Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/qAgg3jArBthIOQWMm6AcZ65N3HE.roa
File:                     qAgg3jArBthIOQWMm6AcZ65N3HE.roa (raw, json)
Hash identifier:          pNGv5a15ZdrRAaImZZTrcxpKDi+zrwnzSFr2WNzgTv0=
Subject key identifier:   A8:08:20:DE:30:2B:06:D8:48:39:05:8C:9B:A0:1C:67:AE:4D:DC:71
Certificate issuer:       /CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
Certificate serial:       01856D94005C465703BA3932397FF778F973
Authority key identifier: 18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/qAgg3jArBthIOQWMm6AcZ65N3HE.roa
Signing time:             Sun 01 Jan 2023 13:44:54 +0000
ROA not before:           Sun 01 Jan 2023 13:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15466
IP address blocks:        45.150.28.0/22 maxlen: 22
                          217.169.224.0/20 maxlen: 20
                          2a04:8f80:2000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:94:00:5c:46:57:03:ba:39:32:39:7f:f7:78:f9:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
        Validity
            Not Before: Jan  1 13:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a80820de302b06d84839058c9ba01c67ae4ddc71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:81:00:9e:a4:02:cc:07:d8:de:08:6f:b8:2c:
                    64:d0:e5:5a:df:a3:2a:ba:9d:4d:16:1e:31:58:b8:
                    96:17:1d:f9:80:0e:18:db:0b:02:4f:7c:06:f5:b6:
                    08:fb:a7:4d:da:13:00:c2:de:5c:ea:5a:46:ce:88:
                    8d:61:d3:66:09:ee:cd:59:82:28:72:9b:ad:2b:f6:
                    c8:e8:c2:d0:e8:e1:e1:84:d5:05:a1:d3:5f:b0:72:
                    8c:4f:c2:bd:7c:d9:86:89:e3:2c:09:51:53:7d:2b:
                    e7:6f:0e:d6:c2:2e:ac:e5:3f:94:f2:ea:c9:16:36:
                    f1:87:47:9b:4d:f0:0a:0d:b7:2e:07:3f:83:3e:ab:
                    84:2d:2c:c6:ba:85:6e:01:f4:c9:7b:43:60:6d:6a:
                    dc:99:05:63:36:64:47:b1:3a:ee:8f:d0:2d:c4:9c:
                    59:d4:7c:13:c7:f5:ef:92:8d:57:8a:96:4e:10:c6:
                    ac:b2:44:c4:10:ef:fc:80:55:eb:a2:d8:42:f5:b1:
                    a1:6c:75:53:a8:ee:64:01:cd:e9:79:2a:b0:0b:a1:
                    b9:e1:24:fb:d3:2f:94:2a:e0:b5:9f:73:df:a9:ed:
                    fd:11:ff:19:a0:2b:5b:63:82:86:db:98:31:54:d4:
                    67:03:cd:4a:95:6d:87:dd:9b:f2:31:78:75:40:1d:
                    37:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:08:20:DE:30:2B:06:D8:48:39:05:8C:9B:A0:1C:67:AE:4D:DC:71
            X509v3 Authority Key Identifier:
                keyid:18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/qAgg3jArBthIOQWMm6AcZ65N3HE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.28.0/22
                  217.169.224.0/20
                IPv6:
                  2a04:8f80:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         14:53:03:b4:44:5a:60:7e:2e:74:96:0a:6c:64:12:58:37:d3:
         be:a9:98:96:55:3f:ca:ae:61:c1:33:e8:5d:2d:b1:54:fb:44:
         b6:a6:c9:21:4a:90:2b:1a:1b:2a:ef:87:28:9d:eb:98:75:aa:
         70:65:a6:69:68:73:6d:83:0d:3c:6e:60:0d:d3:f3:ff:a7:49:
         cd:a8:ca:64:83:ee:25:95:fc:00:38:08:88:85:19:8e:36:46:
         0a:42:ab:04:fc:58:68:82:38:66:48:cb:32:b5:61:95:16:b5:
         18:f2:2e:4e:f6:9b:45:d7:fa:ce:70:8e:6f:fa:6d:fb:2e:91:
         b6:58:f2:0e:18:4e:53:ce:ce:06:11:0b:52:17:ab:67:0e:8a:
         46:59:da:53:4c:13:d6:03:e9:14:17:a0:80:02:cc:8e:ba:01:
         2b:ec:eb:22:68:d5:b7:a0:b4:2e:3e:d0:b2:9e:6c:64:ab:17:
         86:3f:fe:50:74:61:5f:7d:7e:19:aa:33:7f:a3:f8:e6:5c:b4:
         d3:e1:60:3b:0e:6a:fc:c0:58:d7:0b:c0:8d:a4:15:47:1b:99:
         63:bd:5a:71:d0:8a:2e:51:e5:45:80:b7:a4:80:a4:a8:8d:9f:
         f3:78:98:a0:04:68:d0:c7:f4:ff:a9:cd:d1:19:7e:de:0e:9a:
         84:b7:96:4c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVtlABcRlcDujkyOX/3ePlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MzBlNjAzZTljYThjMDVkNGMxYmM2MmIwYjc2ZTdiZDlk
MTg5MDkwHhcNMjMwMTAxMTM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA4MjBkZTMwMmIwNmQ4NDgzOTA1OGM5YmEwMWM2N2FlNGRkYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIEAnqQCzAfY3ghvuCxk0OVa36Mq
up1NFh4xWLiWFx35gA4Y2wsCT3wG9bYI+6dN2hMAwt5c6lpGzoiNYdNmCe7NWYIo
cputK/bI6MLQ6OHhhNUFodNfsHKMT8K9fNmGieMsCVFTfSvnbw7Wwi6s5T+U8urJ
Fjbxh0ebTfAKDbcuBz+DPquELSzGuoVuAfTJe0NgbWrcmQVjNmRHsTruj9AtxJxZ
1HwTx/Xvko1XipZOEMasskTEEO/8gFXrothC9bGhbHVTqO5kAc3peSqwC6G54ST7
0y+UKuC1n3Pfqe39Ef8ZoCtbY4KG25gxVNRnA81KlW2H3ZvyMXh1QB035wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKgIIN4wKwbYSDkFjJugHGeuTdxxMB8GA1UdIwQY
MBaAFBgw5gPpyowF1MG8YrC3bnvZ0YkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYt
MTc4OWU2NGQzMjEwLzEvcUFnZzNqQXJCdGhJT1FXTW02QWNaNjVOM0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYtMTc4OWU2NGQzMjEw
LzEvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCLZYcAwQE
2angMA4EAgACMAgDBgQqBI+AIDANBgkqhkiG9w0BAQsFAAOCAQEAFFMDtERaYH4u
dJYKbGQSWDfTvqmYllU/yq5hwTPoXS2xVPtEtqbJIUqQKxobKu+HKJ3rmHWqcGWm
aWhzbYMNPG5gDdPz/6dJzajKZIPuJZX8ADgIiIUZjjZGCkKrBPxYaII4ZkjLMrVh
lRa1GPIuTvabRdf6znCOb/pt+y6RtljyDhhOU87OBhELUherZw6KRlnaU0wT1gPp
FBeggALMjroBK+zrImjVt6C0Lj7Qsp5sZKsXhj/+UHRhX31+Gaozf6P45ly00+Fg
Ow5q/MBY1wvAjaQVRxuZY71acdCKLlHlRYC3pICkqI2f83iYoARo0Mf0/6nN0Rl+
3g6ahLeWTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:19 2024 by rpki-client on console-fra.rpki-client.org