Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/QSv8g-T186KHOYkgcREwRcsAWiM.roa
File:                     QSv8g-T186KHOYkgcREwRcsAWiM.roa (raw, json)
Hash identifier:          Qo55n7HRBuWUmyrOVlgrz7cwRRRUsVyhKB2IJ39tP7Y=
Subject key identifier:   41:2B:FC:83:E4:F5:F3:A2:87:39:89:20:71:11:30:45:CB:00:5A:23
Certificate issuer:       /CN=c491456eda59fb0fd2d173f95412be35f6cfbfaf
Certificate serial:       0185720C8A6513DE9D4C651F981ECAECCEA1
Authority key identifier: C4:91:45:6E:DA:59:FB:0F:D2:D1:73:F9:54:12:BE:35:F6:CF:BF:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xJFFbtpZ-w_S0XP5VBK-NfbPv68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/QSv8g-T186KHOYkgcREwRcsAWiM.roa
Signing time:             Mon 02 Jan 2023 10:35:02 +0000
ROA not before:           Mon 02 Jan 2023 10:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201324
IP address blocks:        185.78.140.0/22 maxlen: 22
                          2a03:5960::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 13:54:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:8a:65:13:de:9d:4c:65:1f:98:1e:ca:ec:ce:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c491456eda59fb0fd2d173f95412be35f6cfbfaf
        Validity
            Not Before: Jan  2 10:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=412bfc83e4f5f3a28739892071113045cb005a23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:45:07:0b:e0:ac:3d:85:c6:e1:27:af:24:83:
                    be:f0:cf:a2:ee:ec:92:ed:fc:bf:c9:ef:27:c3:a9:
                    fd:9b:e8:e1:69:da:67:27:f8:49:93:9e:2b:ec:56:
                    72:0c:20:e1:ad:b4:3d:1a:61:9c:0c:ec:48:17:4e:
                    83:1a:41:c2:98:54:75:cb:f1:25:85:e1:47:7c:0d:
                    0d:77:ff:7a:32:39:52:03:21:6b:8d:39:06:33:8a:
                    2f:38:56:4c:e3:18:16:6d:ae:33:7c:e5:54:95:fa:
                    48:6f:ee:ae:d0:04:5e:bb:ba:b3:03:ea:1c:5b:06:
                    d7:9f:bc:78:c2:08:40:39:d6:da:f9:c1:76:93:d4:
                    a7:3a:04:ac:63:27:e3:11:89:a2:b9:74:7d:8f:ed:
                    5c:31:fa:85:c5:46:34:d2:22:bc:ce:28:13:c5:22:
                    b8:85:89:1a:d8:17:79:f4:60:58:5b:01:7e:9c:69:
                    30:88:7f:e8:2f:1d:c5:ce:67:71:71:ca:de:87:16:
                    09:09:21:44:28:8d:35:45:1a:60:9a:20:34:2f:f0:
                    7f:11:a4:26:bb:b8:e1:35:35:cb:8d:2a:dd:a1:86:
                    b3:4f:84:7b:d4:8c:a2:77:d9:ba:76:6d:ed:10:fe:
                    32:bb:80:42:e5:77:1d:78:a4:e9:25:d8:c9:8d:31:
                    14:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:2B:FC:83:E4:F5:F3:A2:87:39:89:20:71:11:30:45:CB:00:5A:23
            X509v3 Authority Key Identifier:
                keyid:C4:91:45:6E:DA:59:FB:0F:D2:D1:73:F9:54:12:BE:35:F6:CF:BF:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJFFbtpZ-w_S0XP5VBK-NfbPv68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/QSv8g-T186KHOYkgcREwRcsAWiM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/xJFFbtpZ-w_S0XP5VBK-NfbPv68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.78.140.0/22
