Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/pQTCWqKgEYZZ6dViM25bl6iBYQY.roa
File:                     pQTCWqKgEYZZ6dViM25bl6iBYQY.roa (raw, json)
Hash identifier:          35HVEfzznfOd0Hwn+i/XM4iq99CPrJdxPeDOeBfp0xA=
Subject key identifier:   A5:04:C2:5A:A2:A0:11:86:59:E9:D5:62:33:6E:5B:97:A8:81:61:06
Certificate issuer:       /CN=79730b9ea010d832f940efb589c51889132f4c94
Certificate serial:       018CC9BCC9E01414492630F6A98BE9B2AD33
Authority key identifier: 79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/pQTCWqKgEYZZ6dViM25bl6iBYQY.roa
Signing time:             Tue 02 Jan 2024 10:34:01 +0000
ROA not before:           Tue 02 Jan 2024 10:34:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41955
IP address blocks:        194.26.188.0/22 maxlen: 24
                          185.199.216.0/22 maxlen: 24
                          2a0a:a3c0::/32 maxlen: 32
                          2a0a:a3c0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Wed 17 Jul 2024 09:41:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:c9:e0:14:14:49:26:30:f6:a9:8b:e9:b2:ad:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79730b9ea010d832f940efb589c51889132f4c94
        Validity
            Not Before: Jan  2 10:34:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a504c25aa2a0118659e9d562336e5b97a8816106
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:39:93:54:c4:2f:69:4f:59:89:e8:04:0e:9c:
                    55:b4:41:f0:6c:3b:02:0f:9e:4e:18:a6:93:90:77:
                    da:44:63:d8:16:98:1c:c9:c2:3c:05:d0:22:27:94:
                    fb:2c:a9:ed:00:fc:0d:f1:a1:76:6d:f4:88:9d:6a:
                    0d:e3:f1:09:43:22:87:db:27:99:ca:94:e8:96:24:
                    3e:69:91:7b:3d:3d:3b:88:e2:22:d0:bf:21:ca:a9:
                    ec:62:f4:65:ff:6a:e5:fd:0a:ea:eb:9d:82:f1:eb:
                    66:f9:be:1f:5a:3e:00:1c:10:16:30:85:26:c0:8a:
                    d6:4c:f9:9e:76:f9:31:07:78:4e:99:79:33:2a:81:
                    31:0e:0e:15:ce:ae:c5:c0:44:ae:8f:ab:02:5a:45:
                    75:ba:29:78:0c:65:69:f0:62:78:57:91:59:f3:8f:
                    0a:3f:76:1c:ae:db:80:4b:06:e3:d2:0b:3e:7d:9c:
                    65:e6:1d:47:c9:7a:c4:2f:9f:93:a4:40:ee:f7:a9:
                    9c:59:d8:1b:d1:98:79:5a:b5:fc:18:f2:91:92:0f:
                    31:9a:5c:d5:1a:4c:4c:a9:0f:21:2d:0e:b8:7b:64:
                    af:9c:2d:90:3c:ff:dd:10:f3:c2:25:36:43:6f:32:
                    5b:bf:75:59:f8:0e:a5:60:11:72:00:ed:9d:e0:50:
                    2f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:04:C2:5A:A2:A0:11:86:59:E9:D5:62:33:6E:5B:97:A8:81:61:06
            X509v3 Authority Key Identifier:
