyDtGcIp+gKPnmHGlxz4LdCmhdVlzbzoI4puq
R5YidLbGFu5RTI0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:39 2024 by rpki-client on console-ams.rpki-client.org