Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/QV-wrkiqUiWC2q2HAAF0yjqOl1c.roa
File:                     QV-wrkiqUiWC2q2HAAF0yjqOl1c.roa (raw, json)
Hash identifier:          bfE/0XiRfFxtzhs2s59aSIRpzwKuGJVjjjeDkOBuex8=
Subject key identifier:   41:5F:B0:AE:48:AA:52:25:82:DA:AD:87:00:01:74:CA:3A:8E:97:57
Certificate issuer:       /CN=bfa0a38f85d2f53053b8c8943d9017b0b8f771ac
Certificate serial:       01856D93DFC5AC0A48C4F5A2F852E1B02652
Authority key identifier: BF:A0:A3:8F:85:D2:F5:30:53:B8:C8:94:3D:90:17:B0:B8:F7:71:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v6Cjj4XS9TBTuMiUPZAXsLj3caw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/QV-wrkiqUiWC2q2HAAF0yjqOl1c.roa
Signing time:             Sun 01 Jan 2023 13:44:45 +0000
ROA not before:           Sun 01 Jan 2023 13:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15404
IP address blocks:        193.58.6.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:93:df:c5:ac:0a:48:c4:f5:a2:f8:52:e1:b0:26:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfa0a38f85d2f53053b8c8943d9017b0b8f771ac
        Validity
            Not Before: Jan  1 13:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=415fb0ae48aa522582daad87000174ca3a8e9757
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b6:86:e0:f0:bf:a1:6a:4d:04:67:8b:48:b2:
                    8c:02:58:be:42:2f:2c:34:23:80:35:9e:fb:33:ba:
                    aa:8f:0f:d4:77:86:7e:b4:aa:90:ca:41:1c:b0:69:
                    90:82:98:a7:cf:9e:a5:20:3f:33:e4:f9:ae:ff:b4:
                    e7:07:6a:6e:47:52:90:d0:a2:33:6f:09:53:57:52:
                    ca:aa:1c:2f:7f:ae:68:3d:e3:23:7e:62:eb:66:3b:
                    30:14:20:e5:89:8d:ee:d4:14:59:13:ce:81:a3:93:
                    37:83:f2:2e:2c:ab:f1:c7:2e:04:b5:90:34:ba:f3:
                    20:e2:d9:35:bf:d1:66:db:a4:ec:5c:cd:20:0f:b7:
                    8b:2c:a8:49:a0:3b:a5:97:30:09:7b:89:f9:82:bd:
                    3e:bd:c9:98:ed:2a:2a:35:f8:4f:88:49:67:23:8e:
                    44:28:0b:ed:4e:8c:1c:4f:93:c4:b4:46:9d:5a:e2:
                    a8:f1:8b:66:8c:74:0f:dd:c3:22:9b:c6:b5:cc:93:
                    38:7f:46:d2:b5:68:58:8c:e4:c6:02:de:c4:1e:56:
                    7b:e0:95:23:23:ca:4e:10:fb:cb:b6:16:3a:8e:2b:
                    6b:e5:18:73:31:46:20:27:9b:e5:66:5e:22:46:cf:
                    b9:09:5d:60:86:f0:17:2a:9c:98:46:6a:a1:f4:3e:
                    f2:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:5F:B0:AE:48:AA:52:25:82:DA:AD:87:00:01:74:CA:3A:8E:97:57
            X509v3 Authority Key Identifier:
                keyid:BF:A0:A3:8F:85:D2:F5:30:53:B8:C8:94:3D:90:17:B0:B8:F7:71:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6Cjj4XS9TBTuMiUPZAXsLj3caw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/QV-wrkiqUiWC2q2HAAF0yjqOl1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/4099d7-c3ce-4721-b0e9-7ab1fa0ba399/1/v6Cjj4XS9TBTuMiUPZAXsLj3caw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.58.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:7f:c0:1c:f5:b0:ec:d0:45:67:68:f7:77:b1:c7:29:d8:cc:
