Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qezV-Jfq79C3NrCfT2_EPl8dN_k.roa
File:                     qezV-Jfq79C3NrCfT2_EPl8dN_k.roa (raw, json)
Hash identifier:          3jvQjedYDXVO3aLbRGmf0j9G6ZbqB6bjswJP5dvCN78=
Subject key identifier:   A9:EC:D5:F8:97:EA:EF:D0:B7:36:B0:9F:4F:6F:C4:3E:5F:1D:37:F9
Certificate issuer:       /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial:       018CC79339A0CB174D80E4A93F501D97E903
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qezV-Jfq79C3NrCfT2_EPl8dN_k.roa
Signing time:             Tue 02 Jan 2024 00:29:23 +0000
ROA not before:           Tue 02 Jan 2024 00:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        212.43.160.0/19 maxlen: 19
                          213.147.224.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Tue 17 Sep 2024 10:54:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:39:a0:cb:17:4d:80:e4:a9:3f:50:1d:97:e9:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
        Validity
            Not Before: Jan  2 00:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a9ecd5f897eaefd0b736b09f4f6fc43e5f1d37f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:59:9a:90:af:eb:6e:1f:73:b7:92:7d:2b:8b:
                    b6:44:d8:d5:50:34:86:9f:ab:f6:43:bc:0d:dc:15:
                    24:eb:2f:37:89:f3:7e:64:76:d1:50:01:de:af:89:
                    06:9f:f2:c2:be:13:ca:35:ea:8c:65:eb:10:fd:ad:
                    28:2c:bd:3a:90:92:df:7f:fb:7a:9c:85:85:03:29:
                    77:5a:d1:67:90:e6:42:4f:a5:ca:3d:4a:18:6f:8c:
                    df:05:87:c9:a6:09:f4:1e:2f:64:1e:ee:20:b3:86:
                    1e:69:c9:ec:ae:ce:b7:1e:80:5e:78:86:95:5e:6a:
                    8f:4e:39:08:f7:6f:f7:54:dd:ce:a9:16:7b:71:b1:
                    1e:92:67:44:8b:79:a3:72:1a:89:c0:45:92:85:dc:
                    b8:d5:79:91:cc:f7:8e:c7:b1:9d:68:42:dc:5e:06:
                    c1:30:c0:04:0c:5a:0c:a0:74:6e:cd:1b:20:7b:44:
                    4a:af:d6:f7:2b:0c:99:6f:ec:7d:4e:a1:7f:2f:51:
                    bc:33:9f:84:44:aa:3e:0b:4d:99:39:f7:ef:33:b1:
                    5a:88:a0:ae:ed:45:c5:30:29:32:c0:29:37:84:1b:
                    d1:cb:ce:85:a0:df:80:a2:e6:91:1d:7c:34:8f:48:
                    4e:67:fc:c1:17:5f:12:0f:69:ad:99:87:25:1c:ac:
                    4c:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:EC:D5:F8:97:EA:EF:D0:B7:36:B0:9F:4F:6F:C4:3E:5F:1D:37:F9
            X509v3 Authority Key Identifier:
                keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qezV-Jfq79C3NrCfT2_EPl8dN_k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.43.160.0/19
                  213.147.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         03:fc:0e:d6:3e:87:e4:6e:67:22:76:82:03:58:fc:be:f8:b0:
         3e:7b:12:8a:90:0e:70:5f:9c:d9:a2:30:54:fa:ac:27:ba:27:
         84:23:54:38:62:8a:91:81:89:91:24:00:47:03:ac:e7:e9:c7:
         e1:51:bc:8f:52:8b:e0:ed:e2:6e:3c:a0:e3:e4:e3:98:51:38:
         3e:cd:aa:0b:8e:25:ba:0a:b3:01:a5:e2:37:eb:a4:fe:9f:81:
         10:96:4d:98:45:85:73:af:e7:8b:f6:e4:ea:de:91:98:17:c1:
         10:e1:e9:ff:b0:db:0e:74:ff:3e:b4:9c:c1:b6:aa:3c:85:12:
         e8:eb:f2:a6:2a:61:ed:ec:14:cf:de:e4:1b:07:41:aa:08:6b:
         95:4c:67:1e:d7:85:55:36:6d:06:03:f6:bc:17:d3:74:ba:a7:
         9c:75:03:f6:82:49:48:04:43:85:53:98:28:39:5c:d0:7e:fa:
         8c:1c:0a:7c:f8:2a:1c:73:05:60:3b:22:69:07:89:83:2c:31:
         ce:07:00:07:03:c1:a7:68:26:09:e1:24:b4:e3:18:0b:f9:dc:
         2c:b4:45:0e:ba:0f:79:69:2c:2b:1f:50:29:1a:45:8e:e5:54:
         ea:78:0c:0c:d3:e2:a9:6d:19:89:fd:84:c1:dd:1e:15:f7:5d:
         1b:bd:f1:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHkzmgyxdNgOSpP1Adl+kDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWVjZDVmODk3ZWFlZmQwYjczNmIwOWY0ZjZmYzQzZTVmMWQzN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VmakK/rbh9zt5J9K4u2RNjVUDSG
n6v2Q7wN3BUk6y83ifN+ZHbRUAHer4kGn/LCvhPKNeqMZesQ/a0oLL06kJLff/t6
nIWFAyl3WtFnkOZCT6XKPUoYb4zfBYfJpgn0Hi9kHu4gs4Yeacnsrs63HoBeeIaV
XmqPTjkI92/3VN3OqRZ7cbEekmdEi3mjchqJwEWShdy41XmRzPeOx7GdaELcXgbB
MMAEDFoMoHRuzRsge0RKr9b3KwyZb+x9TqF/L1G8M5+ERKo+C02ZOffvM7FaiKCu
7UXFMCkywCk3hBvRy86FoN+AouaRHXw0j0hOZ/zBF18SD2mtmYclHKxMNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKns1fiX6u/Qtzawn09vxD5fHTf5MB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvcWV6Vi1KZnE3OUMzTnJDZlQyX0VQbDhkTl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQF1CugAwQF
1ZPgMA0GCSqGSIb3DQEBCwUAA4IBAQAD/A7WPofkbmcidoIDWPy++LA+exKKkA5w
X5zZojBU+qwnuieEI1Q4YoqRgYmRJABHA6zn6cfhUbyPUovg7eJuPKDj5OOYUTg+
zaoLjiW6CrMBpeI366T+n4EQlk2YRYVzr+eL9uTq3pGYF8EQ4en/sNsOdP8+tJzB
tqo8hRLo6/KmKmHt7BTP3uQbB0GqCGuVTGce14VVNm0GA/a8F9N0uqecdQP2gklI
BEOFU5goOVzQfvqMHAp8+CoccwVgOyJpB4mDLDHOBwAHA8GnaCYJ4SS04xgL+dws
tEUOug95aSwrH1ApGkWO5VTqeAwM0+KpbRmJ/YTB3R4V910bvfGK
-----END CERTIFICATE-----
Generated at Tue Sep 17 15:54:05 2024 by rpki-client on console-fra.rpki-client.org