Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Qt9HfqpriTDvAHNm08B_9bXEbcY.roa
File:                     Qt9HfqpriTDvAHNm08B_9bXEbcY.roa (raw, json)
Hash identifier:          x6qr31ugsazNuRHm1LkvpqNlBICilr19W/hDXNjXIL8=
Subject key identifier:   42:DF:47:7E:AA:6B:89:30:EF:00:73:66:D3:C0:7F:F5:B5:C4:6D:C6
Certificate issuer:       /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial:       018DC06E2BFBC8166042542C2A416815757D
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Qt9HfqpriTDvAHNm08B_9bXEbcY.roa
Signing time:             Mon 19 Feb 2024 08:14:22 +0000
ROA not before:           Mon 19 Feb 2024 08:14:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     33915
IP address blocks:        2a07:3500:1170::/48 maxlen: 48
                          2a07:3500:1240::/46 maxlen: 46
                          2a07:3500:12d0::/48 maxlen: 48
                          2a07:3500:12f8::/48 maxlen: 48
                          2a07:3500:15a0::/48 maxlen: 48
                          2a07:3500:15c0::/48 maxlen: 48
                          2a07:3500:1890::/48 maxlen: 48
                          2a07:3500:1b90::/48 maxlen: 48
                          2a07:3501:1340::/48 maxlen: 48
                          2a07:3502:1050::/48 maxlen: 48
                          2a07:3502:1060::/48 maxlen: 48
                          2a07:3502:10a1::/48 maxlen: 48
                          2a07:3502:10c0::/48 maxlen: 48
                          2a07:3502:11a0::/46 maxlen: 46

Validation:               Failed, certificate revoked on Thu 14 Mar 2024 14:41:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c0:6e:2b:fb:c8:16:60:42:54:2c:2a:41:68:15:75:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
        Validity
            Not Before: Feb 19 08:14:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=42df477eaa6b8930ef007366d3c07ff5b5c46dc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:56:32:fe:13:04:93:2e:ba:71:49:fb:86:a3:
                    e5:66:fb:46:b0:60:90:bf:df:7b:d5:39:a8:49:4b:
                    68:59:58:bd:b6:4b:2b:26:34:1c:de:c3:68:f1:4f:
                    8a:fc:41:51:50:1e:05:1e:a7:c1:d3:ad:4e:fd:f0:
                    4a:6f:a5:a0:94:ed:1d:49:59:74:22:77:c2:73:6b:
                    c1:d9:dc:9b:2d:90:17:e5:37:45:c8:97:fb:fb:90:
                    07:3b:02:79:47:97:84:2d:27:cd:07:a4:91:c5:08:
                    29:1c:7f:bf:84:a3:ef:f8:24:50:90:d0:9a:1e:91:
                    af:3e:9e:9d:7f:28:45:20:6a:0c:70:d7:f6:df:73:
                    b4:f4:28:d2:9f:91:92:ac:58:c8:a4:4d:fa:31:ef:
                    80:d4:db:9b:fa:99:ba:fe:e2:96:e4:9d:27:34:46:
                    1f:bf:89:7d:cc:08:3d:8d:03:fb:c7:4c:e4:65:95:
                    cb:c3:4b:9f:d0:a6:3c:d1:e9:97:5f:74:93:01:eb:
                    23:d1:3d:66:68:ea:de:f9:6a:a0:10:d9:ac:c6:f7:
                    e7:e0:da:1b:52:ba:91:c0:5f:f3:8b:c3:0c:53:89:
                    15:21:a1:87:a0:9f:f9:45:86:20:7f:5b:83:ee:24:
                    f8:b4:0d:0b:81:06:da:b2:6c:ed:ce:be:e4:ef:53:
                    9c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:DF:47:7E:AA:6B:89:30:EF:00:73:66:D3:C0:7F:F5:B5:C4:6D:C6
