Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/QdbuMulj3pWFBfCgz4f5cZokHu4.roa
File:                     QdbuMulj3pWFBfCgz4f5cZokHu4.roa (raw, json)
Hash identifier:          TmnAfgeCe6MBt+3QCi3kwVwd1kpSNkdDZjKvMizgVQY=
Subject key identifier:   41:D6:EE:32:E9:63:DE:95:85:05:F0:A0:CF:87:F9:71:9A:24:1E:EE
Certificate issuer:       /CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd
Certificate serial:       018DFA59890F1B31988793772B86799CDF65
Authority key identifier: 12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/QdbuMulj3pWFBfCgz4f5cZokHu4.roa
Signing time:             Fri 01 Mar 2024 14:09:48 +0000
ROA not before:           Fri 01 Mar 2024 14:09:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43647
IP address blocks:        213.148.18.0/23 maxlen: 24
                          213.148.20.0/22 maxlen: 24
                          213.148.28.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 16 May 2024 15:11:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:fa:59:89:0f:1b:31:98:87:93:77:2b:86:79:9c:df:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd
        Validity
            Not Before: Mar  1 14:09:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=41d6ee32e963de958505f0a0cf87f9719a241eee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e1:ea:aa:9c:fb:44:d7:2e:5c:6b:02:7a:a5:
                    37:b0:04:fc:66:03:3c:5e:f4:a5:f4:29:db:a4:99:
                    2e:16:bb:88:97:d1:e4:3c:80:f1:9e:61:67:7d:a0:
                    ab:bc:df:57:87:7f:c4:79:2a:c7:8a:77:9d:25:9b:
                    36:00:38:d1:07:35:9e:b5:2e:5b:c5:6e:cb:62:1a:
                    01:ea:d7:8e:8b:67:c4:76:3a:90:3c:1c:6a:49:80:
                    37:e7:2b:fd:f1:12:2d:3e:a5:df:26:dd:bf:58:86:
                    34:ae:7e:71:2a:45:33:5b:66:22:71:9c:d9:ff:f5:
                    5d:93:5a:59:02:05:6c:bc:a7:38:70:76:fa:0c:ee:
                    5f:78:4f:83:54:fe:c3:df:53:f1:f4:35:cf:1b:f8:
                    11:7f:5d:a8:e0:9d:8d:b9:2c:e2:bd:56:85:eb:01:
                    52:d2:11:65:d6:82:a5:45:b4:4c:b9:8f:a6:91:9c:
                    ed:fd:64:fc:b1:ea:d3:36:f8:b1:f0:df:44:bd:9f:
                    a0:19:07:0c:7d:ce:74:6d:15:6b:70:ec:bc:10:df:
                    0f:08:73:75:d7:10:1f:90:cb:46:db:7e:6c:97:46:
                    26:df:26:92:9b:1f:a3:22:a9:a8:59:6b:8d:c9:39:
                    9e:2f:73:b5:9b:1f:0e:14:69:bf:b1:c7:43:a7:fe:
                    8d:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:D6:EE:32:E9:63:DE:95:85:05:F0:A0:CF:87:F9:71:9A:24:1E:EE
            X509v3 Authority Key Identifier:
                keyid:12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/QdbuMulj3pWFBfCgz4f5cZokHu4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.148.18.0-213.148.23.255
                  213.148.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:48:c6:16:ff:c0:39:c7:8e:92:38:07:58:ff:74:58:c8:ba:
         81:ef:69:ac:7e:f5:f7:e4:3b:0f:f2:e7:75:b4:12:37:d5:0d:
         17:2e:b9:68:fe:fe:77:bf:77:cb:e2:ad:22:09:78:fe:89:5a:
         52:63:1e:dd:82:55:6a:78:d8:80:6d:e6:9f:d3:59:b0:58:6e:
         1b:d1:66:2a:9c:66:1c:2d:ca:8e:2a:f8:c5:15:da:76:ba:36:
         58:59:f0:3f:2e:a0:ea:a7:fa:4b:3c:a0:cf:b6:48:96:3a:db:
         a2:84:3f:53:3a:0f:35:00:3c:4e:ef:10:ca:90:ba:f9:12:54:
         a7:c5:67:6f:8d:2f:0d:74:e7:56:3e:e2:36:53:43:ad:ca:57:
         9c:ea:bf:68:71:0f:7a:46:95:19:43:b1:5f:90:25:2b:68:ed:
         4d:52:4a:96:71:09:f5:3e:ef:8c:71:5f:63:9e:e2:d5:7d:6c:
         a1:7c:55:3a:4b:97:47:ea:10:69:1a:f7:9a:a6:ee:46:c5:7e:
         35:9b:44:d6:36:0e:67:92:c6:22:3a:e7:8a:36:ec:3c:9c:13:
         22:9f:92:3b:00:05:c6:92:4c:7a:b6:9b:24:d0:2d:15:0a:ee:
         87:66:c9:8a:0d:b7:4a:c7:d8:87:61:12:7b:ea:39:63:8a:e3:
         f9:d6:67:a8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY36WYkPGzGYh5N3K4Z5nN9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOTQ2MmQ0NWI4YWI5NWQ0YzM1YzQwMjY1YjMxYjUyYmYx
ZThkYmQwHhcNMjQwMzAxMTQwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ2ZWUzMmU5NjNkZTk1ODUwNWYwYTBjZjg3Zjk3MTlhMjQxZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOHqqpz7RNcuXGsCeqU3sAT8ZgM8
XvSl9CnbpJkuFruIl9HkPIDxnmFnfaCrvN9Xh3/EeSrHinedJZs2ADjRBzWetS5b
xW7LYhoB6teOi2fEdjqQPBxqSYA35yv98RItPqXfJt2/WIY0rn5xKkUzW2YicZzZ
//Vdk1pZAgVsvKc4cHb6DO5feE+DVP7D31Px9DXPG/gRf12o4J2NuSzivVaF6wFS
0hFl1oKlRbRMuY+mkZzt/WT8serTNvix8N9EvZ+gGQcMfc50bRVrcOy8EN8PCHN1
1xAfkMtG235sl0Ym3yaSmx+jIqmoWWuNyTmeL3O1mx8OFGm/scdDp/6NDwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEHW7jLpY96VhQXwoM+H+XGaJB7uMB8GA1UdIwQY
MBaAFBKUYtRbirldTDXEAmWzG1K/Ho29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQt
M2EzODkzMzJmNzlmLzEvUWRidU11bGozcFdGQmZDZ3o0ZjVjWm9rSHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQtM2EzODkzMzJmNzlm
LzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAHVlBID
BAPVlBADBALVlBwwDQYJKoZIhvcNAQELBQADggEBAEFIxhb/wDnHjpI4B1j/dFjI
uoHvaax+9ffkOw/y53W0EjfVDRcuuWj+/ne/d8virSIJeP6JWlJjHt2CVWp42IBt
5p/TWbBYbhvRZiqcZhwtyo4q+MUV2na6NlhZ8D8uoOqn+ks8oM+2SJY626KEP1M6
DzUAPE7vEMqQuvkSVKfFZ2+NLw1051Y+4jZTQ63KV5zqv2hxD3pGlRlDsV+QJSto
7U1SSpZxCfU+74xxX2Oe4tV9bKF8VTpLl0fqEGka95qm7kbFfjWbRNY2DmeSxiI6
54o27DycEyKfkjsABcaSTHq2myTQLRUK7odmyYoNt0rH2IdhEnvqOWOK4/nWZ6g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:36 2024 by rpki-client on console-ams.rpki-client.org