Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/QgdkdZ7-i8kjALvgiVpH3RwrRwk.roa
File:                     QgdkdZ7-i8kjALvgiVpH3RwrRwk.roa (raw, json)
Hash identifier:          S0bg/z8CI0XgGlR4LZK2/VQOobZdfrmAEcP97fteUCk=
Subject key identifier:   42:07:64:75:9E:FE:8B:C9:23:00:BB:E0:89:5A:47:DD:1C:2B:47:09
Certificate issuer:       /CN=21c1672dbbbf7165a6a83b3227a7119f0d31e8ee
Certificate serial:       01857127956E900AA50A3EECCF13BEED139D
Authority key identifier: 21:C1:67:2D:BB:BF:71:65:A6:A8:3B:32:27:A7:11:9F:0D:31:E8:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/QgdkdZ7-i8kjALvgiVpH3RwrRwk.roa
Signing time:             Mon 02 Jan 2023 06:24:57 +0000
ROA not before:           Mon 02 Jan 2023 06:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210605
IP address blocks:        185.25.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:95:6e:90:0a:a5:0a:3e:ec:cf:13:be:ed:13:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21c1672dbbbf7165a6a83b3227a7119f0d31e8ee
        Validity
            Not Before: Jan  2 06:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=420764759efe8bc92300bbe0895a47dd1c2b4709
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:40:b6:bb:7a:b4:64:08:7c:27:42:c6:65:e0:
                    3a:6d:e1:fb:6f:26:25:97:a1:83:28:22:a1:f5:f7:
                    7c:c3:b4:d7:34:19:0a:08:87:dc:a4:22:4f:23:83:
                    01:28:d2:83:05:de:6a:48:b1:6d:2c:c7:f8:54:87:
                    2b:e7:a4:66:08:a3:89:87:aa:b0:17:ee:f5:26:ff:
                    11:20:a2:94:5e:02:22:29:1b:78:c6:a9:a7:52:63:
                    e0:b3:38:8b:b5:8f:e4:1d:e4:40:67:ef:bb:3f:cb:
                    ad:49:f3:19:60:cb:bc:e3:b6:8c:eb:5c:a7:c1:3d:
                    03:5c:24:0a:61:63:dc:91:c0:c2:2a:f6:e4:39:7b:
                    c3:e7:e5:5e:82:32:23:b5:40:42:f3:0b:1e:e5:73:
                    80:81:82:4b:a6:ad:a9:a3:d2:b8:e8:be:43:b6:9d:
                    75:3f:03:11:48:72:df:a6:4b:41:3a:35:6e:75:b4:
                    41:23:fa:27:a1:86:44:f6:9c:f4:12:6d:84:8a:59:
                    1e:2b:8d:ef:ce:1c:a6:b9:2e:94:f6:41:53:b5:ae:
                    10:f0:35:dd:59:47:c8:01:c7:03:5b:ce:a7:06:3d:
                    94:90:48:85:c7:bc:d8:da:a7:ff:c7:7a:3c:68:eb:
                    2e:1e:6c:c3:4d:e3:14:70:fd:aa:66:4b:21:d3:9e:
                    ad:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:07:64:75:9E:FE:8B:C9:23:00:BB:E0:89:5A:47:DD:1C:2B:47:09
            X509v3 Authority Key Identifier:
                keyid:21:C1:67:2D:BB:BF:71:65:A6:A8:3B:32:27:A7:11:9F:0D:31:E8:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/QgdkdZ7-i8kjALvgiVpH3RwrRwk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.25.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:21:70:30:a4:f3:91:e4:f4:32:d9:31:9c:1e:b9:7c:80:72:
