Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QjVyhkgEQDTKeLI-M7LsqfTq_d0.roa
File:                     QjVyhkgEQDTKeLI-M7LsqfTq_d0.roa (raw, json)
Hash identifier:          ldJR1Lh5uxVq5/p/rUKwrW9L2Wt1iZvMFW3fEBPR6W4=
Subject key identifier:   42:35:72:86:48:04:40:34:CA:78:B2:3E:33:B2:EC:A9:F4:EA:FD:DD
Certificate issuer:       /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial:       0188283933841968EB49526EFAA36EFA9F5E
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QjVyhkgEQDTKeLI-M7LsqfTq_d0.roa
Signing time:             Wed 17 May 2023 05:40:17 +0000
ROA not before:           Wed 17 May 2023 05:40:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50810
IP address blocks:        93.117.176.0/20 maxlen: 22
                          93.119.208.0/20 maxlen: 22
                          188.213.192.0/22 maxlen: 22
                          188.212.240.0/21 maxlen: 21
                          37.98.114.0/24 maxlen: 24
                          188.211.0.0/20 maxlen: 20
                          94.101.248.0/21 maxlen: 21
                          178.131.0.0/16 maxlen: 22
                          37.98.64.0/18 maxlen: 22
                          62.102.128.0/20 maxlen: 22

Validation:               Failed, certificate revoked on Sat 27 May 2023 15:23:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:28:39:33:84:19:68:eb:49:52:6e:fa:a3:6e:fa:9f:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
        Validity
            Not Before: May 17 05:40:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4235728648044034ca78b23e33b2eca9f4eafddd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f9:f3:29:c7:c2:1e:c7:cb:72:71:d4:9f:cf:
                    d3:79:d9:ba:5d:97:85:ae:9d:e5:75:b3:25:83:54:
                    64:02:d3:60:75:3c:03:eb:f3:3c:cb:77:5e:32:bd:
                    53:b8:eb:97:ff:13:19:16:00:8d:c0:19:58:d9:2a:
                    21:48:5d:23:53:d8:da:a0:f7:ff:c5:90:96:b7:70:
                    6d:f5:6f:51:5a:7e:ec:8b:e7:98:70:c5:ec:99:a4:
                    5f:bb:57:a3:d3:21:9f:ed:d0:2b:da:70:e0:49:cb:
                    b1:ce:b7:dc:11:9f:ff:ed:cf:d0:86:40:89:45:08:
                    7b:1a:b3:8f:1a:68:1e:a0:73:b2:bd:a3:69:ad:49:
                    33:a1:d7:24:95:36:79:89:ea:51:15:81:a8:ef:7e:
                    7f:d7:cf:ab:7b:9b:d5:6f:9a:06:e4:bb:99:2d:9b:
                    a7:29:76:6a:87:e8:04:c9:87:8c:52:ac:7f:f6:fa:
                    c7:cf:72:1f:77:08:ae:5d:d1:83:7b:34:af:3a:58:
                    24:6d:70:ae:1e:a2:8d:bf:69:f6:6e:c4:22:83:15:
                    e7:86:ef:5b:cf:89:ae:b6:e7:23:d4:05:15:18:7e:
                    c6:7d:22:67:47:f2:32:cc:87:04:04:5e:7a:83:1a:
                    82:49:83:a7:8a:b2:32:f3:b1:c6:48:c4:98:c9:dd:
                    4d:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:35:72:86:48:04:40:34:CA:78:B2:3E:33:B2:EC:A9:F4:EA:FD:DD
