Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/QVrGUIc82mkk3JSav1pLbCPTZCE.roa
File:                     QVrGUIc82mkk3JSav1pLbCPTZCE.roa (raw, json)
Hash identifier:          XsUbU5pGson63BeNBCrGWz4IBqp5fmmW/9DjmdS/lM4=
Subject key identifier:   41:5A:C6:50:87:3C:DA:69:24:DC:94:9A:BF:5A:4B:6C:23:D3:64:21
Certificate issuer:       /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial:       018A93AFDAFDCF8E8CA80BDD5124E06EC8E7
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/QVrGUIc82mkk3JSav1pLbCPTZCE.roa
Signing time:             Thu 14 Sep 2023 12:34:50 +0000
ROA not before:           Thu 14 Sep 2023 12:34:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203
IP address blocks:        185.148.224.0/22 maxlen: 24
                          109.234.0.0/21 maxlen: 24
                          91.205.116.0/22 maxlen: 24
                          193.242.174.0/23 maxlen: 24
                          2a07:6200:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:93:af:da:fd:cf:8e:8c:a8:0b:dd:51:24:e0:6e:c8:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
        Validity
            Not Before: Sep 14 12:34:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=415ac650873cda6924dc949abf5a4b6c23d36421
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:72:69:24:16:b8:ea:58:2c:2f:63:26:f6:9c:
                    a0:36:9d:e8:c5:91:70:ee:9b:76:3b:e5:64:bf:bd:
                    fc:1e:e7:36:81:87:0f:dd:65:33:93:e1:d8:57:cf:
                    20:aa:d3:af:e6:7d:a0:7c:3d:e3:56:6a:f6:9b:91:
                    be:4c:9e:8b:71:1e:be:37:1a:b8:3b:93:03:a7:88:
                    bf:f0:46:c3:28:15:72:1f:06:35:ac:ae:1a:09:24:
                    5a:1f:dc:c1:27:b6:66:0c:41:b9:21:65:1a:26:15:
                    02:b6:98:e1:cb:cb:40:4b:e0:09:4c:04:ac:c8:3b:
                    0d:1c:3d:0f:be:8e:6c:c1:80:8a:b9:53:3e:12:45:
                    8d:0f:62:b1:31:50:4d:7e:f7:b0:76:d8:bd:80:82:
                    99:c8:35:d0:53:13:52:7f:43:38:30:3e:e8:fc:3f:
                    0d:05:75:ec:8d:0d:7d:c8:fc:2c:7a:fb:2d:b6:ce:
                    f5:40:19:02:1d:30:9a:9c:58:d3:5b:98:b0:c5:e4:
                    50:8f:0a:93:6b:43:bb:af:83:e5:fb:01:bc:3d:ca:
                    65:18:f7:3c:ec:79:f3:56:a2:07:fd:83:a0:a2:c2:
                    ff:86:8f:0e:a0:e6:5d:d3:e2:ff:b2:3f:25:78:da:
                    1d:23:9d:a0:2d:fd:ae:a6:ac:68:e4:8f:8a:fb:ed:
                    fc:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:5A:C6:50:87:3C:DA:69:24:DC:94:9A:BF:5A:4B:6C:23:D3:64:21
            X509v3 Authority Key Identifier:
                keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/QVrGUIc82mkk3JSav1pLbCPTZCE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.116.0/22
                  109.234.0.0/21
                  185.148.224.0/22
                  193.242.174.0/23
                IPv6:
                  2a07:6200:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:c2:14:dc:31:f6:b4:53:d1:d5:25:15:c1:4b:81:ab:bf:e1:
         d8:ed:e5:fe:ca:e5:ca:a8:e3:4b:ac:54:2a:a1:0a:15:25:44:
         6b:85:94:8e:28:20:a2:e3:77:3e:f5:68:2b:f1:70:c6:c7:63:
         7c:fa:5a:e1:6e:18:c2:b7:ba:85:4c:dc:f3:2a:0c:45:18:cb:
         28:91:f7:c0:4f:3d:49:29:cd:b5:92:5b:b5:98:97:57:16:9a:
         08:d8:71:8d:73:15:c5:d9:fb:f3:4c:3f:d5:d0:2f:c3:f3:f3:
         ff:e6:8e:2a:15:da:3d:c2:3d:05:5e:eb:6e:83:c7:fa:18:92:
         1f:73:cb:79:88:6b:d4:81:69:a7:e9:bd:e0:e8:c4:dd:b3:1c:
         11:45:b9:63:ea:6e:8b:5a:ac:91:0d:ad:f3:2a:ec:57:6d:09:
         d9:d5:9f:d6:e5:0a:4f:be:ba:2d:2a:56:ef:de:e6:dd:6a:b6:
         33:ac:33:12:9a:f7:be:ea:8d:85:1e:7e:d0:ac:b9:a0:45:fa:
         57:c3:3b:23:ee:03:ff:38:64:7f:ca:1a:65:c2:19:42:bc:33:
         b3:80:1b:d4:b2:f9:4b:88:83:af:9e:fc:cd:6d:19:f3:50:48:
         2a:97:33:9e:4d:38:97:5a:47:f8:b7:05:23:d8:10:60:d6:9c:
         d5:59:65:21
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYqTr9r9z46MqAvdUSTgbsjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTE0MTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTVhYzY1MDg3M2NkYTY5MjRkYzk0OWFiZjVhNGI2YzIzZDM2NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHJpJBa46lgsL2Mm9pygNp3oxZFw
7pt2O+Vkv738Huc2gYcP3WUzk+HYV88gqtOv5n2gfD3jVmr2m5G+TJ6LcR6+Nxq4
O5MDp4i/8EbDKBVyHwY1rK4aCSRaH9zBJ7ZmDEG5IWUaJhUCtpjhy8tAS+AJTASs
yDsNHD0Pvo5swYCKuVM+EkWND2KxMVBNfvewdti9gIKZyDXQUxNSf0M4MD7o/D8N
BXXsjQ19yPwsevstts71QBkCHTCanFjTW5iwxeRQjwqTa0O7r4Pl+wG8PcplGPc8
7HnzVqIH/YOgosL/ho8OoOZd0+L/sj8leNodI52gLf2upqxo5I+K++384QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEFaxlCHPNppJNyUmr9aS2wj02QhMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvUVZyR1VJYzgybWtrM0pTYXYxcExiQ1BUWkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAJ/CFNwx9rRT0dUlFcFLgau/4djt5f7K5cqo40usVCqhChUlRGuFlI4oIKLj
dz71aCvxcMbHY3z6WuFuGMK3uoVM3PMqDEUYyyiR98BPPUkpzbWSW7WYl1cWmgjY
cY1zFcXZ+/NMP9XQL8Pz8//mjioV2j3CPQVe626Dx/oYkh9zy3mIa9SBaafpveDo
xN2zHBFFuWPqbotarJENrfMq7FdtCdnVn9blCk++ui0qVu/e5t1qtjOsMxKa977q
jYUeftCsuaBF+lfDOyPuA/84ZH/KGmXCGUK8M7OAG9Sy+UuIg6+e/M1tGfNQSCqX
M55NOJdaR/i3BSPYEGDWnNVZZSE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org