Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/2d1a0a-71cc-4f57-aa63-bedac10aacdc/1/qrgQZgq2bnLUQflrI_AnDp_fZ0E.roa
File:                     qrgQZgq2bnLUQflrI_AnDp_fZ0E.roa (raw, json)
Hash identifier:          jaZjzTjDntPODAO7yhoaU0VveHo95Lh0VOOtGydJheo=
Subject key identifier:   AA:B8:10:66:0A:B6:6E:72:D4:41:F9:6B:23:F0:27:0E:9F:DF:67:41
Certificate issuer:       /CN=bf5bdc4106adde89e1ce9c32b807b2082ebb9944
Certificate serial:       018572FA5F7A43D73955371B598E05ED7B17
Authority key identifier: BF:5B:DC:41:06:AD:DE:89:E1:CE:9C:32:B8:07:B2:08:2E:BB:99:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v1vcQQat3onhzpwyuAeyCC67mUQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/2d1a0a-71cc-4f57-aa63-bedac10aacdc/1/qrgQZgq2bnLUQflrI_AnDp_fZ0E.roa
Signing time:             Mon 02 Jan 2023 14:54:49 +0000
ROA not before:           Mon 02 Jan 2023 14:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62276
IP address blocks:        185.40.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:fa:5f:7a:43:d7:39:55:37:1b:59:8e:05:ed:7b:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf5bdc4106adde89e1ce9c32b807b2082ebb9944
        Validity
            Not Before: Jan  2 14:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aab810660ab66e72d441f96b23f0270e9fdf6741
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d1:4f:4f:4b:c3:fa:76:3b:ee:03:75:be:e7:
                    12:b8:6a:c2:5d:d9:d3:dd:8b:e2:08:42:d6:7e:4c:
                    70:a4:ba:7b:1a:7f:76:47:20:15:f1:b3:1f:73:0a:
                    19:db:0e:fa:4a:3c:b9:7f:8d:1f:64:90:c6:62:39:
                    94:a8:d4:5b:b9:38:40:f4:f6:55:d8:fa:9e:0b:b5:
                    14:1c:8e:96:f3:a8:97:b2:37:6c:64:02:e5:c1:2f:
                    b6:13:93:64:19:70:d1:67:26:bc:17:2d:90:a8:f2:
                    8b:42:3f:b4:a1:16:c6:09:90:f8:8d:16:fa:cf:a3:
                    62:e0:35:b7:dd:72:e0:68:91:3e:8c:c5:8a:df:24:
                    0d:66:f3:38:8a:91:f5:4d:e3:5d:dd:37:8f:2d:74:
                    09:74:0e:5f:75:a9:83:4e:14:89:aa:26:9b:5a:fb:
                    a8:15:6f:4c:41:31:c8:5d:89:92:9e:e9:8c:73:d4:
                    40:80:be:35:c4:93:10:68:08:99:9f:fe:fb:2a:87:
                    37:2d:74:de:77:b1:3f:e1:4c:b2:68:bb:cd:c2:a4:
                    5d:f5:dc:75:12:5f:9c:c3:bc:97:81:fb:bd:94:60:
                    c0:4e:6c:fe:92:4a:16:9d:50:fc:62:e4:8c:d8:cb:
                    a0:dd:e5:72:e8:28:c1:60:38:93:8b:56:10:99:9d:
                    6d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B8:10:66:0A:B6:6E:72:D4:41:F9:6B:23:F0:27:0E:9F:DF:67:41
            X509v3 Authority Key Identifier:
                keyid:BF:5B:DC:41:06:AD:DE:89:E1:CE:9C:32:B8:07:B2:08:2E:BB:99:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1vcQQat3onhzpwyuAeyCC67mUQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2d1a0a-71cc-4f57-aa63-bedac10aacdc/1/qrgQZgq2bnLUQflrI_AnDp_fZ0E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2d1a0a-71cc-4f57-aa63-bedac10aacdc/1/v1vcQQat3onhzpwyuAeyCC67mUQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.40.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:65:74:93:3c:24:7c:50:f9:54:c3:86:91:7c:f0:2b:06:f2:
         26:a1:6d:56:10:ac:90:0f:4c:cc:9a:a1:59:d9:f1:8a:94:38:
         d6:2f:38:cd:56:05:78:55:26:a1:51:53:ad:66:6e:99:bc:62:
         be:e2:6c:d8:4a:a6:59:64:4e:34:bb:71:91:c3:f6:03:a2:8c:
         66:f6:5e:f1:2c:24:c8:96:70:03:4b:48:18:65:6b:0b:59:1f:
         7f:43:80:9e:32:03:c8:09:ee:35:c3:14:c9:24:dd:77:be:37:
         ad:2f:e6:62:e2:79:4c:24:3a:30:e3:e2:ae:6e:90:33:d5:6b:
         4f:d2:54:5a:1c:e2:33:1c:b0:3c:e3:e2:76:ea:bd:1c:c6:9f:
         37:a9:ad:15:07:8f:3d:99:cf:35:b3:3d:84:15:6e:9e:db:ce:
         37:e6:66:b9:eb:5e:00:f9:5c:5b:69:82:6a:83:b3:c5:97:61:
         d7:40:69:da:9e:c7:0c:f7:03:e2:cd:cc:7b:d2:4b:aa:e9:0f:
         d5:53:9f:9b:3a:2f:04:17:ce:0b:e6:6a:c7:86:30:a5:52:5d:
         2e:28:48:34:81:18:88:c5:16:54:d8:d9:c0:a7:31:88:fc:d5:
         c9:5b:8d:cd:ad:03:20:1a:8d:1d:ed:33:6e:40:21:6d:4e:f2:
         e7:62:a2:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+l96Q9c5VTcbWY4F7XsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWJkYzQxMDZhZGRlODllMWNlOWMzMmI4MDdiMjA4MmVi
Yjk5NDQwHhcNMjMwMTAyMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI4MTA2NjBhYjY2ZTcyZDQ0MWY5NmIyM2YwMjcwZTlmZGY2NzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdFPT0vD+nY77gN1vucSuGrCXdnT
3YviCELWfkxwpLp7Gn92RyAV8bMfcwoZ2w76Sjy5f40fZJDGYjmUqNRbuThA9PZV
2PqeC7UUHI6W86iXsjdsZALlwS+2E5NkGXDRZya8Fy2QqPKLQj+0oRbGCZD4jRb6
z6Ni4DW33XLgaJE+jMWK3yQNZvM4ipH1TeNd3TePLXQJdA5fdamDThSJqiabWvuo
FW9MQTHIXYmSnumMc9RAgL41xJMQaAiZn/77Koc3LXTed7E/4UyyaLvNwqRd9dx1
El+cw7yXgfu9lGDATmz+kkoWnVD8YuSM2Mug3eVy6CjBYDiTi1YQmZ1tnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKq4EGYKtm5y1EH5ayPwJw6f32dBMB8GA1UdIwQY
MBaAFL9b3EEGrd6J4c6cMrgHsgguu5lEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjF2Y1FRYXQzb25oenB3eXVBZXlDQzY3bVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yZDFhMGEtNzFjYy00ZjU3LWFhNjMt
YmVkYWMxMGFhY2RjLzEvcXJnUVpncTJibkxVUWZscklfQW5EcF9mWjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yZDFhMGEtNzFjYy00ZjU3LWFhNjMtYmVkYWMxMGFhY2Rj
LzEvdjF2Y1FRYXQzb25oenB3eXVBZXlDQzY3bVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSioMA0G
CSqGSIb3DQEBCwUAA4IBAQCKZXSTPCR8UPlUw4aRfPArBvImoW1WEKyQD0zMmqFZ
2fGKlDjWLzjNVgV4VSahUVOtZm6ZvGK+4mzYSqZZZE40u3GRw/YDooxm9l7xLCTI
lnADS0gYZWsLWR9/Q4CeMgPICe41wxTJJN13vjetL+Zi4nlMJDow4+KubpAz1WtP
0lRaHOIzHLA84+J26r0cxp83qa0VB489mc81sz2EFW6e28435ma5614A+VxbaYJq
g7PFl2HXQGnanscM9wPizcx70kuq6Q/VU5+bOi8EF84L5mrHhjClUl0uKEg0gRiI
xRZU2NnApzGI/NXJW43NrQMgGo0d7TNuQCFtTvLnYqKw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:34 2024 by rpki-client on console-fra.rpki-client.org