Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/qfJax-PYFLRQ53AO_NKKYiLznaE.roa
File:                     qfJax-PYFLRQ53AO_NKKYiLznaE.roa (raw, json)
Hash identifier:          prPydxy06I5a6o51Tf468Yiyj3IGA+r//hU/X+XNvGY=
Subject key identifier:   A9:F2:5A:C7:E3:D8:14:B4:50:E7:70:0E:FC:D2:8A:62:22:F3:9D:A1
Certificate issuer:       /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial:       018E907140BE2FE326F04C39143AE82A0BC2
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/qfJax-PYFLRQ53AO_NKKYiLznaE.roa
Signing time:             Sat 30 Mar 2024 17:38:45 +0000
ROA not before:           Sat 30 Mar 2024 17:38:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215272
IP address blocks:        45.128.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 30 Mar 2024 19:18:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:90:71:40:be:2f:e3:26:f0:4c:39:14:3a:e8:2a:0b:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
        Validity
            Not Before: Mar 30 17:38:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a9f25ac7e3d814b450e7700efcd28a6222f39da1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:92:11:64:52:d2:ff:26:c2:2d:8d:51:72:63:
                    ea:3d:3f:31:5e:b5:a8:f8:1f:af:b4:51:cf:e4:3d:
                    ba:69:84:c3:64:cd:89:09:0b:f9:20:c3:62:2c:82:
                    73:8a:c3:a5:9b:5b:4e:5d:09:91:fa:f8:fb:36:d4:
                    7c:6b:39:84:e0:94:3a:73:9c:e3:54:fb:e8:f2:2b:
                    ec:10:48:cf:6e:82:7b:db:4f:5c:15:a3:08:35:cc:
                    4c:81:ac:b4:c8:ea:54:6e:2c:90:b4:28:56:c0:8c:
                    84:a0:e0:a3:34:d8:00:25:df:67:a2:d9:3c:91:a0:
                    fb:f9:c4:8a:00:f3:4c:c0:41:cf:e2:31:51:79:f4:
                    2e:9f:6a:1b:ff:82:c1:06:a3:89:ef:ca:a7:57:e5:
                    cb:cc:3c:75:71:f7:ce:41:c5:6a:04:cf:9b:32:36:
                    b4:a8:42:7e:32:11:ad:df:0c:93:60:33:2a:58:0f:
                    a3:51:6a:f4:cd:aa:94:95:80:e9:e2:33:e7:80:5d:
                    a3:0e:bd:13:9a:3f:fe:7c:9d:cf:f2:61:65:3b:00:
                    c6:33:aa:3a:4b:24:bd:75:b6:02:2e:59:f1:80:15:
                    0d:9d:ed:cf:d3:2c:d4:63:d6:67:43:26:cc:9d:7f:
                    cd:08:b9:50:d7:64:a0:4c:fd:43:f5:3e:88:65:e6:
                    dd:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F2:5A:C7:E3:D8:14:B4:50:E7:70:0E:FC:D2:8A:62:22:F3:9D:A1
            X509v3 Authority Key Identifier:
                keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/qfJax-PYFLRQ53AO_NKKYiLznaE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:4a:9a:eb:4d:35:01:db:eb:e7:26:f6:23:47:be:75:59:ce:
         b6:3b:bd:8f:22:9b:4b:86:5c:03:6f:af:78:81:af:fd:8c:24:
         ab:79:92:ab:cf:2f:1d:0a:48:7f:8f:34:98:81:cf:09:91:52:
         2b:7a:74:2c:b8:a1:9e:61:09:61:73:49:d9:ad:0b:a1:da:b3:
         43:4a:8a:dd:ca:8e:ee:0c:0f:2a:e4:99:fe:ae:bc:09:8c:7e:
         44:84:98:29:98:c9:63:36:44:b1:82:0d:da:4d:60:0c:c0:38:
         bc:be:36:46:3a:cf:15:ae:27:5b:03:97:c9:4e:2e:d8:7c:e3:
         84:76:bc:82:07:9b:36:1d:35:35:3b:f8:63:2e:32:90:52:5e:
         ae:52:24:c9:b0:fb:e2:20:29:6d:81:0c:9f:35:86:30:85:1a:
         b2:01:a6:4e:ac:ba:f4:0b:03:02:dd:0f:3e:eb:78:30:44:f5:
         22:8b:0a:17:ba:27:1a:a0:f8:29:5d:9d:57:22:85:98:46:ef:
         f1:65:74:6c:8d:3a:38:b3:9d:70:46:90:1d:bc:10:ff:8b:34:
         27:7f:ab:bb:16:b8:5a:01:2c:d9:d6:39:f9:0d:45:f7:85:b5:
         86:fd:b1:fb:27:0d:4f:f0:e7:96:df:91:81:6c:d0:84:07:a8:
         a1:77:2a:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6QcUC+L+Mm8Ew5FDroKgvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwMzMwMTczODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWYyNWFjN2UzZDgxNGI0NTBlNzcwMGVmY2QyOGE2MjIyZjM5ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJIRZFLS/ybCLY1RcmPqPT8xXrWo
+B+vtFHP5D26aYTDZM2JCQv5IMNiLIJzisOlm1tOXQmR+vj7NtR8azmE4JQ6c5zj
VPvo8ivsEEjPboJ7209cFaMINcxMgay0yOpUbiyQtChWwIyEoOCjNNgAJd9notk8
kaD7+cSKAPNMwEHP4jFRefQun2ob/4LBBqOJ78qnV+XLzDx1cffOQcVqBM+bMja0
qEJ+MhGt3wyTYDMqWA+jUWr0zaqUlYDp4jPngF2jDr0Tmj/+fJ3P8mFlOwDGM6o6
SyS9dbYCLlnxgBUNne3P0yzUY9ZnQybMnX/NCLlQ12SgTP1D9T6IZebd6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnyWsfj2BS0UOdwDvzSimIi852hMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvcWZKYXgtUFlGTFJRNTNBT19OS0tZaUx6bmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYDNMA0G
CSqGSIb3DQEBCwUAA4IBAQBJSprrTTUB2+vnJvYjR751Wc62O72PIptLhlwDb694
ga/9jCSreZKrzy8dCkh/jzSYgc8JkVIrenQsuKGeYQlhc0nZrQuh2rNDSordyo7u
DA8q5Jn+rrwJjH5EhJgpmMljNkSxgg3aTWAMwDi8vjZGOs8VridbA5fJTi7YfOOE
dryCB5s2HTU1O/hjLjKQUl6uUiTJsPviICltgQyfNYYwhRqyAaZOrLr0CwMC3Q8+
63gwRPUiiwoXuicaoPgpXZ1XIoWYRu/xZXRsjTo4s51wRpAdvBD/izQnf6u7Frha
ASzZ1jn5DUX3hbWG/bH7Jw1P8OeW35GBbNCEB6ihdyqu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:02 2024 by rpki-client on console-ams.rpki-client.org