         0c:f7:f1:0a:14:f0:ff:76:8a:ac:c1:33:8b:83:68:67:80:4f:
         90:60:dc:35:8c:65:3f:c7:7d:f7:fe:dc:aa:18:ec:db:47:5b:
         73:bc:da:c9:1e:51:9e:ac:b4:a6:ef:b0:e1:4b:dd:15:4d:71:
         0b:44:89:e7:0e:bb:ee:fb:d8:5a:27:a5:34:53:60:d7:e0:86:
         ea:aa:58:89:ef:1a:21:3e:0c:7f:9f:b6:cd:74:26:ee:93:72:
         69:4a:2c:ce:d9:93:d3:63:46:70:12:6c:ab:91:0a:9d:91:82:
         c9:6b:64:91:28:4b:9a:e7:9d:1e:02:68:84:fe:2f:74:04:fb:
         f5:17:db:3e:29:fa:3c:61:23:d5:18:96:02:7a:0d:68:43:f8:
         8f:3f:96:a2:14:41:bd:d0:bb:6a:c8:6a:13:bc:8c:c0:78:12:
         6f:b9:b8:fb:3f:7a:06:f1:26:7f:a8:18:e8:e9:80:be:9a:27:
         bc:ba:20:58:fe:cf:eb:1b:4d:c4:dd:1a:1d:a2:fc:c0:8d:ca:
         33:4a:a7:ab:fb:df:61:57:e9:72:a4:84:26:c1:58:ab:00:68:
         ae:f3:f4:d0:8e:f1:6f:e7:6d:2b:db:fc:66:8c:25:55:0d:c0:
         54:02:62:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ5VukAqlCj7szxO+7ROdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYzE2NzJkYmJiZjcxNjVhNmE4M2IzMjI3YTcxMTlmMGQz
MWU4ZWUwHhcNMjMwMTAyMDYyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA3NjQ3NTllZmU4YmM5MjMwMGJiZTA4OTVhNDdkZDFjMmI0NzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kC2u3q0ZAh8J0LGZeA6beH7byYl
l6GDKCKh9fd8w7TXNBkKCIfcpCJPI4MBKNKDBd5qSLFtLMf4VIcr56RmCKOJh6qw
F+71Jv8RIKKUXgIiKRt4xqmnUmPgsziLtY/kHeRAZ++7P8utSfMZYMu847aM61yn
wT0DXCQKYWPckcDCKvbkOXvD5+VegjIjtUBC8wse5XOAgYJLpq2po9K46L5Dtp11
PwMRSHLfpktBOjVudbRBI/onoYZE9pz0Em2EilkeK43vzhymuS6U9kFTta4Q8DXd
WUfIAccDW86nBj2UkEiFx7zY2qf/x3o8aOsuHmzDTeMUcP2qZksh056t2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIHZHWe/ovJIwC74IlaR90cK0cJMB8GA1UdIwQY
MBaAFCHBZy27v3Flpqg7MienEZ8NMejuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNGbkxidV9jV1dtcURzeUo2Y1JudzB4Nk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jMDVkNGMtOTZkMy00YjU3LWFlMzQt
MzQ3N2M3ZmNkNGQ5LzEvUWdka2RaNy1pOGtqQUx2Z2lWcEgzUndyUndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jMDVkNGMtOTZkMy00YjU3LWFlMzQtMzQ3N2M3ZmNkNGQ5
LzEvSWNGbkxidV9jV1dtcURzeUo2Y1JudzB4Nk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRlzMA0G
CSqGSIb3DQEBCwUAA4IBAQASIXAwpPOR5PQy2TGcHrl8gHIM9/EKFPD/doqswTOL
g2hngE+QYNw1jGU/x333/tyqGOzbR1tzvNrJHlGerLSm77DhS90VTXELRInnDrvu
+9haJ6U0U2DX4IbqqliJ7xohPgx/n7bNdCbuk3JpSizO2ZPTY0ZwEmyrkQqdkYLJ
a2SRKEua550eAmiE/i90BPv1F9s+Kfo8YSPVGJYCeg1oQ/iPP5aiFEG90LtqyGoT
vIzAeBJvubj7P3oG8SZ/qBjo6YC+mie8uiBY/s/rG03E3RodovzAjcozSqer+99h
V+lypIQmwVirAGiu8/TQjvFv520r2/xmjCVVDcBUAmJD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:03 2024 by rpki-client on console-ams.rpki-client.org