Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/QXoYuk6kE705gS_2JBmEypiBRcI.roa
File:                     QXoYuk6kE705gS_2JBmEypiBRcI.roa (raw, json)
Hash identifier:          dhetaiPiKT3NfzJ85P4WRTWTlL+CqtqxY3zHldRu6Z0=
Subject key identifier:   41:7A:18:BA:4E:A4:13:BD:39:81:2F:F6:24:19:84:CA:98:81:45:C2
Certificate issuer:       /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial:       01857246CB37D25DCFB6BCEBCF9D369C469E
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/QXoYuk6kE705gS_2JBmEypiBRcI.roa
Signing time:             Mon 02 Jan 2023 11:38:40 +0000
ROA not before:           Mon 02 Jan 2023 11:38:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212179
IP address blocks:        212.172.0.0/16 maxlen: 24
                          212.172.20.0/24 maxlen: 32
                          212.172.165.128/27 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:46:cb:37:d2:5d:cf:b6:bc:eb:cf:9d:36:9c:46:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
        Validity
            Not Before: Jan  2 11:38:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=417a18ba4ea413bd39812ff6241984ca988145c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a6:0e:96:fa:8d:6f:81:ea:be:76:cf:9e:1b:
                    1a:20:9c:d2:d5:3b:7d:93:3d:1b:73:15:71:14:c3:
                    62:95:15:7e:8f:27:2a:57:58:33:41:87:6d:ac:0d:
                    06:46:5a:db:09:3c:f3:c8:7d:e6:8e:ad:cd:9a:8b:
                    48:98:fc:b1:3c:a2:4c:a6:c0:e1:71:f1:15:51:83:
                    fe:09:78:97:3e:bc:b9:1d:84:15:76:05:81:c8:43:
                    6a:6f:88:32:a5:2f:57:19:5b:07:a4:f2:12:48:d6:
                    b5:75:54:8c:04:f8:02:cf:00:14:71:ea:ef:44:f5:
                    d3:5f:e7:58:41:86:a0:1e:8e:b3:6a:a9:83:e4:7d:
                    aa:f5:9c:23:5c:3f:a4:4f:97:ec:e8:0b:be:e6:e0:
                    eb:e0:ea:86:6c:f9:73:d1:77:5f:d4:b0:a4:bc:83:
                    7c:09:52:6c:ae:10:85:52:36:e2:e6:a4:58:fe:39:
                    fe:37:9d:c0:2a:0d:bf:62:c0:41:97:b4:84:07:c1:
                    c9:71:c7:cc:9a:19:10:a5:28:29:4d:5a:83:82:e9:
                    89:31:46:44:b1:36:e9:a0:ba:09:e3:60:96:eb:c9:
                    75:62:be:57:85:21:ac:a6:ae:e9:28:f3:0c:2d:73:
                    d4:5d:98:4b:79:a3:16:1b:4a:a9:17:40:a7:13:b0:
                    6c:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:7A:18:BA:4E:A4:13:BD:39:81:2F:F6:24:19:84:CA:98:81:45:C2
            X509v3 Authority Key Identifier:
                keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/QXoYuk6kE705gS_2JBmEypiBRcI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.172.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1b:7b:90:cb:77:78:b9:36:cf:b1:f5:0f:ef:a1:76:33:10:f5:
         09:8d:fe:4c:7a:95:b0:2f:74:8f:ad:df:45:de:76:3f:58:73:
         55:a7:62:4e:c9:5e:91:27:d3:24:1f:75:ac:4b:5c:ef:f8:3b:
         f2:17:f6:06:e5:9b:ba:61:bf:3e:c5:ee:f4:81:a8:2e:5e:94:
         1a:d5:e5:7b:24:4f:25:d5:ee:01:0d:30:09:d6:09:82:e8:c2:
         51:a3:9c:9e:fd:f7:f5:06:0c:09:3e:00:dc:ad:f2:5d:08:e4:
         08:87:18:44:9d:d7:2b:12:8e:85:4b:cb:62:30:39:32:55:31:
         da:17:c3:69:87:22:6e:2a:78:8e:32:ac:2e:03:29:08:85:f3:
         29:45:58:56:3f:dc:5f:fb:1e:91:1d:25:16:0f:fc:f9:8e:4f:
         5c:9b:53:7b:ad:5b:f1:ff:8d:ce:6e:ad:12:98:fe:63:31:b6:
         aa:a1:2a:15:cf:34:b9:53:f7:67:e6:13:ec:46:2a:b1:e0:93:
         98:b8:1c:70:05:d0:2a:62:6d:b3:b2:99:30:dd:6f:fd:e0:72:
         b1:be:6c:06:84:41:7e:b4:68:82:db:c0:c5:43:79:92:49:0d:
         a4:ff:fd:4e:ff:91:74:dc:4a:f1:5d:8f:13:53:84:3c:ee:ec:
         98:86:18:1f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVyRss30l3Ptrzrz502nEaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTdhMThiYTRlYTQxM2JkMzk4MTJmZjYyNDE5ODRjYTk4ODE0NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KYOlvqNb4HqvnbPnhsaIJzS1Tt9
kz0bcxVxFMNilRV+jycqV1gzQYdtrA0GRlrbCTzzyH3mjq3NmotImPyxPKJMpsDh
cfEVUYP+CXiXPry5HYQVdgWByENqb4gypS9XGVsHpPISSNa1dVSMBPgCzwAUcerv
RPXTX+dYQYagHo6zaqmD5H2q9ZwjXD+kT5fs6Au+5uDr4OqGbPlz0Xdf1LCkvIN8
CVJsrhCFUjbi5qRY/jn+N53AKg2/YsBBl7SEB8HJccfMmhkQpSgpTVqDgumJMUZE
sTbpoLoJ42CW68l1Yr5XhSGspq7pKPMMLXPUXZhLeaMWG0qpF0CnE7BsgwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEF6GLpOpBO9OYEv9iQZhMqYgUXCMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvUVhvWXVrNmtFNzA1Z1NfMkpCbUV5cGlCUmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA1KwwDQYJ
KoZIhvcNAQELBQADggEBABt7kMt3eLk2z7H1D++hdjMQ9QmN/kx6lbAvdI+t30Xe
dj9Yc1WnYk7JXpEn0yQfdaxLXO/4O/IX9gblm7phvz7F7vSBqC5elBrV5XskTyXV
7gENMAnWCYLowlGjnJ799/UGDAk+ANyt8l0I5AiHGESd1ysSjoVLy2IwOTJVMdoX
w2mHIm4qeI4yrC4DKQiF8ylFWFY/3F/7HpEdJRYP/PmOT1ybU3utW/H/jc5urRKY
/mMxtqqhKhXPNLlT92fmE+xGKrHgk5i4HHAF0CpibbOymTDdb/3gcrG+bAaEQX60
aILbwMVDeZJJDaT//U7/kXTcSvFdjxNThDzu7JiGGB8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:41 2024 by rpki-client on console-fra.rpki-client.org