Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1QeKoLBtp7R2Yj3UBRsa59f3hbE.roa
File:                     1QeKoLBtp7R2Yj3UBRsa59f3hbE.roa (raw, json)
Hash identifier:          8Lg7CNKs4B9fT875EwkgdkEJ14UtqpDyL6gUzOAwKI4=
Subject key identifier:   D5:07:8A:A0:B0:6D:A7:B4:76:62:3D:D4:05:1B:1A:E7:D7:F7:85:B1
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C53E35F0A93E2349B0CCBF68CF163AB
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1QeKoLBtp7R2Yj3UBRsa59f3hbE.roa
Signing time:             Sun 01 Jan 2023 07:55:15 +0000
ROA not before:           Sun 01 Jan 2023 07:55:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        194.34.228.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:e3:5f:0a:93:e2:34:9b:0c:cb:f6:8c:f1:63:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d5078aa0b06da7b476623dd4051b1ae7d7f785b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f0:05:81:01:bb:2e:47:93:52:86:f6:c5:9b:
                    2d:38:54:fe:a8:61:2a:ec:ff:91:36:82:f8:82:a0:
                    1b:36:49:1e:ac:eb:07:c8:28:cb:f6:0a:65:dc:46:
                    92:00:cb:05:c7:8f:db:ff:56:1f:00:32:5e:6b:73:
                    59:4b:dd:41:c1:92:9c:b2:a5:dd:10:9e:ee:44:90:
                    11:95:73:63:09:c1:7b:31:ef:3a:08:92:8b:a2:8f:
                    4f:12:4b:42:73:32:15:72:6b:d3:7e:05:88:18:07:
                    66:6d:dd:1d:78:8d:7e:74:0f:45:d1:8f:16:ac:55:
                    14:c9:c3:45:7d:e4:2d:45:6c:f6:1f:80:5f:8a:22:
                    3f:1d:30:dd:b4:45:50:41:7c:46:22:0b:7d:7c:1a:
                    06:f3:bb:1f:44:61:d9:4a:1b:8f:51:12:bc:0a:ff:
                    d0:b1:d6:a0:81:89:41:09:da:0a:7c:40:a5:cb:7f:
                    e0:7d:3d:26:b8:1b:0e:7e:4b:99:a8:0f:d1:3d:b7:
                    85:6b:43:bf:74:39:7e:1a:f4:8b:81:42:51:34:b2:
                    fd:e2:2a:b0:4c:6b:ca:dd:91:d4:65:54:34:b0:d9:
                    a4:03:4a:f7:b8:07:b4:cd:6e:37:14:f9:e4:82:6e:
                    e4:90:42:74:64:b8:9b:ba:be:c5:48:54:b1:f7:fa:
                    23:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:07:8A:A0:B0:6D:A7:B4:76:62:3D:D4:05:1B:1A:E7:D7:F7:85:B1
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1QeKoLBtp7R2Yj3UBRsa59f3hbE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.34.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:0e:87:83:e9:50:61:63:20:fa:eb:e9:f8:5d:bc:3d:eb:d0:
         0e:01:1a:9e:3d:2c:e2:42:05:da:43:96:14:1c:87:33:69:39:
         93:3a:38:31:68:c7:21:f5:5d:30:94:6e:20:ea:c6:77:35:36:
         70:25:8e:1d:27:88:a8:86:46:b6:52:5d:07:07:20:59:cc:94:
         aa:96:74:0b:92:84:01:5c:89:2a:1b:1d:5b:be:dc:ca:2c:20:
         d4:e2:e6:6f:b8:f9:e9:5b:15:61:fe:c3:6a:dc:93:5e:2d:d9:
         5d:40:9c:00:ff:c3:60:5f:e8:97:81:fe:a7:da:2d:95:d3:27:
         20:d5:d8:06:6a:5d:60:1f:d5:ed:9a:15:88:b7:9a:d8:f7:c9:
         be:1e:00:a9:19:b9:62:46:cc:ce:1d:15:2b:23:9f:20:fb:7c:
         94:d7:4f:7f:f0:76:05:c0:78:7d:5e:da:69:68:ec:24:65:75:
         01:60:22:a2:88:59:68:80:91:1a:60:c9:ba:15:3a:88:74:ee:
         1f:13:30:f4:dd:6e:a1:69:1d:82:87:c7:6e:d4:11:39:82:95:
         bf:97:2c:90:9c:b8:19:d0:8b:4a:cb:d6:e5:50:cd:e4:5d:b3:
         83:15:3a:80:4e:37:9c:72:53:94:e1:1a:a4:3f:19:5c:58:b1:
         9f:e0:e7:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU+NfCpPiNJsMy/aM8WOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA3OGFhMGIwNmRhN2I0NzY2MjNkZDQwNTFiMWFlN2Q3Zjc4NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/AFgQG7LkeTUob2xZstOFT+qGEq
7P+RNoL4gqAbNkkerOsHyCjL9gpl3EaSAMsFx4/b/1YfADJea3NZS91BwZKcsqXd
EJ7uRJARlXNjCcF7Me86CJKLoo9PEktCczIVcmvTfgWIGAdmbd0deI1+dA9F0Y8W
rFUUycNFfeQtRWz2H4BfiiI/HTDdtEVQQXxGIgt9fBoG87sfRGHZShuPURK8Cv/Q
sdaggYlBCdoKfECly3/gfT0muBsOfkuZqA/RPbeFa0O/dDl+GvSLgUJRNLL94iqw
TGvK3ZHUZVQ0sNmkA0r3uAe0zW43FPnkgm7kkEJ0ZLibur7FSFSx9/ojJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUHiqCwbae0dmI91AUbGufX94WxMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvMVFlS29MQnRwN1IyWWozVUJSc2E1OWYzaGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiLkMA0G
CSqGSIb3DQEBCwUAA4IBAQDGDoeD6VBhYyD66+n4Xbw969AOARqePSziQgXaQ5YU
HIczaTmTOjgxaMch9V0wlG4g6sZ3NTZwJY4dJ4iohka2Ul0HByBZzJSqlnQLkoQB
XIkqGx1bvtzKLCDU4uZvuPnpWxVh/sNq3JNeLdldQJwA/8NgX+iXgf6n2i2V0ycg
1dgGal1gH9XtmhWIt5rY98m+HgCpGbliRszOHRUrI58g+3yU109/8HYFwHh9Xtpp
aOwkZXUBYCKiiFlogJEaYMm6FTqIdO4fEzD03W6haR2Ch8du1BE5gpW/lyyQnLgZ
0ItKy9blUM3kXbODFTqATjecclOU4RqkPxlcWLGf4OdF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org