Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/qGLSVmjGmd8esfVXb_lECOjBi0c.roa
File:                     qGLSVmjGmd8esfVXb_lECOjBi0c.roa (raw, json)
Hash identifier:          IaMofTh+QJuzRdRjXWOuGKVvOC8TWCB/3DDVRLKqbc4=
Subject key identifier:   A8:62:D2:56:68:C6:99:DF:1E:B1:F5:57:6F:F9:44:08:E8:C1:8B:47
Certificate issuer:       /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial:       0189A5967262921EA2937C1DEF25F4B8CD40
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/qGLSVmjGmd8esfVXb_lECOjBi0c.roa
Signing time:             Sun 30 Jul 2023 06:57:27 +0000
ROA not before:           Sun 30 Jul 2023 06:57:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34535
IP address blocks:        178.250.190.0/23 maxlen: 24
                          193.0.227.0/24 maxlen: 24
                          193.0.230.0/24 maxlen: 24
                          178.250.184.0/23 maxlen: 24
                          2a0f:cdc0::/32 maxlen: 32
                          2a0f:cdc1::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a5:96:72:62:92:1e:a2:93:7c:1d:ef:25:f4:b8:cd:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
        Validity
            Not Before: Jul 30 06:57:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a862d25668c699df1eb1f5576ff94408e8c18b47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:f0:1d:17:17:bb:c5:d3:a0:c9:db:94:9a:b2:
                    57:43:48:96:28:3c:3e:e4:d1:b5:48:ae:44:81:c9:
                    99:fe:11:6c:3b:d2:e1:44:02:ae:cf:8e:f1:2e:0c:
                    3d:21:52:9b:54:82:68:77:ca:92:03:0f:57:7e:11:
                    d5:b7:a6:7b:4e:d6:09:77:64:64:b4:05:53:73:8a:
                    f0:ab:2f:83:39:da:ce:1d:c6:26:fe:43:1e:2b:c9:
                    c7:66:09:e7:24:d0:b0:b9:98:24:5b:6c:6a:9e:28:
                    c3:7e:a0:e6:5a:72:18:29:de:01:2d:fa:9f:33:f6:
                    d6:3c:76:f9:5f:e7:25:c9:d2:54:6a:9f:66:c4:4f:
                    ae:d8:fc:87:20:b2:95:a5:b7:e1:e5:82:82:b1:6e:
                    35:13:c5:40:d5:b5:fc:f3:dd:d3:3c:90:e5:6c:ed:
                    7a:55:5a:03:7e:0a:f6:bf:35:3e:02:03:fd:b8:f3:
                    3f:6a:e6:00:84:05:c0:cd:4f:73:8b:c0:e7:fc:c3:
                    0f:f8:32:ec:77:d9:ed:04:bf:b9:c4:64:88:ef:c1:
                    30:bf:3b:08:cb:4f:0a:c4:3d:8b:eb:8c:8f:7c:62:
                    46:24:87:3c:f6:c7:c5:bf:bb:31:63:a8:dd:1c:22:
                    e4:e6:19:85:d7:07:bb:ce:9d:2f:26:63:1b:f2:c7:
                    c8:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:62:D2:56:68:C6:99:DF:1E:B1:F5:57:6F:F9:44:08:E8:C1:8B:47
            X509v3 Authority Key Identifier:
                keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/qGLSVmjGmd8esfVXb_lECOjBi0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.250.184.0/23
                  178.250.190.0/23
                  193.0.227.0/24
                  193.0.230.0/24
                IPv6:
                  2a0f:cdc0::/31

    Signature Algorithm: sha256WithRSAEncryption
         2c:43:67:14:2b:74:bb:88:e2:c1:ea:36:db:fe:29:3d:82:cb:
         40:6b:70:f8:1b:16:31:23:b0:56:90:55:30:19:fa:4d:c5:92:
         4d:15:c4:ff:ca:cd:5d:66:35:76:33:22:d9:29:db:be:16:a0:
         6b:21:cd:3b:b0:d7:e0:69:ef:30:ec:bc:6c:a7:54:e8:2c:46:
         1e:c2:64:79:ac:c2:c3:53:62:40:be:84:9e:fe:47:81:5e:1d:
         e5:ee:57:49:bd:d3:35:87:31:59:08:96:94:f2:2d:02:8f:26:
         ed:5f:01:f3:de:8b:2f:c1:d0:12:e6:b4:2a:dc:e7:70:a5:f0:
         0a:e9:f9:49:b7:77:0b:71:ba:d3:57:95:f4:03:4e:27:ce:bb:
         d9:73:f5:38:80:42:cf:4d:b2:6e:22:79:b2:6c:98:d5:16:1c:
         e7:af:ab:2e:56:d1:40:f4:8f:0a:09:ec:ed:79:17:af:87:a3:
         aa:6b:1e:a6:18:c2:e6:07:b5:96:ea:00:be:25:06:9d:aa:f7:
         81:cf:bf:70:c0:8b:f5:39:66:fd:b2:13:89:de:7a:5b:0c:33:
         12:2a:85:95:f4:b7:73:9a:5e:19:74:62:5f:a8:2f:bb:5f:a1:
         ad:71:db:f6:2d:67:1b:2f:0e:2a:af:65:00:32:8c:9e:10:8a:
         51:98:34:a3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYmllnJikh6ik3wd7yX0uM1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMwNzMwMDY1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYyZDI1NjY4YzY5OWRmMWViMWY1NTc2ZmY5NDQwOGU4YzE4YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvAdFxe7xdOgyduUmrJXQ0iWKDw+
5NG1SK5EgcmZ/hFsO9LhRAKuz47xLgw9IVKbVIJod8qSAw9XfhHVt6Z7TtYJd2Rk
tAVTc4rwqy+DOdrOHcYm/kMeK8nHZgnnJNCwuZgkW2xqnijDfqDmWnIYKd4BLfqf
M/bWPHb5X+clydJUap9mxE+u2PyHILKVpbfh5YKCsW41E8VA1bX8893TPJDlbO16
VVoDfgr2vzU+AgP9uPM/auYAhAXAzU9zi8Dn/MMP+DLsd9ntBL+5xGSI78EwvzsI
y08KxD2L64yPfGJGJIc89sfFv7sxY6jdHCLk5hmF1we7zp0vJmMb8sfIwwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKhi0lZoxpnfHrH1V2/5RAjowYtHMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvcUdMU1ZtakdtZDhlc2ZWWGJfbEVDT2pCaTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBsvq4AwQB
svq+AwQAwQDjAwQAwQDmMA0EAgACMAcDBQEqD83AMA0GCSqGSIb3DQEBCwUAA4IB
AQAsQ2cUK3S7iOLB6jbb/ik9gstAa3D4GxYxI7BWkFUwGfpNxZJNFcT/ys1dZjV2
MyLZKdu+FqBrIc07sNfgae8w7Lxsp1ToLEYewmR5rMLDU2JAvoSe/keBXh3l7ldJ
vdM1hzFZCJaU8i0CjybtXwHz3osvwdAS5rQq3OdwpfAK6flJt3cLcbrTV5X0A04n
zrvZc/U4gELPTbJuInmybJjVFhznr6suVtFA9I8KCezteRevh6Oqax6mGMLmB7WW
6gC+JQadqveBz79wwIv1OWb9shOJ3npbDDMSKoWV9Ldzml4ZdGJfqC+7X6Gtcdv2
LWcbLw4qr2UAMoyeEIpRmDSj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org