Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/qsBoq3_0rhOOExBXUbQNKoDDr0U.roa
File:                     qsBoq3_0rhOOExBXUbQNKoDDr0U.roa (raw, json)
Hash identifier:          +fagLQ4Jtbr+Se0iMA7HGjJFrAthCr4HaH467kg6QLc=
Subject key identifier:   AA:C0:68:AB:7F:F4:AE:13:8E:13:10:57:51:B4:0D:2A:80:C3:AF:45
Certificate issuer:       /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial:       01857142DDC433FC420641865E423DD08FA2
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/qsBoq3_0rhOOExBXUbQNKoDDr0U.roa
Signing time:             Mon 02 Jan 2023 06:54:45 +0000
ROA not before:           Mon 02 Jan 2023 06:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208582
IP address blocks:        185.51.8.0/22 maxlen: 24
                          2a01:aee0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 11:19:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:42:dd:c4:33:fc:42:06:41:86:5e:42:3d:d0:8f:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
        Validity
            Not Before: Jan  2 06:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aac068ab7ff4ae138e13105751b40d2a80c3af45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:82:e4:22:65:7d:a0:7c:ae:7a:99:11:37:85:
                    a6:f4:bf:f1:2d:b7:36:5e:2f:d9:18:bf:df:84:62:
                    8e:e7:b7:e1:02:1d:53:75:e9:95:82:d9:f0:2c:36:
                    37:74:77:c8:a1:b4:5c:a3:94:2e:20:98:42:d5:65:
                    be:55:92:5a:9f:f2:e6:ac:e9:3a:c5:4d:5c:bc:d3:
                    ef:6f:9b:fa:3b:fe:97:47:3f:5d:88:fb:1e:e5:c1:
                    b7:fc:a6:18:e7:95:d4:3c:1b:a8:5d:6e:04:03:18:
                    0c:89:0c:a4:da:4c:55:92:cd:ab:67:23:82:58:3c:
                    3f:23:e4:34:14:39:7c:74:60:aa:60:6b:5c:4e:37:
                    c3:19:e4:3c:2a:41:b1:d0:0d:7e:8b:4d:6f:de:61:
                    45:48:b3:82:60:f4:e4:67:3e:70:7d:14:bd:0e:bc:
                    25:fd:24:37:9b:3c:45:fe:d9:0a:95:34:bf:2d:cf:
                    64:b9:6f:ad:11:42:c8:ff:05:08:88:ee:18:b6:ad:
                    b5:96:bb:74:af:13:2d:da:71:63:35:a3:dd:79:72:
                    d0:c8:45:69:af:57:bb:ec:a4:9c:6d:76:58:2c:8c:
                    53:f8:8f:9d:fc:63:a4:b1:d0:40:72:90:94:9c:05:
                    52:29:1a:59:f7:f7:09:20:fc:e0:36:e0:4c:e9:f5:
                    58:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:C0:68:AB:7F:F4:AE:13:8E:13:10:57:51:B4:0D:2A:80:C3:AF:45
            X509v3 Authority Key Identifier:
                keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/qsBoq3_0rhOOExBXUbQNKoDDr0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.51.8.0/22
                IPv6:
                  2a01:aee0::/32

    Signature Algorithm: sha256WithRSAEncryption
         60:df:4e:54:e4:8a:85:72:25:9b:31:f3:4d:f8:0c:c3:84:63:
         0e:dd:18:c0:bd:ba:62:00:2d:36:2e:c1:db:3f:8f:d9:63:4c:
         08:87:c1:a5:d2:f1:c3:5f:3c:9a:53:a9:2e:14:90:9d:16:e3:
         ab:16:92:80:7b:76:ce:c8:d8:eb:0f:8a:f9:a4:13:a6:98:d0:
         f3:28:28:fa:0d:8f:32:3b:e5:cf:b5:0f:bb:ad:c2:78:54:eb:
         61:5d:ec:3b:bb:26:ca:49:ff:d4:39:46:ea:30:b5:b6:74:6d:
         9f:b8:ad:51:39:a4:95:86:14:b8:73:7c:b4:fc:fa:89:93:38:
         07:cc:85:4a:0d:a7:b1:be:45:94:42:24:d5:8a:b4:78:31:5c:
         ec:b1:cf:69:a5:81:3e:aa:4d:32:70:d1:e2:15:33:40:17:5a:
         31:b2:65:00:17:d3:73:05:63:a2:87:16:b2:90:40:52:60:21:
         b6:63:35:0c:02:d3:c1:88:be:10:e1:b2:4c:91:40:14:f0:2b:
         20:73:76:da:cb:e0:33:17:b0:d2:62:1c:64:42:1f:2b:42:5e:
         64:5c:87:de:87:48:64:68:00:84:0b:13:2c:d8:8d:b0:cf:b6:
         a5:13:e7:f9:bb:18:1f:2d:aa:c9:c2:70:98:87:4d:0d:7e:e9:
         77:03:7c:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxQt3EM/xCBkGGXkI90I+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMTAyMDY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWMwNjhhYjdmZjRhZTEzOGUxMzEwNTc1MWI0MGQyYTgwYzNhZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4LkImV9oHyuepkRN4Wm9L/xLbc2
Xi/ZGL/fhGKO57fhAh1TdemVgtnwLDY3dHfIobRco5QuIJhC1WW+VZJan/LmrOk6
xU1cvNPvb5v6O/6XRz9diPse5cG3/KYY55XUPBuoXW4EAxgMiQyk2kxVks2rZyOC
WDw/I+Q0FDl8dGCqYGtcTjfDGeQ8KkGx0A1+i01v3mFFSLOCYPTkZz5wfRS9Drwl
/SQ3mzxF/tkKlTS/Lc9kuW+tEULI/wUIiO4Ytq21lrt0rxMt2nFjNaPdeXLQyEVp
r1e77KScbXZYLIxT+I+d/GOksdBAcpCUnAVSKRpZ9/cJIPzgNuBM6fVYXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKrAaKt/9K4TjhMQV1G0DSqAw69FMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvcXNCb3EzXzByaE9PRXhCWFViUU5Lb0REcjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTMIMA0E
AgACMAcDBQAqAa7gMA0GCSqGSIb3DQEBCwUAA4IBAQBg305U5IqFciWbMfNN+AzD
hGMO3RjAvbpiAC02LsHbP4/ZY0wIh8Gl0vHDXzyaU6kuFJCdFuOrFpKAe3bOyNjr
D4r5pBOmmNDzKCj6DY8yO+XPtQ+7rcJ4VOthXew7uybKSf/UOUbqMLW2dG2fuK1R
OaSVhhS4c3y0/PqJkzgHzIVKDaexvkWUQiTVirR4MVzssc9ppYE+qk0ycNHiFTNA
F1oxsmUAF9NzBWOihxaykEBSYCG2YzUMAtPBiL4Q4bJMkUAU8Csgc3bay+AzF7DS
YhxkQh8rQl5kXIfeh0hkaACECxMs2I2wz7alE+f5uxgfLarJwnCYh00Nful3A3xD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org