Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Q9hpPAEX7fZ8xDAjghOjJF6GebA.roa
File:                     Q9hpPAEX7fZ8xDAjghOjJF6GebA.roa (raw, json)
Hash identifier:          qhnuIYQIdSbsjkuG1kbewgPV4PlEw3uvjkH98fulVA0=
Subject key identifier:   43:D8:69:3C:01:17:ED:F6:7C:C4:30:23:82:13:A3:24:5E:86:79:B0
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0185708CEE00ADBEC07715A027F1D4044E72
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Q9hpPAEX7fZ8xDAjghOjJF6GebA.roa
Signing time:             Mon 02 Jan 2023 03:36:02 +0000
ROA not before:           Mon 02 Jan 2023 03:36:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398465
IP address blocks:        94.241.168.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Jun 2023 14:34:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:ee:00:ad:be:c0:77:15:a0:27:f1:d4:04:4e:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan  2 03:36:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=43d8693c0117edf67cc430238213a3245e8679b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:fd:08:4f:51:01:f4:75:c8:d8:03:f3:e1:e1:
                    eb:cf:a7:e9:c3:ee:00:b9:fd:43:23:35:5e:28:d7:
                    6a:7a:f7:c9:68:d8:ae:76:a2:af:08:53:26:1f:7c:
                    c4:c4:50:ef:c0:98:2f:f3:8c:2d:c6:95:2d:db:ec:
                    a8:dd:03:a6:55:5e:4f:8f:22:18:64:02:fc:2d:d9:
                    76:df:ab:08:89:5e:00:a6:ba:21:9e:fa:1e:a8:ae:
                    07:4b:08:25:75:4c:85:bb:74:c2:1f:36:6c:bb:64:
                    d7:6b:a8:31:01:c9:49:7a:44:b3:74:dd:70:ba:b2:
                    da:0c:e2:a9:a1:ac:33:df:db:49:d9:a7:40:b1:21:
                    a8:10:81:f2:bc:48:d5:0b:f2:6a:92:a5:90:92:5c:
                    6c:b2:87:91:4a:72:6a:f1:52:cb:d1:fc:14:f4:73:
                    24:d2:bd:58:a9:3e:91:70:f3:a5:a9:e6:e3:a3:4b:
                    2f:63:6f:76:f3:5f:04:ea:65:90:d6:59:43:d3:e4:
                    77:4f:38:07:59:09:c3:03:d7:c1:29:de:4b:07:09:
                    09:f3:01:8a:f2:b7:24:3a:2a:aa:22:0e:a0:70:1c:
                    d6:69:7d:9a:ce:7f:31:79:ee:90:c0:f5:99:23:e8:
                    5a:78:7c:61:cd:aa:6c:48:80:be:67:dc:c4:03:c7:
                    b3:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:D8:69:3C:01:17:ED:F6:7C:C4:30:23:82:13:A3:24:5E:86:79:B0
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Q9hpPAEX7fZ8xDAjghOjJF6GebA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.241.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         73:8d:4e:ca:35:90:03:ae:c6:15:94:f2:72:05:bd:1f:a2:af:
         df:a4:0b:a5:f2:bf:bc:7c:94:90:16:13:4e:27:b3:c6:2d:d2:
         db:2f:41:98:e7:66:76:16:88:c5:a4:33:dd:c0:3b:db:6a:1a:
         5d:f8:80:f3:1f:dc:2f:65:df:0d:c7:ef:f7:62:41:d0:79:9e:
         21:25:84:3c:a4:a3:a6:b0:88:e8:10:d8:36:4c:dc:7d:50:a8:
         d5:c7:0d:7c:27:80:7b:1e:65:8a:f3:3d:84:f6:91:02:38:f9:
         4c:6f:03:41:e8:80:01:8b:01:1f:ba:c6:af:11:67:db:97:87:
         d3:35:4f:36:47:9c:8f:27:3a:8f:de:cb:08:ca:cc:89:1d:7a:
         ac:4e:af:10:63:0d:48:7f:1e:ac:a7:ce:38:43:da:4b:e8:f1:
         f4:18:12:89:40:21:f8:b3:18:9f:e6:13:a1:72:c4:48:46:fc:
         87:78:05:60:a8:7a:73:4b:4c:81:b7:9b:35:9a:eb:c2:18:fe:
         0a:64:dd:58:32:67:6d:f4:5b:70:68:6b:9e:bd:73:c7:63:d2:
         76:f9:37:d8:f0:a3:fe:30:81:f1:78:59:86:3f:3d:16:a9:80:
         1d:69:6c:bd:1d:7a:ed:e3:e6:be:70:af:e3:dd:18:02:c4:d3:
         ff:2c:cb:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjO4Arb7AdxWgJ/HUBE5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTAyMDMzNjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q4NjkzYzAxMTdlZGY2N2NjNDMwMjM4MjEzYTMyNDVlODY3OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/0IT1EB9HXI2APz4eHrz6fpw+4A
uf1DIzVeKNdqevfJaNiudqKvCFMmH3zExFDvwJgv84wtxpUt2+yo3QOmVV5PjyIY
ZAL8Ldl236sIiV4AprohnvoeqK4HSwgldUyFu3TCHzZsu2TXa6gxAclJekSzdN1w
urLaDOKpoawz39tJ2adAsSGoEIHyvEjVC/JqkqWQklxssoeRSnJq8VLL0fwU9HMk
0r1YqT6RcPOlqebjo0svY292818E6mWQ1llD0+R3TzgHWQnDA9fBKd5LBwkJ8wGK
8rckOiqqIg6gcBzWaX2azn8xee6QwPWZI+haeHxhzapsSIC+Z9zEA8ez3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPYaTwBF+32fMQwI4IToyRehnmwMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvUTlocFBBRVg3Zlo4eERBamdoT2pKRjZHZWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXvGoMA0G
CSqGSIb3DQEBCwUAA4IBAQBzjU7KNZADrsYVlPJyBb0foq/fpAul8r+8fJSQFhNO
J7PGLdLbL0GY52Z2FojFpDPdwDvbahpd+IDzH9wvZd8Nx+/3YkHQeZ4hJYQ8pKOm
sIjoENg2TNx9UKjVxw18J4B7HmWK8z2E9pECOPlMbwNB6IABiwEfusavEWfbl4fT
NU82R5yPJzqP3ssIysyJHXqsTq8QYw1Ifx6sp844Q9pL6PH0GBKJQCH4sxif5hOh
csRIRvyHeAVgqHpzS0yBt5s1muvCGP4KZN1YMmdt9FtwaGuevXPHY9J2+TfY8KP+
MIHxeFmGPz0WqYAdaWy9HXrt4+a+cK/j3RgCxNP/LMuO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org