Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/QpkeflpUG3GRruEraraJgOh2yks.roa
File:                     QpkeflpUG3GRruEraraJgOh2yks.roa (raw, json)
Hash identifier:          ZFozj/TPwlD1OxtpfWN5A+tXYSyPlc906xHZC1QDrb0=
Subject key identifier:   42:99:1E:7E:5A:54:1B:71:91:AE:E1:2B:6A:B6:89:80:E8:76:CA:4B
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0189463B315A29194C22365E8C8ABE7E0B3A
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/QpkeflpUG3GRruEraraJgOh2yks.roa
Signing time:             Tue 11 Jul 2023 18:33:51 +0000
ROA not before:           Tue 11 Jul 2023 18:33:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.133.216.0/24 maxlen: 24
                          194.156.98.0/24 maxlen: 24
                          45.145.0.0/24 maxlen: 24
                          194.156.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Oct 2023 18:30:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:46:3b:31:5a:29:19:4c:22:36:5e:8c:8a:be:7e:0b:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 11 18:33:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42991e7e5a541b7191aee12b6ab68980e876ca4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:45:5f:2e:2d:a5:65:e5:ab:a4:12:66:78:84:
                    14:3b:52:08:44:ce:95:02:73:73:c2:25:15:73:81:
                    bf:99:0e:bf:90:4b:66:cc:46:3c:af:6f:9a:10:58:
                    58:3f:5b:54:a8:b6:a6:2d:0c:b8:e7:e3:9e:f1:be:
                    e8:5b:e5:46:54:95:68:f6:2f:8b:9a:c0:ca:d2:e5:
                    eb:b8:a5:42:75:e8:2e:44:47:35:28:55:a8:d8:9f:
                    18:1d:05:5b:56:0a:24:12:7c:27:62:40:c0:94:a1:
                    2f:28:19:38:fe:7b:b5:52:1e:d4:1e:ce:a2:a6:7f:
                    51:72:75:21:6b:a3:79:49:12:28:6a:f6:ff:5a:4b:
                    1d:96:b3:79:d0:3c:d2:9c:78:d1:27:1d:30:00:67:
                    be:1a:be:01:99:07:36:21:b3:ca:4f:53:8a:bf:89:
                    91:c7:5f:62:3d:d2:e0:3d:42:f2:4e:90:e6:25:80:
                    37:0f:a7:a8:89:54:3b:fb:1b:8e:65:7a:ef:1b:5d:
                    a3:e4:48:bc:5b:34:42:b9:4a:26:58:2c:58:e4:9f:
                    00:96:85:78:05:7b:33:80:cd:d8:af:8e:be:d4:d0:
                    da:58:3a:3e:7b:79:2c:ba:34:80:cb:91:89:46:9e:
                    73:74:aa:c4:1a:db:ac:f6:8b:9a:96:a5:9f:f3:f1:
                    8b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:99:1E:7E:5A:54:1B:71:91:AE:E1:2B:6A:B6:89:80:E8:76:CA:4B
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/QpkeflpUG3GRruEraraJgOh2yks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.216.0/24
                  45.145.0.0/24
                  194.156.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c4:cb:77:02:c6:f8:54:a1:3a:57:b3:5c:ad:12:f2:26:45:42:
         b3:46:f4:09:79:5e:25:15:dd:e0:80:56:35:ff:39:3e:bd:64:
         e9:e9:03:00:ee:f2:c2:ee:90:91:86:dc:fc:32:ca:2b:9e:25:
         de:b7:18:c5:54:df:78:9f:a4:13:1e:70:14:8b:a1:cf:1d:f8:
         10:4d:d1:f3:c1:ab:d4:1e:e1:c3:e2:24:19:09:3c:c9:b7:31:
         91:c2:77:f4:0d:d7:2f:28:a6:21:68:c6:0e:29:9f:f2:e6:41:
         01:cf:db:c7:a4:15:94:12:9a:26:30:73:23:cb:3a:3a:fb:c7:
         90:1b:fd:1c:e1:6f:05:d1:ad:d0:63:0b:ec:19:da:c0:09:0a:
         f1:37:ec:18:5d:26:3d:70:55:45:f8:11:64:81:3d:55:f2:24:
         28:e5:5d:31:6b:81:a5:ec:25:b6:94:e7:6e:93:11:78:05:b3:
         e2:79:ac:36:0a:32:96:9d:43:f6:2b:52:cc:04:63:0b:c7:28:
         8a:96:92:f9:0c:b6:e7:c0:ce:c5:8b:ba:65:be:43:8a:7d:40:
         d5:16:13:f2:7a:00:95:63:f1:d1:f0:57:a5:78:c1:bd:98:86:
         3a:ac:c5:11:41:ad:49:4b:3e:54:55:53:85:ee:da:fd:31:aa:
         3b:3a:d2:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlGOzFaKRlMIjZejIq+fgs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzExMTgzMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk5MWU3ZTVhNTQxYjcxOTFhZWUxMmI2YWI2ODk4MGU4NzZjYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkVfLi2lZeWrpBJmeIQUO1IIRM6V
AnNzwiUVc4G/mQ6/kEtmzEY8r2+aEFhYP1tUqLamLQy45+Oe8b7oW+VGVJVo9i+L
msDK0uXruKVCdeguREc1KFWo2J8YHQVbVgokEnwnYkDAlKEvKBk4/nu1Uh7UHs6i
pn9RcnUha6N5SRIoavb/WksdlrN50DzSnHjRJx0wAGe+Gr4BmQc2IbPKT1OKv4mR
x19iPdLgPULyTpDmJYA3D6eoiVQ7+xuOZXrvG12j5Ei8WzRCuUomWCxY5J8AloV4
BXszgM3Yr46+1NDaWDo+e3ksujSAy5GJRp5zdKrEGtus9oualqWf8/GLyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEKZHn5aVBtxka7hK2q2iYDodspLMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvUXBrZWZscFVHM0dScnVFcmFyYUpnT2gyeWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYXYAwQA
LZEAAwQBwpxiMA0GCSqGSIb3DQEBCwUAA4IBAQDEy3cCxvhUoTpXs1ytEvImRUKz
RvQJeV4lFd3ggFY1/zk+vWTp6QMA7vLC7pCRhtz8MsorniXetxjFVN94n6QTHnAU
i6HPHfgQTdHzwavUHuHD4iQZCTzJtzGRwnf0DdcvKKYhaMYOKZ/y5kEBz9vHpBWU
EpomMHMjyzo6+8eQG/0c4W8F0a3QYwvsGdrACQrxN+wYXSY9cFVF+BFkgT1V8iQo
5V0xa4Gl7CW2lOdukxF4BbPieaw2CjKWnUP2K1LMBGMLxyiKlpL5DLbnwM7Fi7pl
vkOKfUDVFhPyegCVY/HR8FeleMG9mIY6rMURQa1JSz5UVVOF7tr9Mao7OtKr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org