Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/QgWvaB-iD_4WIszY0Z1vyHb2hCU.roa
File:                     QgWvaB-iD_4WIszY0Z1vyHb2hCU.roa (raw, json)
Hash identifier:          P98FFwBlbhW+Xvpt7hlv6o02H70gekUPeGqjGwiqjEM=
Subject key identifier:   42:05:AF:68:1F:A2:0F:FE:16:22:CC:D8:D1:9D:6F:C8:76:F6:84:25
Certificate issuer:       /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial:       0185C0377B7DC8AB0C8AEA2D12D304DF609E
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/QgWvaB-iD_4WIszY0Z1vyHb2hCU.roa
Signing time:             Tue 17 Jan 2023 14:52:19 +0000
ROA not before:           Tue 17 Jan 2023 14:52:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200207
IP address blocks:        2a12:66c7::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c0:37:7b:7d:c8:ab:0c:8a:ea:2d:12:d3:04:df:60:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
        Validity
            Not Before: Jan 17 14:52:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4205af681fa20ffe1622ccd8d19d6fc876f68425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6f:b2:d3:aa:46:d7:b7:87:0a:a8:76:f4:88:
                    5e:29:aa:72:23:a6:b8:3f:9e:fd:1f:e7:38:22:1b:
                    f1:ba:c2:4b:57:77:27:c3:67:19:ca:29:9e:f6:db:
                    15:68:6e:27:62:92:32:88:a3:21:bb:87:cf:74:c6:
                    b5:9c:4b:96:07:b0:e8:7c:3f:ac:5e:e1:62:72:de:
                    91:92:70:4e:5a:14:50:19:32:00:93:1f:d7:02:8a:
                    a5:40:0d:cc:81:0b:6a:52:bf:47:f2:05:47:e3:ab:
                    5d:f6:17:f5:b1:0c:46:2b:ae:a2:99:40:40:a2:d9:
                    75:d7:51:26:c7:64:18:2f:49:1c:cb:08:60:3c:b1:
                    99:40:d2:7c:65:a5:68:34:a3:f7:bd:f4:27:5c:a1:
                    0c:b8:79:ba:dc:be:35:ae:37:a8:96:72:94:27:c5:
                    9a:55:5d:42:1e:c1:36:3f:de:fa:ae:2f:ff:ee:73:
                    d5:25:05:39:2b:b1:49:40:ff:8c:6f:1a:19:1c:07:
                    dd:9f:8b:25:30:5c:57:de:0b:e0:57:d4:29:66:2a:
                    b9:52:73:5c:9b:25:b3:73:c7:7b:04:ae:a3:be:a2:
                    16:e8:9c:32:db:d0:ea:56:00:08:8b:a9:54:2c:76:
                    b6:98:da:64:26:85:c3:49:49:be:fb:1b:84:d9:85:
                    62:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:05:AF:68:1F:A2:0F:FE:16:22:CC:D8:D1:9D:6F:C8:76:F6:84:25
            X509v3 Authority Key Identifier:
                keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/QgWvaB-iD_4WIszY0Z1vyHb2hCU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:66c7::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:6e:10:5a:09:34:26:7a:c5:b3:0c:ce:94:8c:cf:10:3a:2f:
         ab:fc:22:78:ca:e3:65:36:f3:c3:bb:b6:8b:3a:e0:e2:02:e7:
         7c:c4:57:ce:c8:cb:57:e5:c8:f4:d4:bf:41:dc:03:4c:00:47:
         ee:9e:63:13:63:18:b7:ee:47:ca:c9:e8:42:2f:2d:da:2a:d6:
         e5:b7:48:e5:42:ec:bd:18:d7:f5:03:50:e7:a4:63:35:23:a5:
         60:93:59:7b:6b:59:38:33:b6:4e:51:c4:2c:b7:c5:d9:13:9f:
         97:bf:a9:94:12:83:db:c9:f4:93:56:c7:df:20:18:c5:8c:1f:
         dd:77:d1:3b:3e:e8:3d:b6:44:19:04:a1:60:6a:9b:98:fe:20:
         d5:75:04:8b:a1:fd:84:05:3f:09:71:8e:e8:fd:f9:fa:c6:df:
         88:17:b3:2c:00:da:99:22:4b:02:c2:a1:9c:da:51:c3:b7:a1:
         7b:b8:d7:bd:79:ac:2f:d1:64:25:7a:1f:63:a1:bb:a4:e7:a7:
         25:c2:33:b2:4e:1b:48:e9:82:04:19:23:a6:54:f6:e3:a0:54:
         48:99:30:fc:39:ee:0a:50:cd:83:0b:c9:5c:75:77:a3:4a:a0:
         dc:44:66:c1:bb:8e:0c:6d:68:f2:d6:ae:16:b4:95:be:50:ae:
         68:12:59:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXAN3t9yKsMiuotEtME32CeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjMwMTE3MTQ1MjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA1YWY2ODFmYTIwZmZlMTYyMmNjZDhkMTlkNmZjODc2ZjY4NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2+y06pG17eHCqh29IheKapyI6a4
P579H+c4IhvxusJLV3cnw2cZyime9tsVaG4nYpIyiKMhu4fPdMa1nEuWB7DofD+s
XuFict6RknBOWhRQGTIAkx/XAoqlQA3MgQtqUr9H8gVH46td9hf1sQxGK66imUBA
otl111Emx2QYL0kcywhgPLGZQNJ8ZaVoNKP3vfQnXKEMuHm63L41rjeolnKUJ8Wa
VV1CHsE2P976ri//7nPVJQU5K7FJQP+MbxoZHAfdn4slMFxX3gvgV9QpZiq5UnNc
myWzc8d7BK6jvqIW6Jwy29DqVgAIi6lULHa2mNpkJoXDSUm++xuE2YVioQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEIFr2gfog/+FiLM2NGdb8h29oQlMB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEvUWdXdmFCLWlEXzRXSXN6WTBaMXZ5SGIyaENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhJmxwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAMbhBaCTQmesWzDM6UjM8QOi+r/CJ4yuNlNvPD
u7aLOuDiAud8xFfOyMtX5cj01L9B3ANMAEfunmMTYxi37kfKyehCLy3aKtblt0jl
Quy9GNf1A1DnpGM1I6Vgk1l7a1k4M7ZOUcQst8XZE5+Xv6mUEoPbyfSTVsffIBjF
jB/dd9E7Pug9tkQZBKFgapuY/iDVdQSLof2EBT8JcY7o/fn6xt+IF7MsANqZIksC
wqGc2lHDt6F7uNe9eawv0WQleh9jobuk56clwjOyThtI6YIEGSOmVPbjoFRImTD8
Oe4KUM2DC8lcdXejSqDcRGbBu44MbWjy1q4WtJW+UK5oElmF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:14 2024 by rpki-client on console-ams.rpki-client.org