         dc:ae:4d:90:90:b8:5c:a0:e9:ed:52:3c:57:73:28:dd:e5:20:
         6c:27:5a:5e:98:c7:5b:18:71:9c:77:2b:65:ef:65:10:78:dd:
         d0:c2:2a:9b:27:fd:4f:79:89:ed:7d:8a:3c:1d:14:86:90:9a:
         5f:15:57:dc:39:48:52:d4:33:48:52:aa:24:c9:86:d7:a9:22:
         df:fd:ff:98:81:61:c9:7b:5a:bd:80:55:81:8b:f7:df:75:20:
         f1:bc:36:59:dc:34:d6:4a:a3:85:f3:1e:e6:7d:19:31:d6:f3:
         c2:40:4a:bd:04:2c:65:b8:ee:3f:fb:e6:32:d7:a3:f5:55:a3:
         1c:39:b2:6e:56:55:a6:1b:b3:ba:0d:44:7d:11:35:c2:8e:aa:
         30:b9:33:ea:c2:41:f1:9f:65:de:0f:d4:0b:9d:8a:2f:55:c3:
         84:33:67:86:b5:78:09:e3:1a:39:21:d8:61:f8:61:b3:7f:b2:
         9d:86:ce:51:8e:e1:71:1e:35:77:53:76:56:04:1f:e7:f8:59:
         81:78:c8:a2:08:03:f4:68:e7:0e:d3:0f:78:6d:cf:43:20:41:
         ba:ea:b3:4e:67:82:a0:b3:da:94:13:37:28:c1:93:bf:16:6d:
         39:c9:9c:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtk9/FrApIxPWi+FLhsCZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYTBhMzhmODVkMmY1MzA1M2I4Yzg5NDNkOTAxN2IwYjhm
NzcxYWMwHhcNMjMwMTAxMTM0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTVmYjBhZTQ4YWE1MjI1ODJkYWFkODcwMDAxNzRjYTNhOGU5NzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLaG4PC/oWpNBGeLSLKMAli+Qi8s
NCOANZ77M7qqjw/Ud4Z+tKqQykEcsGmQgpinz56lID8z5Pmu/7TnB2puR1KQ0KIz
bwlTV1LKqhwvf65oPeMjfmLrZjswFCDliY3u1BRZE86Bo5M3g/IuLKvxxy4EtZA0
uvMg4tk1v9Fm26TsXM0gD7eLLKhJoDullzAJe4n5gr0+vcmY7SoqNfhPiElnI45E
KAvtTowcT5PEtEadWuKo8YtmjHQP3cMim8a1zJM4f0bStWhYjOTGAt7EHlZ74JUj
I8pOEPvLthY6jitr5RhzMUYgJ5vlZl4iRs+5CV1ghvAXKpyYRmqh9D7ysQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFfsK5IqlIlgtqthwABdMo6jpdXMB8GA1UdIwQY
MBaAFL+go4+F0vUwU7jIlD2QF7C493GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZDamo0WFM5VEJUdU1pVVBaQVhzTGozY2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80MDk5ZDctYzNjZS00NzIxLWIwZTkt
N2FiMWZhMGJhMzk5LzEvUVYtd3JraXFVaVdDMnEySEFBRjB5anFPbDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80MDk5ZDctYzNjZS00NzIxLWIwZTktN2FiMWZhMGJhMzk5
LzEvdjZDamo0WFM5VEJUdU1pVVBaQVhzTGozY2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwToGMA0G
CSqGSIb3DQEBCwUAA4IBAQBTf8Ac9bDs0EVnaPd3sccp2Mzcrk2QkLhcoOntUjxX
cyjd5SBsJ1pemMdbGHGcdytl72UQeN3QwiqbJ/1PeYntfYo8HRSGkJpfFVfcOUhS
1DNIUqokyYbXqSLf/f+YgWHJe1q9gFWBi/ffdSDxvDZZ3DTWSqOF8x7mfRkx1vPC
QEq9BCxluO4/++Yy16P1VaMcObJuVlWmG7O6DUR9ETXCjqowuTPqwkHxn2XeD9QL
nYovVcOEM2eGtXgJ4xo5Idhh+GGzf7Kdhs5RjuFxHjV3U3ZWBB/n+FmBeMiiCAP0
aOcO0w94bc9DIEG66rNOZ4Kgs9qUEzcowZO/Fm05yZx6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:06 2024 by rpki-client on console-fra.rpki-client.org