Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/QjM_S25mh4dMBo3Cvr4yCLW61k4.roa
File:                     QjM_S25mh4dMBo3Cvr4yCLW61k4.roa (raw, json)
Hash identifier:          KKbKBAMQu1n3E5WpKxgVGfj9izx+ctBCMPiWQkFZJsw=
Subject key identifier:   42:33:3F:4B:6E:66:87:87:4C:06:8D:C2:BE:BE:32:08:B5:BA:D6:4E
Certificate issuer:       /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial:       018CFAE1A3EAB1B06C0519895F028FC2CB9A
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/QjM_S25mh4dMBo3Cvr4yCLW61k4.roa
Signing time:             Thu 11 Jan 2024 23:35:40 +0000
ROA not before:           Thu 11 Jan 2024 23:35:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        37.72.132.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Sat 13 Jan 2024 16:07:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:fa:e1:a3:ea:b1:b0:6c:05:19:89:5f:02:8f:c2:cb:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
        Validity
            Not Before: Jan 11 23:35:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=42333f4b6e6687874c068dc2bebe3208b5bad64e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:0f:9b:2f:a1:93:45:1b:b1:a1:22:37:53:3d:
                    9a:1e:44:ba:f4:93:71:cc:62:b6:b4:9d:25:c3:8b:
                    f8:cc:6f:d8:85:67:43:59:24:28:2f:3c:a5:40:60:
                    69:ad:2a:95:25:07:2c:ff:dd:7e:10:49:79:bc:71:
                    6c:67:8d:1f:df:ba:ee:d7:57:f4:70:f0:74:a0:ce:
                    7d:ec:1c:33:86:3b:6a:45:b5:00:f9:f3:24:4c:bc:
                    fa:b3:bc:d0:35:87:99:06:94:61:e5:59:2f:98:85:
                    ff:3d:ed:62:6a:ff:30:8b:59:35:69:3f:cb:50:c3:
                    94:8b:35:47:a3:38:ae:21:64:b9:80:4a:97:16:c6:
                    55:c2:8d:a6:76:02:52:d1:f0:6d:06:14:91:d0:bd:
                    44:1d:03:64:85:40:48:ee:9c:28:fb:1d:d6:33:7b:
                    ca:15:0e:57:5d:af:f6:fa:e0:30:d4:b9:00:ef:9b:
                    d2:b2:18:d2:a9:88:9a:0d:56:1b:f6:08:73:cf:99:
                    74:60:f2:b1:ec:d1:35:67:ed:27:09:24:3c:81:a4:
                    66:d5:26:47:c3:5f:d6:36:69:47:4e:be:ea:b0:e5:
                    1b:01:85:6b:1f:41:49:6f:11:68:94:36:ca:a1:51:
                    6c:87:25:df:33:1e:c1:7c:22:4d:c0:bd:82:48:cd:
                    5b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:33:3F:4B:6E:66:87:87:4C:06:8D:C2:BE:BE:32:08:B5:BA:D6:4E
            X509v3 Authority Key Identifier:
                keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/QjM_S25mh4dMBo3Cvr4yCLW61k4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.72.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:26:d4:7f:98:13:2b:49:ad:1c:a1:2e:de:d1:80:38:08:12:
         6c:b9:78:8c:d3:f7:df:2d:3f:ea:03:08:29:02:dd:9b:a4:5c:
         ce:93:35:22:e6:2c:e0:f8:65:8b:83:f4:32:e3:e9:a4:ed:52:
         99:7f:67:2b:59:3d:84:65:0e:49:6f:aa:28:d8:8a:06:7a:82:
         5e:e1:28:9c:68:dd:07:07:8c:89:6a:ba:37:43:d6:2c:b9:4a:
         ec:c3:b6:55:50:29:c7:1e:31:d2:5e:de:d6:65:ff:5b:92:e1:
         bc:b8:4b:20:d8:8e:8a:a5:3d:1e:6f:15:b9:1d:1d:ad:39:57:
         2c:58:4e:56:a2:34:3c:3c:b7:02:be:35:33:c8:48:b9:47:db:
         e8:52:87:4a:1e:31:fe:e3:94:26:e5:56:9b:9e:3e:66:4c:fb:
         37:e7:1c:2a:be:c3:29:d4:da:7c:91:bc:bf:ee:53:d3:65:88:
         f1:8b:3c:89:44:66:b3:06:0b:34:df:d6:1f:5c:12:29:9c:68:
         da:ff:35:3d:7c:bf:43:62:71:c2:a2:70:b8:f6:34:d8:e7:22:
         ef:0d:1e:4e:78:ff:87:e3:2b:df:b0:f4:3e:16:f6:f2:af:0c:
         4c:24:9c:47:5b:3e:fa:a8:d2:32:1d:77:d2:50:8c:ce:b0:de:
         0f:64:0a:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz64aPqsbBsBRmJXwKPwsuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTExMjMzNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjMzM2Y0YjZlNjY4Nzg3NGMwNjhkYzJiZWJlMzIwOGI1YmFkNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA+bL6GTRRuxoSI3Uz2aHkS69JNx
zGK2tJ0lw4v4zG/YhWdDWSQoLzylQGBprSqVJQcs/91+EEl5vHFsZ40f37ru11f0
cPB0oM597BwzhjtqRbUA+fMkTLz6s7zQNYeZBpRh5VkvmIX/Pe1iav8wi1k1aT/L
UMOUizVHoziuIWS5gEqXFsZVwo2mdgJS0fBtBhSR0L1EHQNkhUBI7pwo+x3WM3vK
FQ5XXa/2+uAw1LkA75vSshjSqYiaDVYb9ghzz5l0YPKx7NE1Z+0nCSQ8gaRm1SZH
w1/WNmlHTr7qsOUbAYVrH0FJbxFolDbKoVFshyXfMx7BfCJNwL2CSM1bOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIzP0tuZoeHTAaNwr6+Mgi1utZOMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvUWpNX1MyNW1oNGRNQm8zQ3ZyNHlDTFc2MWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJUiEMA0G
CSqGSIb3DQEBCwUAA4IBAQCHJtR/mBMrSa0coS7e0YA4CBJsuXiM0/ffLT/qAwgp
At2bpFzOkzUi5izg+GWLg/Qy4+mk7VKZf2crWT2EZQ5Jb6oo2IoGeoJe4SicaN0H
B4yJaro3Q9YsuUrsw7ZVUCnHHjHSXt7WZf9bkuG8uEsg2I6KpT0ebxW5HR2tOVcs
WE5WojQ8PLcCvjUzyEi5R9voUodKHjH+45Qm5Vabnj5mTPs35xwqvsMp1Np8kby/
7lPTZYjxizyJRGazBgs039YfXBIpnGja/zU9fL9DYnHConC49jTY5yLvDR5OeP+H
4yvfsPQ+FvbyrwxMJJxHWz76qNIyHXfSUIzOsN4PZAqw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org