            X509v3 Authority Key Identifier:
                keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Qt9HfqpriTDvAHNm08B_9bXEbcY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:3500:1170::/48
                  2a07:3500:1240::/46
                  2a07:3500:12d0::/48
                  2a07:3500:12f8::/48
                  2a07:3500:15a0::/48
                  2a07:3500:15c0::/48
                  2a07:3500:1890::/48
                  2a07:3500:1b90::/48
                  2a07:3501:1340::/48
                  2a07:3502:1050::/48
                  2a07:3502:1060::/48
                  2a07:3502:10a1::/48
                  2a07:3502:10c0::/48
                  2a07:3502:11a0::/46

    Signature Algorithm: sha256WithRSAEncryption
         c6:c5:5c:fd:6b:67:c9:ed:60:52:89:49:40:a0:b7:48:aa:2e:
         9b:61:c1:ff:55:f6:0f:74:3f:10:ed:eb:d4:6a:9c:ee:21:bf:
         98:a8:a7:a0:f4:ce:37:72:10:06:04:a3:b8:29:ac:82:42:92:
         8c:a9:21:b9:74:56:6b:49:de:0e:93:dc:6c:be:d3:83:03:3e:
         3e:cc:4c:82:f3:f2:28:ed:8b:ef:08:c1:2f:85:e6:78:17:2d:
         03:e9:89:16:ac:0f:50:49:37:f0:bd:32:28:65:fa:a8:88:12:
         b2:02:75:9a:e3:eb:c0:c5:6c:6a:10:24:47:f0:02:1a:00:81:
         7e:d9:b0:5b:69:22:98:ca:88:60:56:6b:40:b9:fe:d1:4f:8c:
         8b:e3:60:cb:24:5d:e3:03:8b:ba:75:39:8a:ff:cc:b3:dc:00:
         38:82:da:20:9a:b8:0f:57:f1:3c:df:83:5a:df:7e:f3:ae:1f:
         45:5b:02:74:2a:7f:bf:7e:0d:aa:ac:50:03:0d:8c:da:eb:f7:
         79:ac:81:2f:03:6f:26:7a:47:75:c9:35:13:99:0d:f5:18:67:
         36:4b:3d:58:c6:01:bc:e9:c2:ff:0a:9b:49:65:fb:8e:a8:a5:
         47:9f:15:08:a6:ac:e8:f3:37:4c:eb:45:5e:a6:6f:e7:c4:b3:
         05:57:84:bd
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY3Abiv7yBZgQlQsKkFoFXV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMjE5MDgxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmRmNDc3ZWFhNmI4OTMwZWYwMDczNjZkM2MwN2ZmNWI1YzQ2ZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFYy/hMEky66cUn7hqPlZvtGsGCQ
v9971TmoSUtoWVi9tksrJjQc3sNo8U+K/EFRUB4FHqfB061O/fBKb6WglO0dSVl0
InfCc2vB2dybLZAX5TdFyJf7+5AHOwJ5R5eELSfNB6SRxQgpHH+/hKPv+CRQkNCa
HpGvPp6dfyhFIGoMcNf233O09CjSn5GSrFjIpE36Me+A1Nub+pm6/uKW5J0nNEYf
v4l9zAg9jQP7x0zkZZXLw0uf0KY80emXX3STAesj0T1maOre+WqgENmsxvfn4Nob
UrqRwF/zi8MMU4kVIaGHoJ/5RYYgf1uD7iT4tA0LgQbasmztzr7k71OcbwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFELfR36qa4kw7wBzZtPAf/W1xG3GMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvUXQ5SGZxcHJpVER2QUhObTA4Ql85YlhFYmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMHACoH
NQARcAMHAioHNQASQAMHACoHNQAS0AMHACoHNQAS+AMHACoHNQAVoAMHACoHNQAV
wAMHACoHNQAYkAMHACoHNQAbkAMHACoHNQETQAMHACoHNQIQUAMHACoHNQIQYAMH
ACoHNQIQoQMHACoHNQIQwAMHAioHNQIRoDANBgkqhkiG9w0BAQsFAAOCAQEAxsVc
/Wtnye1gUolJQKC3SKoum2HB/1X2D3Q/EO3r1Gqc7iG/mKinoPTON3IQBgSjuCms
gkKSjKkhuXRWa0neDpPcbL7TgwM+PsxMgvPyKO2L7wjBL4XmeBctA+mJFqwPUEk3
8L0yKGX6qIgSsgJ1muPrwMVsahAkR/ACGgCBftmwW2kimMqIYFZrQLn+0U+Mi+Ng
yyRd4wOLunU5iv/Ms9wAOILaIJq4D1fxPN+DWt9+864fRVsCdCp/v34NqqxQAw2M
2uv3eayBLwNvJnpHdck1E5kN9RhnNks9WMYBvOnC/wqbSWX7jqilR58VCKas6PM3
TOtFXqZv58SzBVeEvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org