Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/qnSX33fv-OlzG4X_gIi8kd7UxuM.roa
File:                     qnSX33fv-OlzG4X_gIi8kd7UxuM.roa (raw, json)
Hash identifier:          qdVHhnZDnKuLZ51nwTM8I0NIT1aMYEbJb4wxrzuh0tw=
Subject key identifier:   AA:74:97:DF:77:EF:F8:E9:73:1B:85:FF:80:88:BC:91:DE:D4:C6:E3
Certificate issuer:       /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial:       01856FCBB3A77D21FE44CD9C22032745D0A3
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/qnSX33fv-OlzG4X_gIi8kd7UxuM.roa
Signing time:             Mon 02 Jan 2023 00:04:58 +0000
ROA not before:           Mon 02 Jan 2023 00:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211523
IP address blocks:        185.200.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Feb 2023 22:57:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:b3:a7:7d:21:fe:44:cd:9c:22:03:27:45:d0:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
        Validity
            Not Before: Jan  2 00:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa7497df77eff8e9731b85ff8088bc91ded4c6e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:cd:b5:1b:2d:13:61:45:ad:3a:05:08:9e:db:
                    6d:c0:fc:19:09:a2:6a:24:f7:96:ed:bd:92:a3:40:
                    40:fe:52:d6:90:49:7f:8b:d3:db:25:1c:ff:dc:d4:
                    c2:22:ca:ef:38:f0:f9:86:bc:68:8d:b9:ca:c7:33:
                    d0:4c:f3:c0:7e:ca:39:f3:33:16:6a:c1:ab:8f:7b:
                    5a:1d:f1:fe:5f:61:04:76:4d:74:26:4b:62:9c:c1:
                    e0:39:df:a1:be:07:9f:0f:91:cb:3d:f2:3f:95:78:
                    1d:27:64:63:56:8f:c0:fe:ae:50:cd:f7:0e:e6:56:
                    18:68:04:8b:17:79:2f:59:03:68:7f:b1:9e:79:ad:
                    a9:11:62:54:1c:f9:cc:f6:df:5e:eb:f4:06:24:bd:
                    3c:7b:40:80:61:b6:12:01:87:db:fc:3f:62:82:69:
                    d6:86:e7:a6:52:2b:fb:aa:1d:6f:48:8c:14:09:b4:
                    0c:5e:32:7b:f9:7a:d3:8e:0a:03:1d:ac:57:ba:ae:
                    fb:28:3b:b4:bf:97:fa:7e:15:99:6a:bd:00:97:31:
                    d3:f6:28:f1:22:7f:d6:06:54:41:7b:19:6e:be:73:
                    43:2e:aa:d0:85:a4:00:aa:da:73:ee:aa:a6:76:7f:
                    2f:98:01:fe:a3:cf:59:9f:e0:b8:d2:4e:19:01:c3:
                    c3:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:74:97:DF:77:EF:F8:E9:73:1B:85:FF:80:88:BC:91:DE:D4:C6:E3
            X509v3 Authority Key Identifier:
                keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/qnSX33fv-OlzG4X_gIi8kd7UxuM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.200.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:ae:f4:48:9b:cb:07:f5:15:c5:a5:36:74:b1:a8:c3:e6:0b:
         0a:6c:bb:f9:ff:bd:cd:66:56:23:00:90:b6:65:c5:2c:82:7a:
         43:f4:d9:16:8c:65:12:ac:9f:68:9b:8f:38:7f:db:a4:9c:d5:
         82:75:3c:f6:28:10:39:f5:f4:93:82:e9:01:2d:4c:58:41:50:
         d9:73:08:11:1d:cb:b1:23:2b:e5:79:6f:14:83:44:f3:78:d7:
         24:5a:f4:58:2d:7f:1e:2c:83:26:aa:25:d2:40:ef:28:30:d0:
         32:26:14:99:ee:b3:6f:c1:ef:1a:0a:a9:e3:8e:8c:c3:2b:9b:
         16:68:23:ed:82:a1:4c:2a:0a:0e:06:b9:4e:6e:4e:45:dc:26:
         e7:33:8c:03:62:e0:ce:bf:ad:b3:b2:81:fb:6e:04:03:42:c3:
         58:b5:4f:c1:3d:63:e1:7d:36:78:62:02:39:4f:5e:5f:cb:03:
         e0:ba:61:8b:80:45:15:34:cd:3a:65:92:30:fc:6a:22:9d:83:
         b5:fb:72:61:10:ca:a9:cc:69:17:ab:30:d6:b0:27:83:a4:5d:
         2b:0e:82:ff:9d:63:70:7f:08:8a:c7:ab:25:33:14:3d:a6:23:
         35:8a:1f:45:45:76:5c:be:6e:24:80:d2:a8:e3:34:76:15:89:
         4a:2e:d7:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy7OnfSH+RM2cIgMnRdCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjMwMTAyMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc0OTdkZjc3ZWZmOGU5NzMxYjg1ZmY4MDg4YmM5MWRlZDRjNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4821Gy0TYUWtOgUIntttwPwZCaJq
JPeW7b2So0BA/lLWkEl/i9PbJRz/3NTCIsrvOPD5hrxojbnKxzPQTPPAfso58zMW
asGrj3taHfH+X2EEdk10JktinMHgOd+hvgefD5HLPfI/lXgdJ2RjVo/A/q5QzfcO
5lYYaASLF3kvWQNof7Geea2pEWJUHPnM9t9e6/QGJL08e0CAYbYSAYfb/D9igmnW
huemUiv7qh1vSIwUCbQMXjJ7+XrTjgoDHaxXuq77KDu0v5f6fhWZar0AlzHT9ijx
In/WBlRBexluvnNDLqrQhaQAqtpz7qqmdn8vmAH+o89Zn+C40k4ZAcPDrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKp0l9937/jpcxuF/4CIvJHe1MbjMB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEvcW5TWDMzZnYtT2x6RzRYX2dJaThrZDdVeHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucj2MA0G
CSqGSIb3DQEBCwUAA4IBAQA8rvRIm8sH9RXFpTZ0sajD5gsKbLv5/73NZlYjAJC2
ZcUsgnpD9NkWjGUSrJ9om484f9uknNWCdTz2KBA59fSTgukBLUxYQVDZcwgRHcux
IyvleW8Ug0TzeNckWvRYLX8eLIMmqiXSQO8oMNAyJhSZ7rNvwe8aCqnjjozDK5sW
aCPtgqFMKgoOBrlObk5F3CbnM4wDYuDOv62zsoH7bgQDQsNYtU/BPWPhfTZ4YgI5
T15fywPgumGLgEUVNM06ZZIw/GoinYO1+3JhEMqpzGkXqzDWsCeDpF0rDoL/nWNw
fwiKx6slMxQ9piM1ih9FRXZcvm4kgNKo4zR2FYlKLtfK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:29 2024 by rpki-client on console-ams.rpki-client.org