                keyid:79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/pQTCWqKgEYZZ6dViM25bl6iBYQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.199.216.0/22
                  194.26.188.0/22
                IPv6:
                  2a0a:a3c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         76:3f:b3:be:92:2a:18:39:24:83:58:d8:7d:0d:92:e2:49:61:
         de:b2:51:df:28:9a:51:f8:6c:95:40:3a:31:b9:63:77:82:06:
         76:b7:95:ce:4a:e9:5d:05:6f:e8:ff:ff:26:17:d8:4f:21:75:
         0b:23:0a:c0:ac:88:4a:5f:d0:7a:2a:25:2d:d0:51:3e:1e:8a:
         5b:7d:6c:c5:66:d9:5d:31:ea:1f:d3:72:3b:fe:f9:94:45:80:
         90:03:72:be:2f:c1:7b:6c:89:c3:c4:c4:4f:ab:7e:d5:1d:5c:
         eb:04:a9:74:56:05:02:76:01:51:a3:3d:37:ae:f4:cb:c5:03:
         7e:52:20:81:0d:21:50:ae:7c:28:04:40:c7:f2:ca:18:0f:f1:
         14:da:94:c8:71:73:c5:72:07:52:c6:44:dc:69:23:ad:0f:e6:
         30:ed:7c:00:f8:11:73:3a:a2:37:6d:e5:67:fa:b1:87:af:d9:
         dc:6a:ca:86:89:57:bc:6c:a9:19:da:2f:2b:be:cf:75:c6:2d:
         6b:f1:0c:61:5f:b3:bc:94:13:42:e3:d3:8e:6c:6f:83:6b:b6:
         8c:12:cd:0e:14:21:72:f9:cd:69:00:19:b4:39:e4:0a:b7:fd:
         ef:56:2d:61:f2:05:e6:46:24:7c:6b:8a:e5:29:3a:de:62:96:
         33:79:84:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvMngFBRJJjD2qYvpsq0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzMwYjllYTAxMGQ4MzJmOTQwZWZiNTg5YzUxODg5MTMy
ZjRjOTQwHhcNMjQwMTAyMTAzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA0YzI1YWEyYTAxMTg2NTllOWQ1NjIzMzZlNWI5N2E4ODE2MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjmTVMQvaU9ZiegEDpxVtEHwbDsC
D55OGKaTkHfaRGPYFpgcycI8BdAiJ5T7LKntAPwN8aF2bfSInWoN4/EJQyKH2yeZ
ypToliQ+aZF7PT07iOIi0L8hyqnsYvRl/2rl/Qrq652C8etm+b4fWj4AHBAWMIUm
wIrWTPmedvkxB3hOmXkzKoExDg4Vzq7FwESuj6sCWkV1uil4DGVp8GJ4V5FZ848K
P3YcrtuASwbj0gs+fZxl5h1HyXrEL5+TpEDu96mcWdgb0Zh5WrX8GPKRkg8xmlzV
GkxMqQ8hLQ64e2SvnC2QPP/dEPPCJTZDbzJbv3VZ+A6lYBFyAO2d4FAvlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKUEwlqioBGGWenVYjNuW5eogWEGMB8GA1UdIwQY
MBaAFHlzC56gENgy+UDvtYnFGIkTL0yUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODct
Mzk2MDVmOTA4MWI3LzEvcFFUQ1dxS2dFWVpaNmRWaU0yNWJsNmlCWVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODctMzk2MDVmOTA4MWI3
LzEvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCucfYAwQC
whq8MA0EAgACMAcDBQAqCqPAMA0GCSqGSIb3DQEBCwUAA4IBAQB2P7O+kioYOSSD
WNh9DZLiSWHeslHfKJpR+GyVQDoxuWN3ggZ2t5XOSuldBW/o//8mF9hPIXULIwrA
rIhKX9B6KiUt0FE+HopbfWzFZtldMeof03I7/vmURYCQA3K+L8F7bInDxMRPq37V
HVzrBKl0VgUCdgFRoz03rvTLxQN+UiCBDSFQrnwoBEDH8soYD/EU2pTIcXPFcgdS
xkTcaSOtD+Yw7XwA+BFzOqI3beVn+rGHr9ncasqGiVe8bKkZ2i8rvs91xi1r8Qxh
X7O8lBNC49OObG+Da7aMEs0OFCFy+c1pABm0OeQKt/3vVi1h8gXmRiR8a4rlKTre
YpYzeYRk
-----END CERTIFICATE-----
Generated at Wed Jul 17 11:14:43 2024 by rpki-client on console-ams.rpki-client.org