Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/f8f541-7d27-4730-8c58-ab6c6d65ed26/1/QSkpu4tz41MlYxb7lnbeo0h_Dm8.roa
File:                     QSkpu4tz41MlYxb7lnbeo0h_Dm8.roa (raw, json)
Hash identifier:          S3iRMSAMcaT5bFFmVeu34P++LfNmH/z+NbL5OCNPQko=
Subject key identifier:   41:29:29:BB:8B:73:E3:53:25:63:16:FB:96:76:DE:A3:48:7F:0E:6F
Certificate issuer:       /CN=d1938f365daf336e0f2a2df6dd62dfeaa4bfcc46
Certificate serial:       018DAA1A87837887CD6B0F4D89E65E1C605E
Authority key identifier: D1:93:8F:36:5D:AF:33:6E:0F:2A:2D:F6:DD:62:DF:EA:A4:BF:CC:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ZOPNl2vM24PKi323WLf6qS_zEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/f8f541-7d27-4730-8c58-ab6c6d65ed26/1/QSkpu4tz41MlYxb7lnbeo0h_Dm8.roa
Signing time:             Thu 15 Feb 2024 00:11:21 +0000
ROA not before:           Thu 15 Feb 2024 00:11:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216260
IP address blocks:        212.46.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Feb 2024 11:06:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:aa:1a:87:83:78:87:cd:6b:0f:4d:89:e6:5e:1c:60:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1938f365daf336e0f2a2df6dd62dfeaa4bfcc46
        Validity
            Not Before: Feb 15 00:11:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=412929bb8b73e353256316fb9676dea3487f0e6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:36:53:9e:0d:17:d2:11:ae:0f:28:e3:cc:27:
                    4b:c8:f8:9a:38:24:11:1a:0f:09:af:ac:64:0c:5d:
                    cc:b3:9d:0f:18:53:da:ed:ae:d2:d0:a6:39:60:59:
                    99:e8:98:8e:83:84:9e:56:93:25:f5:8d:e5:9a:4b:
                    62:b7:e8:76:99:3a:24:07:5a:75:87:ce:5e:b0:ff:
                    80:74:48:2d:1e:13:16:17:08:63:a6:9e:a6:a4:35:
                    53:b7:29:5e:13:41:39:ef:8d:ca:a4:d5:ac:69:97:
                    fd:71:76:e9:a9:95:2e:f5:6d:f1:a5:93:7e:f7:0b:
                    6e:39:bf:23:cf:f6:02:cb:aa:39:34:0b:d4:c9:8a:
                    f1:41:ef:7b:e3:70:fd:b8:d1:f8:a3:d1:1d:4a:38:
                    8f:4e:ee:66:91:ad:e1:d2:7a:73:df:5f:3f:bb:7c:
                    e9:2e:cb:6c:70:84:23:ae:49:2b:59:ed:bc:39:f5:
                    d9:c1:c1:df:d7:67:f8:a2:a5:c0:67:e4:00:26:48:
                    1a:ef:b7:48:9b:60:5a:dd:2a:73:c0:ae:b0:9e:92:
                    10:2f:e4:f1:f6:14:54:d9:fa:36:95:4a:c2:4d:00:
                    70:a7:88:ca:69:79:9b:1a:6c:31:93:54:6a:f9:84:
                    36:61:6a:bf:a9:2c:ed:3a:70:3a:e7:24:eb:a9:c5:
                    45:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:29:29:BB:8B:73:E3:53:25:63:16:FB:96:76:DE:A3:48:7F:0E:6F
            X509v3 Authority Key Identifier:
