Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d50912-0b8d-43cc-8bee-dedc5a6964fc/1/QNsXWhplsECKzSisOEeIh9tovXo.roa
File:                     QNsXWhplsECKzSisOEeIh9tovXo.roa (raw, json)
Hash identifier:          oIQLlMxpQz/UV56tDhBv2GFgPSMfBr9hFfxnDVshctk=
Subject key identifier:   40:DB:17:5A:1A:65:B0:40:8A:CD:28:AC:38:47:88:87:DB:68:BD:7A
Certificate issuer:       /CN=e618eff923e35bf83792353c4633ca2300f75b6c
Certificate serial:       01862FB13B185D486B315ADC93B10416015F
Authority key identifier: E6:18:EF:F9:23:E3:5B:F8:37:92:35:3C:46:33:CA:23:00:F7:5B:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5hjv-SPjW_g3kjU8RjPKIwD3W2w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/d50912-0b8d-43cc-8bee-dedc5a6964fc/1/QNsXWhplsECKzSisOEeIh9tovXo.roa
Signing time:             Wed 08 Feb 2023 06:23:09 +0000
ROA not before:           Wed 08 Feb 2023 06:23:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     139660
IP address blocks:        185.218.142.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Mar 2023 06:15:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:2f:b1:3b:18:5d:48:6b:31:5a:dc:93:b1:04:16:01:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e618eff923e35bf83792353c4633ca2300f75b6c
        Validity
            Not Before: Feb  8 06:23:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40db175a1a65b0408acd28ac38478887db68bd7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:26:aa:2b:34:93:b9:50:9b:fa:94:94:d5:31:
                    61:f9:02:64:09:2a:d5:8d:9a:43:80:91:7a:31:70:
                    ad:55:b0:f8:bc:e9:04:d9:ff:25:90:47:10:62:f4:
                    8a:68:f6:51:bf:e5:1e:e1:bf:ee:15:05:19:75:af:
                    74:51:61:1d:e4:a9:e1:a8:9d:3c:12:40:14:d8:55:
                    88:e1:72:38:a4:d0:50:13:46:31:65:03:9d:e6:04:
                    5c:84:39:93:76:ff:0a:6e:1a:3d:51:2e:53:4e:f4:
                    01:cc:0e:84:65:aa:05:93:52:86:5c:7d:7e:4e:43:
                    9f:de:1b:9b:87:01:de:f5:f7:05:cf:d3:2e:f3:46:
                    e5:e0:40:19:2e:1e:f7:e7:d5:97:f7:9a:ff:c4:4b:
                    11:3d:0f:76:c2:fe:a3:2d:1f:e0:cf:89:a0:98:e2:
                    27:90:17:8e:ec:19:ae:36:f1:f9:9c:58:f1:34:67:
                    dc:10:f6:59:3d:3e:ba:e8:d2:ac:fd:f9:4d:27:48:
                    73:c7:59:57:1d:83:65:38:4b:f8:ff:c8:e5:be:15:
                    29:e8:e9:00:ee:20:21:d2:81:c8:af:d0:17:2f:c2:
                    3d:8f:1a:ab:38:35:97:27:cb:92:ec:ba:ab:8a:3c:
                    b1:73:c1:25:1d:81:05:a7:8c:6f:40:22:62:19:95:
                    9c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:DB:17:5A:1A:65:B0:40:8A:CD:28:AC:38:47:88:87:DB:68:BD:7A
            X509v3 Authority Key Identifier:
