Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/QTEDEq-FQx4wScmPfecA05uWMc0.roa
File:                     QTEDEq-FQx4wScmPfecA05uWMc0.roa (raw, json)
Hash identifier:          SZKKuy1x+jzDoO35Ls+nHACBNGj5+KFDOW77PKGp58s=
Subject key identifier:   41:31:03:12:AF:85:43:1E:30:49:C9:8F:7D:E7:00:D3:9B:96:31:CD
Certificate issuer:       /CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
Certificate serial:       01856FD4FEA908730861BC1E06BD60B098A0
Authority key identifier: E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/QTEDEq-FQx4wScmPfecA05uWMc0.roa
Signing time:             Mon 02 Jan 2023 00:15:07 +0000
ROA not before:           Mon 02 Jan 2023 00:15:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206882
IP address blocks:        193.135.112.0/22 maxlen: 24
                          91.205.4.0/22 maxlen: 22
                          103.198.80.0/23 maxlen: 24
                          91.206.194.0/23 maxlen: 24
                          194.187.128.0/22 maxlen: 24
                          193.238.120.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d4:fe:a9:08:73:08:61:bc:1e:06:bd:60:b0:98:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
        Validity
            Not Before: Jan  2 00:15:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=41310312af85431e3049c98f7de700d39b9631cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f6:73:a5:d6:66:cd:b4:eb:37:79:bc:fc:09:
                    61:4b:2b:f0:0f:c2:f0:e7:ad:55:30:8a:0a:c3:3b:
                    02:c2:ff:7d:6c:e3:f2:58:5d:f8:0a:6c:69:6c:21:
                    0e:44:df:ff:ca:97:cd:4b:26:97:df:0e:de:6f:0e:
                    f9:d6:30:94:70:93:73:26:be:7f:79:66:d4:23:81:
                    9a:61:ce:22:a6:bf:66:c9:20:b4:c2:3a:84:0b:18:
                    99:21:1a:35:87:51:8b:57:cc:16:16:b3:0c:eb:9b:
                    5b:d2:f3:0f:d1:01:d0:d4:ee:6c:a4:dd:85:75:d6:
                    e9:ed:86:99:94:49:4c:96:20:8e:41:4c:9f:05:d6:
                    9b:2d:dd:bb:e1:27:34:8a:45:2a:80:a6:5a:60:9f:
                    50:39:08:bc:4d:66:0e:b1:e4:4e:d9:5e:da:cc:a8:
                    43:31:d9:c8:dd:88:ee:2c:73:49:35:40:c9:92:70:
                    fd:2f:d6:11:a8:8d:3f:21:0f:44:0c:65:4e:cf:d1:
                    7a:c0:6a:ed:1e:4c:2a:27:8d:49:c4:be:c2:d7:a1:
                    1b:8b:3c:23:d7:ca:dc:ef:0e:7f:16:70:e6:4f:2f:
                    9c:69:88:98:56:a3:77:9d:01:1f:05:4a:de:08:ca:
                    4f:6d:42:96:ba:ae:8e:c2:bb:f6:31:2f:c6:10:e3:
                    55:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:31:03:12:AF:85:43:1E:30:49:C9:8F:7D:E7:00:D3:9B:96:31:CD
            X509v3 Authority Key Identifier:
                keyid:E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/QTEDEq-FQx4wScmPfecA05uWMc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.4.0/22
