Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/QF6fxyEeAthb7F4P-LJ2N22-EnI.roa
File:                     QF6fxyEeAthb7F4P-LJ2N22-EnI.roa (raw, json)
Hash identifier:          RQdNWuFwsP4Wkar3Fv1S4jHYNemI62NLsDVFBvphEGs=
Subject key identifier:   40:5E:9F:C7:21:1E:02:D8:5B:EC:5E:0F:F8:B2:76:37:6D:BE:12:72
Certificate issuer:       /CN=6e43d52cf5c721616638a1ab9c3d89fa9a97dc6d
Certificate serial:       018570153E89DEE35F6318FB819D4541E895
Authority key identifier: 6E:43:D5:2C:F5:C7:21:61:66:38:A1:AB:9C:3D:89:FA:9A:97:DC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bkPVLPXHIWFmOKGrnD2J-pqX3G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/QF6fxyEeAthb7F4P-LJ2N22-EnI.roa
Signing time:             Mon 02 Jan 2023 01:25:18 +0000
ROA not before:           Mon 02 Jan 2023 01:25:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51833
IP address blocks:        194.0.21.0/24 maxlen: 24
                          2001:678:98::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:15:3e:89:de:e3:5f:63:18:fb:81:9d:45:41:e8:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e43d52cf5c721616638a1ab9c3d89fa9a97dc6d
        Validity
            Not Before: Jan  2 01:25:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=405e9fc7211e02d85bec5e0ff8b276376dbe1272
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:d2:2e:e9:51:22:75:2e:31:7d:5a:63:12:b3:
                    00:36:7a:a2:28:82:a4:52:9d:0b:e8:1b:a6:dc:77:
                    0a:48:af:04:ab:53:32:29:2a:be:db:7a:ea:92:cc:
                    a4:61:fe:a4:f2:e4:21:e6:f2:b1:2c:ab:69:98:69:
                    5e:70:58:23:60:67:92:bb:ed:a8:ba:cc:f3:0f:4e:
                    83:ba:68:5a:0e:d1:b4:1d:16:59:b5:c4:85:12:89:
                    28:d2:49:13:5a:f9:2a:cd:89:d2:8f:d4:9a:1a:89:
                    84:5c:39:15:8f:7d:a5:9a:a8:f4:f8:1d:52:65:f9:
                    47:ad:95:2b:e7:34:f9:c0:c9:d7:7d:4b:c8:2d:79:
                    98:62:27:7b:ae:22:17:c8:66:65:89:ff:ff:a3:0a:
                    83:d9:40:5d:fc:57:51:63:35:54:4f:16:82:c3:0f:
                    b7:ce:10:75:a9:c4:dd:18:bb:84:b9:11:4c:f5:65:
                    31:96:c8:59:2f:47:a3:de:0c:a1:4e:42:a6:f2:92:
                    c6:36:b6:0e:21:fa:92:d2:61:b9:d6:e3:d2:79:d3:
                    c5:36:a5:c9:28:ed:38:88:83:fa:e1:d9:2a:99:04:
                    e5:f8:ab:4a:c1:c6:35:40:00:00:17:4a:a1:f7:ed:
                    82:c7:6d:66:7e:40:38:e4:83:0f:e2:ba:0c:8d:7a:
                    b0:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:5E:9F:C7:21:1E:02:D8:5B:EC:5E:0F:F8:B2:76:37:6D:BE:12:72
            X509v3 Authority Key Identifier:
                keyid:6E:43:D5:2C:F5:C7:21:61:66:38:A1:AB:9C:3D:89:FA:9A:97:DC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkPVLPXHIWFmOKGrnD2J-pqX3G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/QF6fxyEeAthb7F4P-LJ2N22-EnI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/bkPVLPXHIWFmOKGrnD2J-pqX3G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.21.0/24