                keyid:D1:93:8F:36:5D:AF:33:6E:0F:2A:2D:F6:DD:62:DF:EA:A4:BF:CC:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ZOPNl2vM24PKi323WLf6qS_zEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f8f541-7d27-4730-8c58-ab6c6d65ed26/1/QSkpu4tz41MlYxb7lnbeo0h_Dm8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f8f541-7d27-4730-8c58-ab6c6d65ed26/1/0ZOPNl2vM24PKi323WLf6qS_zEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.46.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:b7:50:90:39:6c:7d:6b:37:7d:37:65:4d:dd:e2:b2:64:95:
         be:8a:b5:c5:93:8b:f4:df:42:58:92:4a:2f:99:f6:18:46:ec:
         bf:a6:c9:70:27:7f:8e:80:b9:f3:fe:51:b4:7a:14:48:dc:56:
         78:10:15:18:fe:bd:fd:1d:96:ef:ec:2e:87:dd:e0:6c:1e:11:
         d4:63:c0:3f:b0:0b:c1:32:83:64:98:31:72:f4:03:d2:d0:2a:
         6c:fd:53:38:2d:e7:cb:db:33:58:31:e7:a4:e1:9f:d3:be:aa:
         a9:f7:90:cd:47:e7:67:b4:d2:e2:ef:d3:30:a4:a5:05:24:cb:
         05:e8:da:9d:07:af:72:a8:d5:04:e7:03:3f:df:d1:71:02:af:
         6b:38:54:f8:8b:41:fa:5b:d9:99:9c:fa:db:4e:e3:2b:77:e2:
         ce:5e:33:5b:31:d5:c0:72:74:0e:58:5c:54:06:59:5d:3c:22:
         2d:7d:bb:3a:90:e4:90:93:8d:35:58:4f:e4:00:60:c8:7b:d6:
         05:1e:78:7b:79:59:dd:45:37:9d:43:d4:c8:53:46:eb:a3:c4:
         af:5e:3e:e7:d7:b0:20:4e:67:1e:21:fe:14:99:29:6e:e0:02:
         6c:9f:f7:71:0c:fc:6d:97:05:c7:71:90:d8:b0:65:8b:8e:41:
         75:09:3d:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2qGoeDeIfNaw9NieZeHGBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOTM4ZjM2NWRhZjMzNmUwZjJhMmRmNmRkNjJkZmVhYTRi
ZmNjNDYwHhcNMjQwMjE1MDAxMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTI5MjliYjhiNzNlMzUzMjU2MzE2ZmI5Njc2ZGVhMzQ4N2YwZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDZTng0X0hGuDyjjzCdLyPiaOCQR
Gg8Jr6xkDF3Ms50PGFPa7a7S0KY5YFmZ6JiOg4SeVpMl9Y3lmktit+h2mTokB1p1
h85esP+AdEgtHhMWFwhjpp6mpDVTtyleE0E5743KpNWsaZf9cXbpqZUu9W3xpZN+
9wtuOb8jz/YCy6o5NAvUyYrxQe9743D9uNH4o9EdSjiPTu5mka3h0npz318/u3zp
LstscIQjrkkrWe28OfXZwcHf12f4oqXAZ+QAJkga77dIm2Ba3SpzwK6wnpIQL+Tx
9hRU2fo2lUrCTQBwp4jKaXmbGmwxk1Rq+YQ2YWq/qSztOnA65yTrqcVFfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEpKbuLc+NTJWMW+5Z23qNIfw5vMB8GA1UdIwQY
MBaAFNGTjzZdrzNuDyot9t1i3+qkv8xGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFpPUE5sMnZNMjRQS2kzMjNXTGY2cVNfekVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9mOGY1NDEtN2QyNy00NzMwLThjNTgt
YWI2YzZkNjVlZDI2LzEvUVNrcHU0dHo0MU1sWXhiN2xuYmVvMGhfRG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9mOGY1NDEtN2QyNy00NzMwLThjNTgtYWI2YzZkNjVlZDI2
LzEvMFpPUE5sMnZNMjRQS2kzMjNXTGY2cVNfekVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1C48MA0G
CSqGSIb3DQEBCwUAA4IBAQAft1CQOWx9azd9N2VN3eKyZJW+irXFk4v030JYkkov
mfYYRuy/pslwJ3+OgLnz/lG0ehRI3FZ4EBUY/r39HZbv7C6H3eBsHhHUY8A/sAvB
MoNkmDFy9APS0Cps/VM4LefL2zNYMeek4Z/Tvqqp95DNR+dntNLi79MwpKUFJMsF
6NqdB69yqNUE5wM/39FxAq9rOFT4i0H6W9mZnPrbTuMrd+LOXjNbMdXAcnQOWFxU
BlldPCItfbs6kOSQk401WE/kAGDIe9YFHnh7eVndRTedQ9TIU0bro8SvXj7n17Ag
TmceIf4UmSlu4AJsn/dxDPxtlwXHcZDYsGWLjkF1CT1X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:18 2024 by rpki-client on console-ams.rpki-client.org