Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/QfxQTwVfHuviA7hUplI5OJtc4EM.roa
File:                     QfxQTwVfHuviA7hUplI5OJtc4EM.roa (raw, json)
Hash identifier:          FMWaMXLNSIluL5W70FC1OrgsKAAqm0xmEgnhxd7gOng=
Subject key identifier:   41:FC:50:4F:05:5F:1E:EB:E2:03:B8:54:A6:52:39:38:9B:5C:E0:43
Certificate issuer:       /CN=4e4c1389a849ef5dccb8303703b898c91e63d14f
Certificate serial:       01856DA62BFEE6B8900B6680F2191952E0A0
Authority key identifier: 4E:4C:13:89:A8:49:EF:5D:CC:B8:30:37:03:B8:98:C9:1E:63:D1:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkwTiahJ713MuDA3A7iYyR5j0U8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/QfxQTwVfHuviA7hUplI5OJtc4EM.roa
Signing time:             Sun 01 Jan 2023 14:04:44 +0000
ROA not before:           Sun 01 Jan 2023 14:04:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25447
IP address blocks:        152.89.220.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:2b:fe:e6:b8:90:0b:66:80:f2:19:19:52:e0:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e4c1389a849ef5dccb8303703b898c91e63d14f
        Validity
            Not Before: Jan  1 14:04:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=41fc504f055f1eebe203b854a65239389b5ce043
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b4:2f:7e:a7:27:af:aa:60:d9:4a:01:83:7c:
                    da:2e:39:36:9a:ef:d1:aa:40:42:9f:4d:16:1d:47:
                    c6:53:07:65:fa:26:66:d6:18:9e:20:d2:72:64:98:
                    35:41:46:a5:f3:a6:dd:9c:8d:0b:48:99:08:ba:db:
                    e1:d3:c3:12:5a:83:3e:1d:53:c9:7e:02:81:05:af:
                    32:95:dc:25:28:71:f2:47:ed:62:1a:f0:f7:ec:09:
                    c3:cb:a6:e9:ee:e9:f1:16:7f:72:1d:37:c0:53:fd:
                    9d:d5:a7:cf:32:ee:34:9a:4c:22:d6:32:74:78:80:
                    43:e6:28:32:69:15:25:c4:34:9b:5b:8b:ee:d2:ba:
                    d9:e1:4c:7e:f5:3b:95:0c:d0:3c:7b:47:45:fe:98:
                    bd:7b:61:88:c7:1b:6e:73:9c:38:73:9c:7d:4a:9c:
                    90:94:30:17:f6:31:a1:69:cb:21:94:5a:01:a6:b1:
                    05:02:2c:b1:de:54:ac:5e:15:a4:72:8e:b5:1f:05:
                    a9:53:82:9e:43:1c:9e:6f:4e:b3:d9:fb:a6:60:3e:
                    00:17:7e:e4:f0:7a:e5:b6:69:9e:bc:79:53:05:b0:
                    6d:af:2b:52:74:cc:f4:05:46:af:ae:ba:56:7e:aa:
                    b0:4c:74:61:3c:3f:ca:df:78:74:74:41:d7:81:dd:
                    93:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:FC:50:4F:05:5F:1E:EB:E2:03:B8:54:A6:52:39:38:9B:5C:E0:43
            X509v3 Authority Key Identifier:
                keyid:4E:4C:13:89:A8:49:EF:5D:CC:B8:30:37:03:B8:98:C9:1E:63:D1:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkwTiahJ713MuDA3A7iYyR5j0U8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/QfxQTwVfHuviA7hUplI5OJtc4EM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/TkwTiahJ713MuDA3A7iYyR5j0U8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         12:90:bf:39:70:82:eb:b8:dd:9e:60:33:4e:46:33:99:99:93:
