Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Sqqb40li0GmAW2xuglGiFgnaeJA.roa
File:                     Sqqb40li0GmAW2xuglGiFgnaeJA.roa (raw, json)
Hash identifier:          9b9LgQNwc0EnaFpqE9xLroDajuGqCHrfglfTV2IBNB4=
Subject key identifier:   4A:AA:9B:E3:49:62:D0:69:80:5B:6C:6E:82:51:A2:16:09:DA:78:90
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018CC6B7B3F75FD77C9495C365A82453EE1B
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Sqqb40li0GmAW2xuglGiFgnaeJA.roa
Signing time:             Mon 01 Jan 2024 20:29:37 +0000
ROA not before:           Mon 01 Jan 2024 20:29:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51162
IP address blocks:        88.218.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 07:21:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:b3:f7:5f:d7:7c:94:95:c3:65:a8:24:53:ee:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan  1 20:29:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4aaa9be34962d069805b6c6e8251a21609da7890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:48:0a:c4:db:5f:e0:44:95:04:86:e0:fd:1b:
                    a5:81:d9:95:a7:8f:61:00:69:39:30:d7:0f:6c:d3:
                    85:e0:23:5f:a5:c0:22:f5:4c:ca:f1:fc:25:04:e5:
                    d2:79:f7:49:3e:c0:de:fa:5c:dd:8e:e5:8e:87:ab:
                    54:02:04:83:7b:7e:6b:7f:18:9f:a3:b1:2b:db:e0:
                    59:db:3c:ad:55:aa:85:fa:19:5b:fd:7c:97:2b:b1:
                    d2:f1:d2:ff:bc:f9:ce:6e:3f:88:a3:4d:04:58:a1:
                    cb:dd:e8:fb:ab:c0:0a:df:54:01:37:b2:9f:ee:87:
                    43:5a:1e:40:b8:4f:7f:13:49:41:f5:c1:bc:a3:2b:
                    8f:c9:19:d4:93:4d:f3:13:fb:09:fe:a1:21:27:ba:
                    2a:bc:ab:d6:36:b2:c6:35:40:41:60:37:67:2d:ce:
                    2c:6b:04:fa:00:22:a5:20:1c:93:cc:96:f6:df:17:
                    4d:ac:37:2a:5d:1b:40:83:98:62:9e:c0:f0:ed:94:
                    4f:b0:f3:fb:3d:0e:71:31:e2:37:ad:7b:a2:e8:b0:
                    cb:f4:7c:1b:8d:6c:98:70:59:71:39:c9:68:53:a0:
                    b8:69:44:c3:36:a9:ad:29:0e:25:6d:c9:ac:97:86:
                    50:2f:21:70:d3:a5:f7:3b:f3:47:ca:7e:15:d7:d2:
                    b7:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:AA:9B:E3:49:62:D0:69:80:5B:6C:6E:82:51:A2:16:09:DA:78:90
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Sqqb40li0GmAW2xuglGiFgnaeJA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:12:1e:2e:84:e2:87:8f:f8:aa:e7:37:46:1a:bc:8d:55:0b:
         d1:90:c6:d6:cb:f0:5f:32:60:5c:27:f5:00:32:53:6f:59:73:
         d8:d1:04:2a:6e:b6:4d:0d:62:91:4e:b9:e2:b2:3b:6b:3f:6a:
         63:77:ac:3b:59:9b:24:7f:90:2f:50:cf:e1:87:15:c3:23:76:
         13:4c:a8:6a:d0:d0:e4:86:60:ea:f6:54:ef:8a:08:40:8b:2a:
         58:bf:ef:f1:f3:25:fd:ed:c2:5b:c0:d9:56:1a:31:f4:35:49:
         c2:c8:08:20:26:06:c7:8e:03:d7:35:3c:47:5c:71:55:33:c1:
         27:16:79:ad:cb:48:a5:0e:3f:6d:38:db:0f:e9:58:38:63:bf:
         e7:bf:9e:52:a9:51:7e:d6:80:94:86:08:99:a7:78:50:7c:65:
         05:d7:76:6c:dc:8d:5c:78:b5:14:40:4d:6a:8f:a7:5b:c2:e7:
         a0:9f:04:60:28:02:7f:1e:e3:63:f6:32:92:aa:8a:92:30:fa:
         72:ec:d1:fe:ab:88:7d:5a:23:c7:88:84:44:6b:e6:62:cb:9b:
         c4:ec:45:ec:c5:2d:fc:d7:04:77:b8:1c:b9:f8:6d:ce:79:7e:
         e2:93:eb:99:48:ad:31:07:f0:39:d0:34:15:48:d3:e7:d2:e2:
         6d:5c:c3:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7P3X9d8lJXDZagkU+4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFhOWJlMzQ5NjJkMDY5ODA1YjZjNmU4MjUxYTIxNjA5ZGE3ODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUgKxNtf4ESVBIbg/RulgdmVp49h
AGk5MNcPbNOF4CNfpcAi9UzK8fwlBOXSefdJPsDe+lzdjuWOh6tUAgSDe35rfxif
o7Er2+BZ2zytVaqF+hlb/XyXK7HS8dL/vPnObj+Io00EWKHL3ej7q8AK31QBN7Kf
7odDWh5AuE9/E0lB9cG8oyuPyRnUk03zE/sJ/qEhJ7oqvKvWNrLGNUBBYDdnLc4s
awT6ACKlIByTzJb23xdNrDcqXRtAg5hinsDw7ZRPsPP7PQ5xMeI3rXui6LDL9Hwb
jWyYcFlxOcloU6C4aUTDNqmtKQ4lbcmsl4ZQLyFw06X3O/NHyn4V19K3twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqqm+NJYtBpgFtsboJRohYJ2niQMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvU3FxYjQwbGkwR21BVzJ4dWdsR2lGZ25hZUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNr6MA0G
CSqGSIb3DQEBCwUAA4IBAQCdEh4uhOKHj/iq5zdGGryNVQvRkMbWy/BfMmBcJ/UA
MlNvWXPY0QQqbrZNDWKRTrnisjtrP2pjd6w7WZskf5AvUM/hhxXDI3YTTKhq0NDk
hmDq9lTvighAiypYv+/x8yX97cJbwNlWGjH0NUnCyAggJgbHjgPXNTxHXHFVM8En
Fnmty0ilDj9tONsP6Vg4Y7/nv55SqVF+1oCUhgiZp3hQfGUF13Zs3I1ceLUUQE1q
j6dbwuegnwRgKAJ/HuNj9jKSqoqSMPpy7NH+q4h9WiPHiIREa+Ziy5vE7EXsxS38
1wR3uBy5+G3OeX7ik+uZSK0xB/A50DQVSNPn0uJtXMOC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org