                IPv6:
                  2a03:5960::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:2d:0f:94:d5:81:41:dc:46:84:84:3f:43:c3:96:6d:39:4a:
         2f:ad:cb:b1:54:83:62:ac:52:7e:3d:f5:51:fe:dc:ec:0e:41:
         3f:03:6a:5f:c4:04:46:4d:9e:c2:72:b5:81:fe:1f:cb:02:20:
         8c:ff:0a:40:54:b3:6c:a2:0a:40:33:94:54:43:2d:64:e9:76:
         3f:ff:3f:9e:f8:c5:b8:be:28:b5:8a:2b:72:e4:fa:1b:c2:d2:
         6c:46:2a:1a:5c:9c:8a:7d:32:92:29:56:de:fe:48:d4:fc:5d:
         65:b2:b3:e1:87:1f:72:f5:c1:ab:70:42:e1:fe:d9:30:21:4a:
         36:bf:d4:f9:5a:ea:7e:7b:d4:29:a5:ed:5a:ff:e4:43:48:b7:
         96:78:4e:b9:5a:94:5e:19:45:2a:db:fa:02:64:60:96:cd:0f:
         71:fa:5f:4e:f1:5a:cd:22:94:56:84:aa:c6:c2:a2:a3:1d:22:
         cd:0c:a4:f8:aa:e7:41:0b:f7:a4:8d:3b:99:b8:af:29:4c:84:
         1c:9a:78:07:49:0c:10:93:38:b2:f0:f7:7a:21:68:13:8d:25:
         44:80:20:0d:62:5e:b3:c9:9c:67:49:af:79:66:9e:57:15:ff:
         da:b3:2f:b5:14:88:17:70:27:65:d1:11:39:26:84:e6:c7:51:
         2c:29:19:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyDIplE96dTGUfmB7K7M6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OTE0NTZlZGE1OWZiMGZkMmQxNzNmOTU0MTJiZTM1ZjZj
ZmJmYWYwHhcNMjMwMTAyMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTJiZmM4M2U0ZjVmM2EyODczOTg5MjA3MTExMzA0NWNiMDA1YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEUHC+CsPYXG4SevJIO+8M+i7uyS
7fy/ye8nw6n9m+jhadpnJ/hJk54r7FZyDCDhrbQ9GmGcDOxIF06DGkHCmFR1y/El
heFHfA0Nd/96MjlSAyFrjTkGM4ovOFZM4xgWba4zfOVUlfpIb+6u0AReu7qzA+oc
WwbXn7x4wghAOdba+cF2k9SnOgSsYyfjEYmiuXR9j+1cMfqFxUY00iK8zigTxSK4
hYka2Bd59GBYWwF+nGkwiH/oLx3FzmdxccrehxYJCSFEKI01RRpgmiA0L/B/EaQm
u7jhNTXLjSrdoYazT4R71Iyid9m6dm3tEP4yu4BC5XcdeKTpJdjJjTEUvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEEr/IPk9fOihzmJIHERMEXLAFojMB8GA1UdIwQY
MBaAFMSRRW7aWfsP0tFz+VQSvjX2z7+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEpGRmJ0cFotd19TMFhQNVZCSy1OZmJQdjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80ZjQwOGQtYmRhNS00YTk0LWI4M2Et
YTczMGNjZmRhZGM1LzEvUVN2OGctVDE4NktIT1lrZ2NSRXdSY3NBV2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80ZjQwOGQtYmRhNS00YTk0LWI4M2EtYTczMGNjZmRhZGM1
LzEveEpGRmJ0cFotd19TMFhQNVZCSy1OZmJQdjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU6MMA0E
AgACMAcDBQAqA1lgMA0GCSqGSIb3DQEBCwUAA4IBAQAWLQ+U1YFB3EaEhD9Dw5Zt
OUovrcuxVINirFJ+PfVR/tzsDkE/A2pfxARGTZ7CcrWB/h/LAiCM/wpAVLNsogpA
M5RUQy1k6XY//z+e+MW4vii1iity5PobwtJsRioaXJyKfTKSKVbe/kjU/F1lsrPh
hx9y9cGrcELh/tkwIUo2v9T5Wup+e9Qppe1a/+RDSLeWeE65WpReGUUq2/oCZGCW
zQ9x+l9O8VrNIpRWhKrGwqKjHSLNDKT4qudBC/ekjTuZuK8pTIQcmngHSQwQkziy
8Pd6IWgTjSVEgCANYl6zyZxnSa95Zp5XFf/asy+1FIgXcCdl0RE5JoTmx1EsKRmU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:18 2024 by rpki-client on console-fra.rpki-client.org