                IPv6:
                  2001:678:98::/48

    Signature Algorithm: sha256WithRSAEncryption
         b5:dc:a0:92:09:70:4b:be:4e:fc:52:05:f4:f0:fe:f9:ea:52:
         34:5f:66:5b:a0:51:f4:ee:7e:49:9b:35:75:20:d3:67:5a:8d:
         66:0b:89:4a:32:1d:f0:97:11:85:1a:ce:03:64:dd:da:c3:b8:
         eb:f7:22:23:a0:b0:36:03:2d:cb:08:ae:05:21:b3:ed:df:8c:
         57:07:70:2f:5e:25:78:0d:89:d5:23:ff:b7:99:7c:78:43:86:
         6c:e5:ce:a7:0c:7c:ec:b0:e1:3a:dc:98:ab:bf:a6:93:f2:ec:
         4d:87:1e:aa:ee:74:76:bf:7b:fb:70:64:c6:95:97:9e:c0:b5:
         a3:1e:26:b2:70:06:cc:97:85:60:3a:dd:7e:d0:88:80:f9:b4:
         4e:83:e9:70:74:c5:24:a6:90:19:1f:dc:8f:8b:16:fc:be:21:
         7e:e4:41:20:91:34:14:82:1a:cb:e6:e0:8a:37:0e:61:44:c4:
         f2:c1:9a:f0:a3:8b:6c:04:18:93:79:c4:3e:0d:eb:be:2e:41:
         a6:a8:a3:4d:93:16:3c:30:b5:cb:ac:cd:8b:69:f9:f2:47:0a:
         13:44:50:69:01:58:89:95:1d:20:bb:03:d6:17:28:46:e5:1a:
         34:e4:aa:dc:b6:fa:ff:ef:1f:c0:55:18:f9:9b:53:ea:54:a3:
         63:cc:92:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwFT6J3uNfYxj7gZ1FQeiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDNkNTJjZjVjNzIxNjE2NjM4YTFhYjljM2Q4OWZhOWE5
N2RjNmQwHhcNMjMwMTAyMDEyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDVlOWZjNzIxMWUwMmQ4NWJlYzVlMGZmOGIyNzYzNzZkYmUxMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tIu6VEidS4xfVpjErMANnqiKIKk
Up0L6Bum3HcKSK8Eq1MyKSq+23rqksykYf6k8uQh5vKxLKtpmGlecFgjYGeSu+2o
uszzD06DumhaDtG0HRZZtcSFEoko0kkTWvkqzYnSj9SaGomEXDkVj32lmqj0+B1S
ZflHrZUr5zT5wMnXfUvILXmYYid7riIXyGZlif//owqD2UBd/FdRYzVUTxaCww+3
zhB1qcTdGLuEuRFM9WUxlshZL0ej3gyhTkKm8pLGNrYOIfqS0mG51uPSedPFNqXJ
KO04iIP64dkqmQTl+KtKwcY1QAAAF0qh9+2Cx21mfkA45IMP4roMjXqwdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEBen8chHgLYW+xeD/iydjdtvhJyMB8GA1UdIwQY
MBaAFG5D1Sz1xyFhZjihq5w9ifqal9xtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtQVkxQWEhJV0ZtT0tHcm5EMkotcHFYM0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ZDAzZWEtODcwMi00YjRjLWExMTct
NmIxYzgyY2U3MTZkLzEvUUY2Znh5RWVBdGhiN0Y0UC1MSjJOMjItRW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ZDAzZWEtODcwMi00YjRjLWExMTctNmIxYzgyY2U3MTZk
LzEvYmtQVkxQWEhJV0ZtT0tHcm5EMkotcHFYM0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAVMA8E
AgACMAkDBwAgAQZ4AJgwDQYJKoZIhvcNAQELBQADggEBALXcoJIJcEu+TvxSBfTw
/vnqUjRfZlugUfTufkmbNXUg02dajWYLiUoyHfCXEYUazgNk3drDuOv3IiOgsDYD
LcsIrgUhs+3fjFcHcC9eJXgNidUj/7eZfHhDhmzlzqcMfOyw4TrcmKu/ppPy7E2H
HqrudHa/e/twZMaVl57AtaMeJrJwBsyXhWA63X7QiID5tE6D6XB0xSSmkBkf3I+L
Fvy+IX7kQSCRNBSCGsvm4Io3DmFExPLBmvCji2wEGJN5xD4N674uQaaoo02TFjww
tcuszYtp+fJHChNEUGkBWImVHSC7A9YXKEblGjTkqty2+v/vH8BVGPmbU+pUo2PM
ksI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org