Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QRGU8wkekuRkWMT_6oXjwz2ykww.roa
File:                     QRGU8wkekuRkWMT_6oXjwz2ykww.roa (raw, json)
Hash identifier:          hcwjD1SQFWyxLRzcc5ou2BukKs0iImbvYiIu8ra2PdU=
Subject key identifier:   41:11:94:F3:09:1E:92:E4:64:58:C4:FF:EA:85:E3:C3:3D:B2:93:0C
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       0187BE06FC81DFCC3DA839D42B662DB6EB40
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QRGU8wkekuRkWMT_6oXjwz2ykww.roa
Signing time:             Wed 26 Apr 2023 14:45:41 +0000
ROA not before:           Wed 26 Apr 2023 14:45:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198734
IP address blocks:        2a0e:aa07:e0a0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:be:06:fc:81:df:cc:3d:a8:39:d4:2b:66:2d:b6:eb:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Apr 26 14:45:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=411194f3091e92e46458c4ffea85e3c33db2930c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b4:a5:6d:63:f7:e5:e1:13:38:f8:83:02:a1:
                    c6:c3:e9:f2:fc:83:18:80:6e:d8:a8:55:88:d7:7e:
                    13:f9:1e:52:f8:ec:e8:44:07:d4:45:39:a2:50:ed:
                    c3:3e:2f:45:49:0a:3d:8f:5a:a3:b6:0f:f6:6c:8b:
                    19:0b:69:48:34:01:a6:53:17:ee:2a:a1:ad:58:fc:
                    6b:aa:68:7c:ec:ea:10:87:14:67:6e:26:e8:fc:96:
                    e9:5a:94:f4:a6:99:e4:2c:c1:bf:31:fb:ab:fa:9c:
                    8c:05:ef:3c:7f:0c:f5:5a:42:52:fe:b9:55:88:7f:
                    97:e0:fc:08:ff:1e:59:0c:d0:af:f4:c2:02:fe:bc:
                    f3:1c:db:2e:8a:2c:1f:67:36:86:a5:91:37:34:1a:
                    e2:ed:32:6d:84:8c:88:ad:85:a1:05:aa:31:be:cb:
                    66:97:0a:f8:2b:19:71:de:95:45:f3:a5:2e:76:3e:
                    09:15:03:1f:c0:c7:df:24:5a:3d:21:e7:e6:44:35:
                    2c:3c:8e:07:39:86:bc:c8:21:9d:10:f2:ad:19:f2:
                    b9:32:0b:94:07:08:40:79:4f:fc:c6:de:46:50:9b:
                    f3:a6:31:8d:13:e7:bf:7d:2d:79:1d:65:1d:d2:ad:
                    de:50:8a:fc:3b:2e:00:0c:63:a6:3f:eb:f3:da:01:
                    e1:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:11:94:F3:09:1E:92:E4:64:58:C4:FF:EA:85:E3:C3:3D:B2:93:0C
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QRGU8wkekuRkWMT_6oXjwz2ykww.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:e0a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         51:4c:66:51:a5:42:ad:e9:0c:a4:5d:53:f8:7f:33:b1:59:9b:
         38:8e:c1:7c:68:6e:08:d0:b9:cb:b8:32:c9:e2:fa:07:50:15:
         0a:d6:53:34:4e:d3:e4:1b:c1:b2:d3:ef:7d:a5:3f:52:81:6f:
         76:a4:53:94:1e:a8:5d:14:2a:5a:50:ec:9c:a9:80:4b:d0:22:
         40:aa:d5:41:28:8f:d2:d2:9a:d6:f6:fb:fc:3d:74:c8:ab:a4:
         55:9f:fc:82:23:b3:19:66:54:cd:b2:d2:78:10:e4:00:20:48:
         af:dd:48:e6:68:35:db:0d:d9:4a:f1:60:0c:f7:85:53:a3:4d:
         30:4e:c6:71:a7:42:c5:e2:d4:da:0e:ec:b6:4a:2b:cf:05:09:
         5d:19:45:32:03:92:08:d9:65:b2:2b:b3:5c:c5:9f:77:cf:7b:
         11:5c:62:bd:73:d0:15:e7:5e:b0:d5:5c:d4:a5:c7:dc:7f:f4:
         67:55:51:3a:3d:be:1d:06:e5:1c:fe:5d:73:7a:c8:f7:11:16:
         83:07:8a:2d:70:30:41:cb:18:f7:11:ca:a4:5c:31:12:3c:28:
         88:6f:e4:02:1a:f0:40:df:c6:cb:0c:f7:9e:54:36:78:aa:95:
         28:79:a8:8d:88:c5:c3:e5:cd:e9:a9:e3:a4:3a:7c:06:60:19:
         83:13:34:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYe+BvyB38w9qDnUK2YttutAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwNDI2MTQ0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTExOTRmMzA5MWU5MmU0NjQ1OGM0ZmZlYTg1ZTNjMzNkYjI5MzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7SlbWP35eETOPiDAqHGw+ny/IMY
gG7YqFWI134T+R5S+OzoRAfURTmiUO3DPi9FSQo9j1qjtg/2bIsZC2lINAGmUxfu
KqGtWPxrqmh87OoQhxRnbibo/JbpWpT0ppnkLMG/Mfur+pyMBe88fwz1WkJS/rlV
iH+X4PwI/x5ZDNCv9MIC/rzzHNsuiiwfZzaGpZE3NBri7TJthIyIrYWhBaoxvstm
lwr4Kxlx3pVF86Uudj4JFQMfwMffJFo9IefmRDUsPI4HOYa8yCGdEPKtGfK5MguU
BwhAeU/8xt5GUJvzpjGNE+e/fS15HWUd0q3eUIr8Oy4ADGOmP+vz2gHh7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEERlPMJHpLkZFjE/+qF48M9spMMMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvUVJHVTh3a2VrdVJrV01UXzZvWGp3ejJ5a3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+Cg
MA0GCSqGSIb3DQEBCwUAA4IBAQBRTGZRpUKt6QykXVP4fzOxWZs4jsF8aG4I0LnL
uDLJ4voHUBUK1lM0TtPkG8Gy0+99pT9SgW92pFOUHqhdFCpaUOycqYBL0CJAqtVB
KI/S0prW9vv8PXTIq6RVn/yCI7MZZlTNstJ4EOQAIEiv3UjmaDXbDdlK8WAM94VT
o00wTsZxp0LF4tTaDuy2SivPBQldGUUyA5II2WWyK7NcxZ93z3sRXGK9c9AV516w
1VzUpcfcf/RnVVE6Pb4dBuUc/l1zesj3ERaDB4otcDBByxj3EcqkXDESPCiIb+QC
GvBA38bLDPeeVDZ4qpUoeaiNiMXD5c3pqeOkOnwGYBmDEzQS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:11 2024 by rpki-client on console-ams.rpki-client.org