Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/4qpnc-lI2lf3KHT1lyMjH9mzZtk.roa
File:                     4qpnc-lI2lf3KHT1lyMjH9mzZtk.roa (raw, json)
Hash identifier:          2nq0/muKj3sod2cKdF/VBH9lYZuN7eWin6mJblwXtOY=
Subject key identifier:   E2:AA:67:73:E9:48:DA:57:F7:28:74:F5:97:23:23:1F:D9:B3:66:D9
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       01899CE3E03976FE92BC3CA14356771E8539
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/4qpnc-lI2lf3KHT1lyMjH9mzZtk.roa
Signing time:             Fri 28 Jul 2023 14:25:27 +0000
ROA not before:           Fri 28 Jul 2023 14:25:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52035
IP address blocks:        158.41.24.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:9c:e3:e0:39:76:fe:92:bc:3c:a1:43:56:77:1e:85:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jul 28 14:25:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e2aa6773e948da57f72874f59723231fd9b366d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:4e:7b:b1:ac:d5:c6:c2:7b:05:f5:c9:46:7c:
                    4d:24:9b:d7:ae:0f:63:f0:1d:66:46:ef:60:21:d3:
                    19:46:e3:53:79:6f:6e:cb:32:99:a0:d6:02:b1:db:
                    c1:68:22:4b:79:6e:fa:f6:66:f3:2d:06:24:bd:ca:
                    3c:03:66:78:c0:7b:35:62:5a:37:18:b9:e8:58:88:
                    61:17:0e:ed:e2:9d:e3:d6:b5:92:cb:9a:6f:e0:1e:
                    4c:86:a8:11:df:6f:36:67:2f:9a:5c:a2:83:e8:20:
                    39:a8:92:f0:fc:b8:86:02:0c:0c:4c:7c:3e:a1:9f:
                    c1:25:73:07:86:36:c6:15:58:38:9e:64:24:68:2d:
                    c8:91:0c:81:fa:2a:88:f5:a1:07:cd:c0:07:b8:10:
                    3e:35:c7:c8:18:a3:8c:68:ce:6a:51:f9:1f:d3:e6:
                    fd:46:62:17:4a:30:98:4d:f0:73:b4:60:2d:02:47:
                    8f:bf:d4:ef:18:3d:05:15:a2:c9:2a:f1:82:26:39:
                    ba:8b:98:3f:5c:eb:1f:76:a4:6f:80:bb:32:35:f8:
                    17:86:4f:0c:3a:45:e5:cf:25:ab:ef:fe:fd:41:f4:
                    80:7b:12:c7:5f:19:c1:ed:c2:ae:db:e6:3d:52:b6:
                    37:5a:48:33:a1:5c:a9:30:f1:97:f0:5a:de:b5:b4:
                    89:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:AA:67:73:E9:48:DA:57:F7:28:74:F5:97:23:23:1F:D9:B3:66:D9
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/4qpnc-lI2lf3KHT1lyMjH9mzZtk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.41.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         32:1b:29:68:7e:fe:ae:72:0c:a3:7a:58:75:ba:15:06:3d:48:
         6b:38:f6:ca:73:4f:1d:3a:27:63:fa:e4:88:b8:a6:50:0e:eb:
         db:b7:5e:47:5d:0b:01:42:cc:96:ab:e0:3b:0b:ad:f1:7d:ad:
         8e:18:aa:3e:7b:d9:d4:32:be:98:b3:a5:93:0a:21:d7:c8:ff:
         cd:3d:5b:13:a7:1d:84:72:83:78:21:bd:75:f1:09:a6:b0:ab:
         78:f3:3a:47:a6:0c:f5:20:1a:a2:8f:db:51:1b:1b:52:e1:44:
         dc:5d:5a:78:5a:44:a3:95:fe:a6:3d:1e:a1:30:72:21:aa:47:
         a8:ea:b1:26:70:d9:5a:da:52:28:0c:0d:2d:43:78:1a:73:3e:
         75:6f:c9:bf:30:9c:00:9f:e2:35:7d:70:8d:2d:fa:5b:23:5e:
         e0:18:21:4f:3c:d8:68:15:f6:d3:35:7d:77:f3:8f:12:a5:2e:
         fe:b7:5d:31:7f:57:09:7f:48:f3:9d:00:2d:5b:46:68:e7:33:
         f6:f3:84:b9:b8:6c:0d:ef:1d:a7:1f:79:cf:ff:0b:39:b7:72:
         3c:bd:2e:ad:14:71:bc:d1:b8:40:be:49:7b:de:09:5e:91:98:
         c8:b0:78:d8:a2:44:b3:d3:d4:a3:a4:cb:bb:cb:59:c8:99:71:
         1f:c2:4a:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmc4+A5dv6SvDyhQ1Z3HoU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwNzI4MTQyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFhNjc3M2U5NDhkYTU3ZjcyODc0ZjU5NzIzMjMxZmQ5YjM2NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi057sazVxsJ7BfXJRnxNJJvXrg9j
8B1mRu9gIdMZRuNTeW9uyzKZoNYCsdvBaCJLeW769mbzLQYkvco8A2Z4wHs1Ylo3
GLnoWIhhFw7t4p3j1rWSy5pv4B5MhqgR3282Zy+aXKKD6CA5qJLw/LiGAgwMTHw+
oZ/BJXMHhjbGFVg4nmQkaC3IkQyB+iqI9aEHzcAHuBA+NcfIGKOMaM5qUfkf0+b9
RmIXSjCYTfBztGAtAkePv9TvGD0FFaLJKvGCJjm6i5g/XOsfdqRvgLsyNfgXhk8M
OkXlzyWr7/79QfSAexLHXxnB7cKu2+Y9UrY3WkgzoVypMPGX8FretbSJnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKqZ3PpSNpX9yh09ZcjIx/Zs2bZMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvNHFwbmMtbEkybGYzS0hUMWx5TWpIOW16WnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnikYMA0G
CSqGSIb3DQEBCwUAA4IBAQAyGylofv6ucgyjelh1uhUGPUhrOPbKc08dOidj+uSI
uKZQDuvbt15HXQsBQsyWq+A7C63xfa2OGKo+e9nUMr6Ys6WTCiHXyP/NPVsTpx2E
coN4Ib118QmmsKt48zpHpgz1IBqij9tRGxtS4UTcXVp4WkSjlf6mPR6hMHIhqkeo
6rEmcNla2lIoDA0tQ3gacz51b8m/MJwAn+I1fXCNLfpbI17gGCFPPNhoFfbTNX13
848SpS7+t10xf1cJf0jznQAtW0Zo5zP284S5uGwN7x2nH3nP/ws5t3I8vS6tFHG8
0bhAvkl73glekZjIsHjYokSz09SjpMu7y1nImXEfwkpo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org