Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/_QnT4UtW-3vnSSEdFiWzSZAo9oo.roa
File:                     _QnT4UtW-3vnSSEdFiWzSZAo9oo.roa (raw, json)
Hash identifier:          yJxpTh/hMD9c1nVL6F4+ETtNC4JyqxVUcvlstL3bM5E=
Subject key identifier:   FD:09:D3:E1:4B:56:FB:7B:E7:49:21:1D:16:25:B3:49:90:28:F6:8A
Certificate issuer:       /CN=a82fb9b3418c458cdbc6cfd684514be24ad0c3c9
Certificate serial:       0189F5E9350ECEBA0B8EB745ACF555D0A948
Authority key identifier: A8:2F:B9:B3:41:8C:45:8C:DB:C6:CF:D6:84:51:4B:E2:4A:D0:C3:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qC-5s0GMRYzbxs_WhFFL4krQw8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/_QnT4UtW-3vnSSEdFiWzSZAo9oo.roa
Signing time:             Mon 14 Aug 2023 21:17:28 +0000
ROA not before:           Mon 14 Aug 2023 21:17:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64428
IP address blocks:        185.165.41.0/24 maxlen: 24
                          185.165.42.0/24 maxlen: 24
                          185.165.40.0/24 maxlen: 24
                          185.165.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f5:e9:35:0e:ce:ba:0b:8e:b7:45:ac:f5:55:d0:a9:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a82fb9b3418c458cdbc6cfd684514be24ad0c3c9
        Validity
            Not Before: Aug 14 21:17:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd09d3e14b56fb7be749211d1625b3499028f68a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:07:23:f0:47:a3:02:48:0c:64:1f:a4:53:54:
                    16:f3:55:b8:04:8d:7b:be:71:dc:54:b2:5c:34:59:
                    d0:fd:42:ce:9b:3b:58:ca:42:85:b7:7d:ca:c2:e1:
                    a1:f5:24:bb:66:52:11:70:55:f0:72:0d:1f:61:8a:
                    ed:f3:7e:ae:9b:c7:c0:49:28:f0:1c:bd:47:bb:d8:
                    f8:01:55:b5:68:7b:c5:f3:6b:b8:cb:97:99:76:b4:
                    3d:23:08:db:d9:2d:a9:b0:4f:b9:57:75:90:51:aa:
                    79:6e:8f:ab:bf:65:0c:d3:12:3a:78:33:24:dd:8d:
                    2a:b7:c6:64:da:50:aa:b8:fc:0d:27:b2:2e:27:2b:
                    ad:60:22:d3:8e:e7:ec:f9:ca:4a:98:e9:8c:ab:7c:
                    49:bf:81:d7:f3:3f:7f:24:f3:c9:b5:47:ef:76:2f:
                    e6:41:7e:b6:02:62:d0:62:e2:bf:19:a2:1b:3e:dd:
                    2b:a5:d9:19:c6:42:e5:d5:dd:cf:71:5a:4b:1a:5a:
                    df:28:a4:fe:e2:4d:ea:2b:24:21:fb:fc:06:60:9a:
                    13:fd:41:64:08:5d:9e:5f:18:f0:03:a4:5c:ec:6f:
                    e4:7f:81:9c:5d:c3:4f:2a:74:24:9f:6e:28:05:e1:
                    a3:d3:dc:41:cc:e0:f3:49:cb:d5:28:de:a8:65:0f:
                    56:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:09:D3:E1:4B:56:FB:7B:E7:49:21:1D:16:25:B3:49:90:28:F6:8A
            X509v3 Authority Key Identifier:
                keyid:A8:2F:B9:B3:41:8C:45:8C:DB:C6:CF:D6:84:51:4B:E2:4A:D0:C3:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qC-5s0GMRYzbxs_WhFFL4krQw8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/_QnT4UtW-3vnSSEdFiWzSZAo9oo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/qC-5s0GMRYzbxs_WhFFL4krQw8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.165.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:0b:76:96:2a:1b:ea:4b:39:0d:5b:82:e7:b1:05:72:cc:d4:
         b3:77:c4:5f:94:cf:ea:b1:0b:db:a3:f7:6a:a4:b6:d3:43:58:
         af:32:15:17:f0:90:16:0a:5f:a4:db:ba:48:0f:27:80:49:91:
         23:36:e3:e0:e1:a4:a2:19:ec:d5:42:31:d9:b7:62:53:80:ca:
         a5:d8:a1:89:f7:f2:11:69:a5:b6:32:7a:18:da:b7:25:a3:b7:
         39:e9:05:79:61:cb:7b:42:fe:04:16:9b:96:45:67:c6:19:85:
         2c:f8:c9:2b:28:20:69:b5:86:ae:67:95:7d:55:6b:e6:f8:c1:
         6d:4b:c0:b6:60:d7:ee:2e:a4:55:4e:06:d5:c9:16:f0:29:c1:
         58:7a:cc:a1:76:26:47:18:d8:bc:5c:e3:a0:5b:5c:04:ac:2f:
         2b:bc:f2:08:1f:d0:c7:0b:f5:27:a1:47:a9:e6:8d:65:da:3d:
         49:6d:f3:9a:70:f7:43:a9:0c:22:fe:fc:89:7f:0b:0c:81:c7:
         28:b1:b2:c8:2b:2c:f7:7e:95:f6:1e:92:05:d3:bf:d1:c4:db:
         89:2d:0c:3d:1c:dc:f6:7c:84:3d:32:fa:41:82:a8:5a:78:13:
         d5:a4:ca:cc:dc:c2:49:5a:5d:d6:20:29:2e:19:56:4c:8f:c2:
         1c:a3:7c:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn16TUOzroLjrdFrPVV0KlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MmZiOWIzNDE4YzQ1OGNkYmM2Y2ZkNjg0NTE0YmUyNGFk
MGMzYzkwHhcNMjMwODE0MjExNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDA5ZDNlMTRiNTZmYjdiZTc0OTIxMWQxNjI1YjM0OTkwMjhmNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwcj8EejAkgMZB+kU1QW81W4BI17
vnHcVLJcNFnQ/ULOmztYykKFt33KwuGh9SS7ZlIRcFXwcg0fYYrt836um8fASSjw
HL1Hu9j4AVW1aHvF82u4y5eZdrQ9Iwjb2S2psE+5V3WQUap5bo+rv2UM0xI6eDMk
3Y0qt8Zk2lCquPwNJ7IuJyutYCLTjufs+cpKmOmMq3xJv4HX8z9/JPPJtUfvdi/m
QX62AmLQYuK/GaIbPt0rpdkZxkLl1d3PcVpLGlrfKKT+4k3qKyQh+/wGYJoT/UFk
CF2eXxjwA6Rc7G/kf4GcXcNPKnQkn24oBeGj09xBzODzScvVKN6oZQ9WiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0J0+FLVvt750khHRYls0mQKPaKMB8GA1UdIwQY
MBaAFKgvubNBjEWM28bP1oRRS+JK0MPJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUMtNXMwR01SWXpieHNfV2hGRkw0a3JRdzhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84YjdmZTktNWRmMi00NzNlLTgwMTgt
YjI2MzQxZDM4YzNmLzEvX1FuVDRVdFctM3ZuU1NFZEZpV3pTWkFvOW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84YjdmZTktNWRmMi00NzNlLTgwMTgtYjI2MzQxZDM4YzNm
LzEvcUMtNXMwR01SWXpieHNfV2hGRkw0a3JRdzhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaUoMA0G
CSqGSIb3DQEBCwUAA4IBAQAnC3aWKhvqSzkNW4LnsQVyzNSzd8RflM/qsQvbo/dq
pLbTQ1ivMhUX8JAWCl+k27pIDyeASZEjNuPg4aSiGezVQjHZt2JTgMql2KGJ9/IR
aaW2MnoY2rclo7c56QV5Yct7Qv4EFpuWRWfGGYUs+MkrKCBptYauZ5V9VWvm+MFt
S8C2YNfuLqRVTgbVyRbwKcFYesyhdiZHGNi8XOOgW1wErC8rvPIIH9DHC/UnoUep
5o1l2j1JbfOacPdDqQwi/vyJfwsMgccosbLIKyz3fpX2HpIF07/RxNuJLQw9HNz2
fIQ9MvpBgqhaeBPVpMrM3MJJWl3WICkuGVZMj8Ico3zm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:35 2024 by rpki-client on console-ams.rpki-client.org