         b5:ec:13:42:b0:d6:f2:07:a3:b6:42:f9:39:6c:62:bc:74:e2:
         10:12:57:ca:f7:9d:0c:c8:25:92:70:6b:8e:97:80:65:ce:b0:
         50:76:46:03:f4:5d:36:47:a1:b1:8b:5c:94:d8:c0:16:9d:b4:
         3f:79:18:f6:85:08:00:57:94:0d:56:83:7f:10:e4:a1:92:ac:
         4e:c4:cc:f0:74:10:61:95:64:d2:a1:de:54:e5:eb:cc:d5:02:
         e7:a6:34:df:2c:61:8d:2f:75:6c:a5:6b:48:88:f1:25:20:c1:
         c0:5b:e3:9c:06:31:f2:e8:33:25:7a:c5:eb:53:6e:4a:c2:08:
         02:49:a9:93:b6:d0:49:51:16:38:e6:b8:d1:52:4f:70:d9:73:
         09:69:e9:af:03:32:db:83:7d:24:0c:5d:d7:36:f6:e3:18:df:
         c9:24:7a:45:83:97:3d:0b:a3:42:5a:d6:2c:2d:4e:fe:3d:96:
         4e:aa:eb:25:22:4d:16:8e:54:c4:20:b8:cc:2a:cc:e4:9a:05:
         cb:61:f0:98:d8:a5:65:6b:97:f4:bc:78:36:6b:ad:87:23:61:
         a7:78:01:c5:af:09:b3:97:a4:a3:9c:01:32:11:c0:40:e3:99:
         89:6d:77:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpiv+5riQC2aA8hkZUuCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNGMxMzg5YTg0OWVmNWRjY2I4MzAzNzAzYjg5OGM5MWU2
M2QxNGYwHhcNMjMwMTAxMTQwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZjNTA0ZjA1NWYxZWViZTIwM2I4NTRhNjUyMzkzODliNWNlMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLQvfqcnr6pg2UoBg3zaLjk2mu/R
qkBCn00WHUfGUwdl+iZm1hieINJyZJg1QUal86bdnI0LSJkIutvh08MSWoM+HVPJ
fgKBBa8yldwlKHHyR+1iGvD37AnDy6bp7unxFn9yHTfAU/2d1afPMu40mkwi1jJ0
eIBD5igyaRUlxDSbW4vu0rrZ4Ux+9TuVDNA8e0dF/pi9e2GIxxtuc5w4c5x9SpyQ
lDAX9jGhacshlFoBprEFAiyx3lSsXhWkco61HwWpU4KeQxyeb06z2fumYD4AF37k
8HrltmmevHlTBbBtrytSdMz0BUavrrpWfqqwTHRhPD/K33h0dEHXgd2TRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEH8UE8FXx7r4gO4VKZSOTibXOBDMB8GA1UdIwQY
MBaAFE5ME4moSe9dzLgwNwO4mMkeY9FPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGt3VGlhaEo3MTNNdURBM0E3aVl5UjVqMFU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTY1YjAtZmVlOS00OWJmLWE1NGQt
YThkODM4NDM4ZDhhLzEvUWZ4UVR3VmZIdXZpQTdoVXBsSTVPSnRjNEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTY1YjAtZmVlOS00OWJmLWE1NGQtYThkODM4NDM4ZDhh
LzEvVGt3VGlhaEo3MTNNdURBM0E3aVl5UjVqMFU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFncMA0G
CSqGSIb3DQEBCwUAA4IBAQASkL85cILruN2eYDNORjOZmZO17BNCsNbyB6O2Qvk5
bGK8dOIQElfK950MyCWScGuOl4BlzrBQdkYD9F02R6Gxi1yU2MAWnbQ/eRj2hQgA
V5QNVoN/EOShkqxOxMzwdBBhlWTSod5U5evM1QLnpjTfLGGNL3VspWtIiPElIMHA
W+OcBjHy6DMlesXrU25KwggCSamTttBJURY45rjRUk9w2XMJaemvAzLbg30kDF3X
NvbjGN/JJHpFg5c9C6NCWtYsLU7+PZZOquslIk0WjlTEILjMKszkmgXLYfCY2KVl
a5f0vHg2a62HI2GneAHFrwmzl6SjnAEyEcBA45mJbXfL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:19 2024 by rpki-client on console-fra.rpki-client.org