Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/2qgSeeqcJEWS44nkbb4YStXxNrU.roa
File:                     2qgSeeqcJEWS44nkbb4YStXxNrU.roa (raw, json)
Hash identifier:          mthI9+3TSW6A4kYqz5VnX/XbUo5E/WpniXx3PX3zPTE=
Subject key identifier:   DA:A8:12:79:EA:9C:24:45:92:E3:89:E4:6D:BE:18:4A:D5:F1:36:B5
Certificate issuer:       /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial:       0189918CBDD8B28BDAA52C9D76C9399EBC89
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/2qgSeeqcJEWS44nkbb4YStXxNrU.roa
Signing time:             Wed 26 Jul 2023 09:34:27 +0000
ROA not before:           Wed 26 Jul 2023 09:34:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        94.26.89.0/24 maxlen: 24
                          93.152.218.0/24 maxlen: 24
                          93.152.226.0/24 maxlen: 24
                          93.152.222.0/24 maxlen: 24
                          93.152.227.0/24 maxlen: 24
                          212.102.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:91:8c:bd:d8:b2:8b:da:a5:2c:9d:76:c9:39:9e:bc:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
        Validity
            Not Before: Jul 26 09:34:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=daa81279ea9c244592e389e46dbe184ad5f136b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:21:1b:78:f5:1c:96:2f:58:01:05:29:8e:3d:
                    e3:d9:64:79:7a:21:0b:fa:54:9e:dc:eb:94:0a:f2:
                    ba:47:43:d6:a8:a5:c3:5e:91:5a:1a:8d:12:d4:c0:
                    9c:f9:75:61:94:ed:98:1f:8b:aa:41:bd:9c:eb:3a:
                    d4:95:8b:f1:54:de:07:ae:68:d1:95:41:cd:50:11:
                    b3:45:ba:77:06:37:cd:22:a6:47:3d:7f:7d:9c:de:
                    3a:10:c8:83:3f:94:27:a0:62:4c:16:43:39:68:53:
                    60:d2:fc:20:8c:65:46:05:36:03:57:3a:0b:b2:ee:
                    6f:d5:f5:fa:33:40:30:34:57:67:72:c1:83:ee:fa:
                    59:d6:37:64:f3:46:c2:77:ec:20:77:83:a8:6a:78:
                    dd:45:7d:d0:52:b1:02:d5:c4:c9:6a:98:38:0b:ec:
                    e7:21:59:b2:97:70:6c:27:d2:2b:60:43:b5:60:b2:
                    7a:d7:a7:86:27:d5:2c:a9:65:a5:c1:62:f3:9d:76:
                    b6:fb:ef:ad:40:b8:a6:4a:43:5e:bb:b2:64:47:41:
                    b9:a6:a9:0d:72:b1:8b:f4:a5:36:67:21:19:e3:f1:
                    71:96:f1:dc:9d:c4:98:cf:50:ff:35:1f:c8:12:30:
                    b5:b4:2a:79:53:5c:2c:b7:5b:3c:e9:ff:08:06:9c:
                    cf:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:A8:12:79:EA:9C:24:45:92:E3:89:E4:6D:BE:18:4A:D5:F1:36:B5
            X509v3 Authority Key Identifier:
                keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/2qgSeeqcJEWS44nkbb4YStXxNrU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.152.218.0/24
                  93.152.222.0/24
                  93.152.226.0/23
                  94.26.89.0/24
                  212.102.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:4e:f0:10:27:ac:cc:e0:82:f2:7d:0c:22:ed:9e:12:0d:e5:
         96:9d:69:56:06:48:a8:5c:2f:f4:0b:ff:ef:68:c2:34:e6:6a:
         a2:a8:f6:63:67:60:82:68:79:bd:61:c1:c0:f4:97:ff:c5:93:
         c7:d9:00:f0:57:90:7f:94:80:ed:57:e3:a3:9e:cf:88:94:96:
         0e:3d:22:88:b5:26:bf:a5:16:19:8a:21:b5:f6:04:8d:c0:64:
         61:55:22:c3:2b:3a:2a:eb:75:19:89:ce:1f:2e:2e:9a:41:26:
         96:67:a8:63:56:c2:dd:19:e3:f9:96:8b:ff:f5:e0:4e:d8:e9:
         52:31:cc:19:fe:ea:3a:e4:68:61:60:68:e3:2a:6a:ee:8d:ea:
         ef:17:57:f0:7c:e6:1f:4b:bd:cc:d2:4a:3a:ab:8a:02:4c:76:
         5f:39:5d:91:89:3f:bd:ee:36:1f:45:d0:8d:9f:e3:b1:24:c6:
         84:e2:01:ef:06:ee:93:74:3c:c9:e4:69:2f:fb:a4:77:16:1f:
         6b:89:1e:ae:cb:e3:8b:41:02:93:f3:c5:b3:f0:74:94:8e:07:
         73:50:9c:e2:23:ff:f3:20:2f:4b:b1:7a:f5:9e:f7:52:cb:5e:
         d9:ae:10:7f:1b:6a:f1:1e:2c:44:3a:8b:d8:55:53:c1:08:b4:
         de:9c:2f:93
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmRjL3YsovapSyddsk5nryJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNzI2MDkzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWE4MTI3OWVhOWMyNDQ1OTJlMzg5ZTQ2ZGJlMTg0YWQ1ZjEzNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCEbePUcli9YAQUpjj3j2WR5eiEL
+lSe3OuUCvK6R0PWqKXDXpFaGo0S1MCc+XVhlO2YH4uqQb2c6zrUlYvxVN4HrmjR
lUHNUBGzRbp3BjfNIqZHPX99nN46EMiDP5QnoGJMFkM5aFNg0vwgjGVGBTYDVzoL
su5v1fX6M0AwNFdncsGD7vpZ1jdk80bCd+wgd4OoanjdRX3QUrEC1cTJapg4C+zn
IVmyl3BsJ9IrYEO1YLJ616eGJ9UsqWWlwWLznXa2+++tQLimSkNeu7JkR0G5pqkN
crGL9KU2ZyEZ4/FxlvHcncSYz1D/NR/IEjC1tCp5U1wst1s86f8IBpzPbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNqoEnnqnCRFkuOJ5G2+GErV8Ta1MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvMnFnU2VlcWNKRVdTNDRua2JiNFlTdFh4TnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXZjaAwQA
XZjeAwQBXZjiAwQAXhpZAwQA1GZpMA0GCSqGSIb3DQEBCwUAA4IBAQCtTvAQJ6zM
4ILyfQwi7Z4SDeWWnWlWBkioXC/0C//vaMI05mqiqPZjZ2CCaHm9YcHA9Jf/xZPH
2QDwV5B/lIDtV+Ojns+IlJYOPSKItSa/pRYZiiG19gSNwGRhVSLDKzoq63UZic4f
Li6aQSaWZ6hjVsLdGeP5lov/9eBO2OlSMcwZ/uo65GhhYGjjKmrujervF1fwfOYf
S73M0ko6q4oCTHZfOV2RiT+97jYfRdCNn+OxJMaE4gHvBu6TdDzJ5Gkv+6R3Fh9r
iR6uy+OLQQKT88Wz8HSUjgdzUJziI//zIC9LsXr1nvdSy17ZrhB/G2rxHixEOovY
VVPBCLTenC+T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:26 2024 by rpki-client on console-ams.rpki-client.org