            X509v3 Authority Key Identifier:
                keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QjVyhkgEQDTKeLI-M7LsqfTq_d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.98.64.0/18
                  62.102.128.0/20
                  93.117.176.0/20
                  93.119.208.0/20
                  94.101.248.0/21
                  178.131.0.0/16
                  188.211.0.0/20
                  188.212.240.0/21
                  188.213.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         56:da:b0:ae:a1:ca:f7:73:9a:c5:20:59:b3:1f:db:c6:f4:9b:
         62:5b:aa:ff:86:fa:59:3d:2a:81:c5:2c:38:65:a4:c7:1a:26:
         78:4a:e3:d4:a6:73:0a:46:93:01:16:6b:e4:4a:d0:b4:dc:cc:
         1f:71:67:b7:03:7f:93:91:ce:5c:9c:e0:af:94:b6:31:c8:fb:
         f5:e3:bd:30:f1:4e:a4:56:c4:5f:07:20:41:a5:83:18:0f:23:
         a4:84:5a:4f:33:ee:24:e6:34:77:31:58:29:29:21:df:e7:9b:
         9a:f4:e5:0d:c4:23:56:8d:ee:c3:5f:b9:3a:59:95:ac:43:37:
         b5:de:88:c4:d2:6a:d2:44:80:83:9f:46:ad:80:df:1b:e4:dc:
         9c:2c:b8:3c:67:69:8d:1c:f2:6e:5c:f9:bf:c3:4b:46:a3:69:
         7c:73:03:b8:50:98:c9:00:01:d8:e2:da:ff:bb:89:2e:af:0e:
         b6:54:00:9a:94:46:10:79:c2:a7:78:55:e2:c5:7b:fa:35:8d:
         3f:45:8c:a9:16:42:d7:bb:f4:a5:fd:60:b5:dc:94:43:65:02:
         cd:98:76:c7:35:0c:6a:72:e1:0b:dd:71:a7:64:25:d0:9e:d4:
         d9:99:98:af:36:5d:e8:33:cc:8c:29:05:85:4b:06:cc:f6:18:
         16:32:20:f3
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYgoOTOEGWjrSVJu+qNu+p9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjMwNTE3MDU0MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjM1NzI4NjQ4MDQ0MDM0Y2E3OGIyM2UzM2IyZWNhOWY0ZWFmZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfnzKcfCHsfLcnHUn8/Tedm6XZeF
rp3ldbMlg1RkAtNgdTwD6/M8y3deMr1TuOuX/xMZFgCNwBlY2SohSF0jU9jaoPf/
xZCWt3Bt9W9RWn7si+eYcMXsmaRfu1ej0yGf7dAr2nDgScuxzrfcEZ//7c/QhkCJ
RQh7GrOPGmgeoHOyvaNprUkzodcklTZ5iepRFYGo735/18+re5vVb5oG5LuZLZun
KXZqh+gEyYeMUqx/9vrHz3IfdwiuXdGDezSvOlgkbXCuHqKNv2n2bsQigxXnhu9b
z4mutucj1AUVGH7GfSJnR/IyzIcEBF56gxqCSYOnirIy87HGSMSYyd1NhwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFEI1coZIBEA0yniyPjOy7Kn06v3dMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvUWpWeWhrZ0VRRFRLZUxJLU03THNxZlRxX2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1AwQGJWJAAwQE
PmaAAwQEXXWwAwQEXXfQAwQDXmX4AwMAsoMDBAS80wADBAO81PADBAK81cAwDQYJ
KoZIhvcNAQELBQADggEBAFbasK6hyvdzmsUgWbMf28b0m2Jbqv+G+lk9KoHFLDhl
pMcaJnhK49SmcwpGkwEWa+RK0LTczB9xZ7cDf5ORzlyc4K+UtjHI+/XjvTDxTqRW
xF8HIEGlgxgPI6SEWk8z7iTmNHcxWCkpId/nm5r05Q3EI1aN7sNfuTpZlaxDN7Xe
iMTSatJEgIOfRq2A3xvk3JwsuDxnaY0c8m5c+b/DS0ajaXxzA7hQmMkAAdji2v+7
iS6vDrZUAJqURhB5wqd4VeLFe/o1jT9FjKkWQte79KX9YLXclENlAs2Ydsc1DGpy
4QvdcadkJdCe1NmZmK82XegzzIwpBYVLBsz2GBYyIPM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:27 2024 by rpki-client on console-ams.rpki-client.org