                keyid:E6:18:EF:F9:23:E3:5B:F8:37:92:35:3C:46:33:CA:23:00:F7:5B:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hjv-SPjW_g3kjU8RjPKIwD3W2w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d50912-0b8d-43cc-8bee-dedc5a6964fc/1/QNsXWhplsECKzSisOEeIh9tovXo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d50912-0b8d-43cc-8bee-dedc5a6964fc/1/5hjv-SPjW_g3kjU8RjPKIwD3W2w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.218.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:52:c7:0e:a8:76:0d:14:9b:4d:d8:95:fd:31:e6:35:25:20:
         9b:c3:73:2e:02:37:93:76:06:9f:8b:01:74:b1:57:b9:2c:6b:
         b7:af:d9:13:23:8b:0e:e7:fd:87:54:4d:f4:5f:c0:76:1d:11:
         43:e3:0c:ef:a0:7c:b4:8a:d1:ab:28:e3:a9:d4:3f:f6:79:8b:
         d4:1e:07:5b:f7:84:e3:36:5c:c9:59:db:ae:1a:ee:2b:d4:bc:
         0f:38:b7:9c:ff:50:79:e2:f3:e4:51:69:fe:24:3a:c3:99:21:
         03:ef:a8:0d:86:26:ed:b1:38:f2:1d:02:58:c3:d2:dd:5b:c9:
         59:87:e3:61:be:04:5a:28:b8:61:b1:a2:5b:f3:c8:42:1b:33:
         60:26:fd:16:9f:0e:da:64:fb:c1:69:a1:94:4d:a9:bc:5e:e6:
         8e:77:cb:0e:5a:bf:d4:64:39:f5:65:47:a9:57:0c:25:24:e4:
         f9:ff:62:c3:bc:b5:32:a4:a9:b2:4f:fa:ec:fe:0b:73:7f:38:
         79:51:93:e0:e4:37:aa:ae:70:0f:2a:85:1c:73:df:a9:67:6c:
         cb:fd:91:a9:a1:e6:03:17:ef:17:8e:30:69:41:03:45:16:0f:
         56:eb:c7:30:a0:b2:2d:c8:ad:27:5a:a9:c3:dd:90:b8:89:d8:
         0f:96:00:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYvsTsYXUhrMVrck7EEFgFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MThlZmY5MjNlMzViZjgzNzkyMzUzYzQ2MzNjYTIzMDBm
NzViNmMwHhcNMjMwMjA4MDYyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGRiMTc1YTFhNjViMDQwOGFjZDI4YWMzODQ3ODg4N2RiNjhiZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCaqKzSTuVCb+pSU1TFh+QJkCSrV
jZpDgJF6MXCtVbD4vOkE2f8lkEcQYvSKaPZRv+Ue4b/uFQUZda90UWEd5KnhqJ08
EkAU2FWI4XI4pNBQE0YxZQOd5gRchDmTdv8Kbho9US5TTvQBzA6EZaoFk1KGXH1+
TkOf3hubhwHe9fcFz9Mu80bl4EAZLh7359WX95r/xEsRPQ92wv6jLR/gz4mgmOIn
kBeO7BmuNvH5nFjxNGfcEPZZPT666NKs/flNJ0hzx1lXHYNlOEv4/8jlvhUp6OkA
7iAh0oHIr9AXL8I9jxqrODWXJ8uS7Lqrijyxc8ElHYEFp4xvQCJiGZWchQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDbF1oaZbBAis0orDhHiIfbaL16MB8GA1UdIwQY
MBaAFOYY7/kj41v4N5I1PEYzyiMA91tsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWhqdi1TUGpXX2cza2pVOFJqUEtJd0QzVzJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNTA5MTItMGI4ZC00M2NjLThiZWUt
ZGVkYzVhNjk2NGZjLzEvUU5zWFdocGxzRUNLelNpc09FZUloOXRvdlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNTA5MTItMGI4ZC00M2NjLThiZWUtZGVkYzVhNjk2NGZj
LzEvNWhqdi1TUGpXX2cza2pVOFJqUEtJd0QzVzJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudqOMA0G
CSqGSIb3DQEBCwUAA4IBAQBXUscOqHYNFJtN2JX9MeY1JSCbw3MuAjeTdgafiwF0
sVe5LGu3r9kTI4sO5/2HVE30X8B2HRFD4wzvoHy0itGrKOOp1D/2eYvUHgdb94Tj
NlzJWduuGu4r1LwPOLec/1B54vPkUWn+JDrDmSED76gNhibtsTjyHQJYw9LdW8lZ
h+NhvgRaKLhhsaJb88hCGzNgJv0Wnw7aZPvBaaGUTam8XuaOd8sOWr/UZDn1ZUep
VwwlJOT5/2LDvLUypKmyT/rs/gtzfzh5UZPg5DeqrnAPKoUcc9+pZ2zL/ZGpoeYD
F+8XjjBpQQNFFg9W68cwoLItyK0nWqnD3ZC4idgPlgDR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:57 2024 by rpki-client on console-ams.rpki-client.org