Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/iqz5n-OW8XFeRtWQ2JOluGabiQ8.roa
File:                     iqz5n-OW8XFeRtWQ2JOluGabiQ8.roa (raw, json)
Hash identifier:          B0VB8/r5bK/5pYUJnHK73Cgz1+8BHL8Se/UC7Eq9lAo=
Subject key identifier:   8A:AC:F9:9F:E3:96:F1:71:5E:46:D5:90:D8:93:A5:B8:66:9B:89:0F
Certificate issuer:       /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial:       018571DE890C52C2669D7FC8A5DB5CD6A5E9
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/iqz5n-OW8XFeRtWQ2JOluGabiQ8.roa
Signing time:             Mon 02 Jan 2023 09:44:47 +0000
ROA not before:           Mon 02 Jan 2023 09:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201303
IP address blocks:        212.18.249.0/24 maxlen: 24
                          2a04:2b00:13ff::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:de:89:0c:52:c2:66:9d:7f:c8:a5:db:5c:d6:a5:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
        Validity
            Not Before: Jan  2 09:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8aacf99fe396f1715e46d590d893a5b8669b890f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:25:4a:e2:09:2f:cf:1d:8f:cc:7b:63:59:e0:
                    e0:41:ce:ba:11:d4:8a:fe:f4:65:30:66:bd:3f:ab:
                    8c:65:88:d7:3f:b8:89:bc:aa:7e:d6:d5:d4:ac:60:
                    a4:58:88:d7:e1:43:1b:a9:a0:b8:00:19:bd:cc:7b:
                    38:4a:b6:d0:d0:cf:2f:36:21:8d:c7:87:11:20:4b:
                    b3:93:d5:2e:43:e0:e1:66:50:0b:75:40:80:98:7a:
                    c5:34:e1:20:9c:9a:fd:77:8c:37:ec:8e:ec:27:c9:
                    d3:dd:ec:77:df:9a:ac:af:98:3f:fa:09:3a:64:85:
                    d6:34:c9:6d:bd:c2:2b:b4:45:49:37:e0:55:26:74:
                    2e:f8:55:dc:7e:79:6d:96:e0:9d:7f:57:c5:f4:08:
                    8b:67:26:e8:76:75:12:9f:f0:e3:12:cc:28:73:64:
                    b8:12:e8:2f:9a:1a:2b:3b:50:55:6d:52:d9:6c:70:
                    3a:f7:22:00:d7:fb:46:d0:1b:aa:7a:23:ae:05:67:
                    a3:14:10:7e:74:07:71:7d:3d:33:74:50:32:15:87:
                    94:63:d1:be:c6:8c:03:ff:94:8c:50:d4:a0:7f:fe:
                    22:1d:41:24:8e:1c:1f:87:c2:27:36:e7:59:dc:09:
                    8d:5d:32:c6:10:fa:1b:f6:02:ef:0b:1b:96:ce:87:
                    46:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:AC:F9:9F:E3:96:F1:71:5E:46:D5:90:D8:93:A5:B8:66:9B:89:0F
            X509v3 Authority Key Identifier:
                keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/iqz5n-OW8XFeRtWQ2JOluGabiQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.18.249.0/24
                IPv6:
                  2a04:2b00:13ff::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:f8:8e:27:aa:5b:f1:92:b1:4e:60:1c:23:12:3a:dc:b0:32:
         35:e8:54:0b:e4:1d:17:50:6a:06:0c:a0:0e:0f:a8:aa:cd:12:
         9a:f8:92:81:7e:fd:26:f9:04:33:bc:32:22:57:70:bb:ff:73:
         b4:95:c2:06:39:16:4a:e0:10:ca:dc:e4:22:a3:88:ae:6c:25:
         a1:60:12:d1:82:0c:28:4b:0d:af:98:b0:54:48:ad:59:04:6f:
         42:6d:4a:d4:b7:4d:2b:36:d6:c6:a9:4b:3c:e2:4d:4d:51:02:
         07:bc:96:d0:a2:55:ac:05:2a:81:9c:0b:f9:70:f1:76:6c:a9:
         de:ea:83:29:c3:08:e3:cc:c3:85:d3:5e:47:ff:22:17:87:80:
         8e:b7:e7:c5:01:78:1f:5f:52:28:d6:3c:34:6f:b2:fe:bd:13:
         bf:31:50:b5:25:85:28:2b:49:83:bc:b3:b8:2a:8c:d3:08:92:
         e6:61:9d:42:c1:1f:92:86:a4:ec:a6:72:76:69:d8:55:77:6c:
         c0:f3:b1:8a:b2:17:cc:94:79:40:a6:6c:ea:89:ee:ea:31:a5:
         0d:5b:0d:29:56:b7:13:08:3a:7a:e5:63:a1:30:67:51:f0:74:
         2c:29:08:dc:6b:c4:f2:a5:9e:d7:80:a3:6d:d7:f0:8c:f9:2b:
         f0:c1:b0:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVx3okMUsJmnX/Ipdtc1qXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjMwMTAyMDk0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFjZjk5ZmUzOTZmMTcxNWU0NmQ1OTBkODkzYTViODY2OWI4OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyVK4gkvzx2PzHtjWeDgQc66EdSK
/vRlMGa9P6uMZYjXP7iJvKp+1tXUrGCkWIjX4UMbqaC4ABm9zHs4SrbQ0M8vNiGN
x4cRIEuzk9UuQ+DhZlALdUCAmHrFNOEgnJr9d4w37I7sJ8nT3ex335qsr5g/+gk6
ZIXWNMltvcIrtEVJN+BVJnQu+FXcfnltluCdf1fF9AiLZybodnUSn/DjEswoc2S4
EugvmhorO1BVbVLZbHA69yIA1/tG0BuqeiOuBWejFBB+dAdxfT0zdFAyFYeUY9G+
xowD/5SMUNSgf/4iHUEkjhwfh8InNudZ3AmNXTLGEPob9gLvCxuWzodGDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIqs+Z/jlvFxXkbVkNiTpbhmm4kPMB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvaXF6NW4tT1c4WEZlUnRXUTJKT2x1R2FiaVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1BL5MA8E
AgACMAkDBwAqBCsAE/8wDQYJKoZIhvcNAQELBQADggEBAEL4jieqW/GSsU5gHCMS
OtywMjXoVAvkHRdQagYMoA4PqKrNEpr4koF+/Sb5BDO8MiJXcLv/c7SVwgY5Fkrg
EMrc5CKjiK5sJaFgEtGCDChLDa+YsFRIrVkEb0JtStS3TSs21sapSzziTU1RAge8
ltCiVawFKoGcC/lw8XZsqd7qgynDCOPMw4XTXkf/IheHgI6358UBeB9fUijWPDRv
sv69E78xULUlhSgrSYO8s7gqjNMIkuZhnULBH5KGpOymcnZp2FV3bMDzsYqyF8yU
eUCmbOqJ7uoxpQ1bDSlWtxMIOnrlY6EwZ1HwdCwpCNxrxPKlnteAo23X8Iz5K/DB
sNE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:46 2024 by rpki-client on console-fra.rpki-client.org