                  91.206.194.0/23
                  103.198.80.0/23
                  193.135.112.0/22
                  193.238.120.0/22
                  194.187.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b1:09:91:4f:31:9a:8d:66:e1:02:3e:e6:f7:02:e9:df:20:6e:
         e3:7a:26:85:3f:15:f0:0d:5f:2c:3d:8a:a4:b0:a4:96:fb:8b:
         45:20:d4:ab:bd:72:83:83:af:cb:60:ff:ec:c4:da:2f:fd:8f:
         b0:4a:de:1e:cb:8d:f1:1b:27:c2:99:12:a8:3b:82:ef:45:0e:
         00:53:19:d9:c3:de:1c:75:e2:9c:36:b2:47:ae:c2:2e:ae:7e:
         6b:98:87:5d:c2:cf:71:a4:37:02:2c:ba:9e:fa:e7:1b:3d:f9:
         c3:96:30:6f:d1:0f:d8:d2:d8:bd:09:e5:31:cd:77:f1:f0:fa:
         1d:0b:ca:e7:3d:88:c4:60:11:d1:b2:eb:74:38:ec:fd:24:0f:
         d2:fe:17:be:e1:08:1e:6c:95:48:9d:07:e1:6e:54:29:62:ea:
         7f:11:cd:88:6a:32:32:66:08:2a:54:4c:93:83:a7:95:8f:58:
         e6:83:8f:52:16:68:9f:b0:cf:3e:bb:9f:80:48:bd:6c:3a:95:
         44:dd:6f:2a:bb:aa:2c:0d:7b:26:30:2c:19:5a:9f:cb:bf:df:
         91:fc:43:68:e3:6c:18:6b:a6:c7:91:fe:c6:96:8a:7e:cf:04:
         8f:53:14:0a:c9:86:85:78:77:c6:b3:e5:b5:d3:a4:3a:8e:e6:
         fd:9b:25:66
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVv1P6pCHMIYbweBr1gsJigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YzNkNDJmM2IyOTIxYmE3NDE4ZjM4MjAzMmQ2YjM1Yzcx
NTliODgwHhcNMjMwMTAyMDAxNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMxMDMxMmFmODU0MzFlMzA0OWM5OGY3ZGU3MDBkMzliOTYzMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/ZzpdZmzbTrN3m8/AlhSyvwD8Lw
561VMIoKwzsCwv99bOPyWF34CmxpbCEORN//ypfNSyaX3w7ebw751jCUcJNzJr5/
eWbUI4GaYc4ipr9mySC0wjqECxiZIRo1h1GLV8wWFrMM65tb0vMP0QHQ1O5spN2F
ddbp7YaZlElMliCOQUyfBdabLd274Sc0ikUqgKZaYJ9QOQi8TWYOseRO2V7azKhD
MdnI3YjuLHNJNUDJknD9L9YRqI0/IQ9EDGVOz9F6wGrtHkwqJ41JxL7C16Ebizwj
18rc7w5/FnDmTy+caYiYVqN3nQEfBUreCMpPbUKWuq6Owrv2MS/GEONVGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEExAxKvhUMeMEnJj33nANObljHNMB8GA1UdIwQY
MBaAFOnD1C87KSG6dBjzggMtazXHFZuIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDIt
MWExZWFkMmNkMmIxLzEvUVRFREVxLUZReDR3U2NtUGZlY0EwNXVXTWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDItMWExZWFkMmNkMmIx
LzEvNmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW80EAwQB
W87CAwQBZ8ZQAwQCwYdwAwQCwe54AwQCwruAMA0GCSqGSIb3DQEBCwUAA4IBAQCx
CZFPMZqNZuECPub3AunfIG7jeiaFPxXwDV8sPYqksKSW+4tFINSrvXKDg6/LYP/s
xNov/Y+wSt4ey43xGyfCmRKoO4LvRQ4AUxnZw94cdeKcNrJHrsIurn5rmIddws9x
pDcCLLqe+ucbPfnDljBv0Q/Y0ti9CeUxzXfx8PodC8rnPYjEYBHRsut0OOz9JA/S
/he+4QgebJVInQfhblQpYup/Ec2IajIyZggqVEyTg6eVj1jmg49SFmifsM8+u5+A
SL1sOpVE3W8qu6osDXsmMCwZWp/Lv9+R/ENo42wYa6bHkf7Glop+zwSPUxQKyYaF
eHfGs+W106Q6jub9myVm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:13 2024 by rpki-client on console-ams.rpki-client.org