Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qDoqqGP6jRvPzJpnPEGaJODMi0U.roa
File:                     qDoqqGP6jRvPzJpnPEGaJODMi0U.roa (raw, json)
Hash identifier:          CQSFOXpR14qQDZUJOLR4R8Ax6P1opVaXng6laRK1euo=
Subject key identifier:   A8:3A:2A:A8:63:FA:8D:1B:CF:CC:9A:67:3C:41:9A:24:E0:CC:8B:45
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018E9B75FF02A3BBEF66553B6C8F9D0A87F6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qDoqqGP6jRvPzJpnPEGaJODMi0U.roa
Signing time:             Mon 01 Apr 2024 20:59:45 +0000
ROA not before:           Mon 01 Apr 2024 20:59:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29802
IP address blocks:        176.125.248.0/24 maxlen: 24
                          185.210.232.0/24 maxlen: 24
                          185.210.235.0/24 maxlen: 24
                          185.214.102.0/24 maxlen: 24
                          185.218.20.0/24 maxlen: 24
                          185.225.0.0/24 maxlen: 24
                          185.251.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Aug 2024 11:03:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9b:75:ff:02:a3:bb:ef:66:55:3b:6c:8f:9d:0a:87:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Apr  1 20:59:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a83a2aa863fa8d1bcfcc9a673c419a24e0cc8b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1a:2d:c6:bc:12:df:e6:fd:9c:d7:84:5f:30:
                    8d:66:25:49:c0:d2:26:14:76:a3:e9:41:f4:64:06:
                    4f:40:9f:00:77:06:db:b6:0e:85:75:6c:a5:a8:5a:
                    e8:85:ab:a0:13:4d:2a:00:db:73:e4:a5:ed:4d:be:
                    c0:39:1a:93:3c:bd:92:ec:b9:e6:f2:5f:31:73:29:
                    f7:97:3d:2c:d1:c9:0e:91:57:8b:06:18:9a:66:83:
                    c2:74:6b:d3:3c:20:cf:77:3d:70:cc:70:4c:93:ab:
                    c7:3e:60:d4:85:6a:e2:9d:69:d5:ff:cf:66:99:68:
                    69:35:5e:6d:92:d7:8a:e0:ad:fb:3a:d9:f5:67:05:
                    da:d1:a5:56:25:3b:d8:58:01:80:8a:8e:6e:71:6b:
                    d6:e4:25:33:aa:48:02:52:e5:92:17:2b:4c:86:21:
                    05:82:1c:ca:57:8d:bd:f2:3d:e3:2a:fd:5b:15:e2:
                    37:f9:ee:5e:cd:9e:df:fa:f2:d3:3a:3d:06:01:17:
                    5e:89:cf:56:b9:15:f7:b9:c9:fc:49:c7:7f:5f:15:
                    33:39:c3:2d:cc:4b:43:79:c2:44:c0:7a:d2:c6:33:
                    0a:86:a3:67:f0:31:8d:e2:c2:66:11:5f:bf:7e:f9:
                    9d:a7:37:b9:88:26:9b:15:a5:57:03:dc:37:80:09:
                    02:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:3A:2A:A8:63:FA:8D:1B:CF:CC:9A:67:3C:41:9A:24:E0:CC:8B:45
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qDoqqGP6jRvPzJpnPEGaJODMi0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.125.248.0/24
                  185.210.232.0/24
                  185.210.235.0/24
                  185.214.102.0/24
                  185.218.20.0/24
                  185.225.0.0/24
                  185.251.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:f6:0b:2d:a0:a5:36:57:81:0e:de:35:68:75:38:10:4a:b3:
         15:62:57:48:2b:9a:30:d9:8b:0d:8a:9d:a1:11:2e:13:42:b2:
         48:9e:76:8d:5b:cf:14:17:cb:8e:16:d9:ac:c6:24:38:fa:d7:
         27:5e:e4:e1:f8:06:e3:95:9d:72:29:43:cd:00:5a:4a:02:19:
         07:79:b1:55:2b:fc:ac:2a:6b:fe:94:22:e2:73:66:3a:69:ec:
         6b:4a:07:8c:4b:f0:ad:80:b0:92:5f:b9:3d:1e:d9:e9:c2:3e:
         ff:f5:71:a7:2b:a6:99:59:15:95:6d:2f:b8:75:3f:43:58:94:
         6a:14:39:20:93:47:16:eb:be:69:32:2e:48:24:e1:e6:c2:9b:
         a9:26:2d:65:cf:3a:ae:50:77:a6:df:31:ca:a7:78:e6:3f:cb:
         a2:8c:43:db:01:ad:af:3d:fc:51:0b:50:db:fc:7d:63:0e:94:
         e8:6e:cd:9f:a6:98:1e:f8:64:f9:6a:bc:08:00:0b:f0:d3:29:
         3f:d1:9e:bf:f6:69:3a:ca:67:23:b0:21:10:c5:fa:d5:9a:77:
         4f:5b:73:b0:ba:84:eb:b0:12:c1:57:81:68:a4:d9:83:0e:22:
         71:aa:98:5e:5a:d2:96:5f:f0:f7:9d:60:49:4e:f9:2d:ea:cd:
         d4:b5:a0:04
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY6bdf8Co7vvZlU7bI+dCof2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDAxMjA1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODNhMmFhODYzZmE4ZDFiY2ZjYzlhNjczYzQxOWEyNGUwY2M4YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhotxrwS3+b9nNeEXzCNZiVJwNIm
FHaj6UH0ZAZPQJ8Adwbbtg6FdWylqFrohaugE00qANtz5KXtTb7AORqTPL2S7Lnm
8l8xcyn3lz0s0ckOkVeLBhiaZoPCdGvTPCDPdz1wzHBMk6vHPmDUhWrinWnV/89m
mWhpNV5tkteK4K37Otn1ZwXa0aVWJTvYWAGAio5ucWvW5CUzqkgCUuWSFytMhiEF
ghzKV4298j3jKv1bFeI3+e5ezZ7f+vLTOj0GARdeic9WuRX3ucn8Scd/XxUzOcMt
zEtDecJEwHrSxjMKhqNn8DGN4sJmEV+/fvmdpze5iCabFaVXA9w3gAkCCQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKg6Kqhj+o0bz8yaZzxBmiTgzItFMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcURvcXFHUDZqUnZQekpwblBFR2FKT0RNaTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAsH34AwQA
udLoAwQAudLrAwQAudZmAwQAudoUAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUA
A4IBAQBF9gstoKU2V4EO3jVodTgQSrMVYldIK5ow2YsNip2hES4TQrJInnaNW88U
F8uOFtmsxiQ4+tcnXuTh+AbjlZ1yKUPNAFpKAhkHebFVK/ysKmv+lCLic2Y6aexr
SgeMS/CtgLCSX7k9Htnpwj7/9XGnK6aZWRWVbS+4dT9DWJRqFDkgk0cW675pMi5I
JOHmwpupJi1lzzquUHem3zHKp3jmP8uijEPbAa2vPfxRC1Db/H1jDpTobs2fppge
+GT5arwIAAvw0yk/0Z6/9mk6ymcjsCEQxfrVmndPW3OwuoTrsBLBV4FopNmDDiJx
qpheWtKWX/D3nWBJTvkt6s3UtaAE
-----END CERTIFICATE-----
Generated at Tue Aug 6 15:08:08 2024 by rpki-client on console-ams.rpki-client.org