Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/sQSPH6fGMo3SS7coAVFwD_6Q0GU.roa
File:                     sQSPH6fGMo3SS7coAVFwD_6Q0GU.roa (raw, json)
Hash identifier:          Nq7XQBVB3u20mctYbi4qKC+gD2BR2DEp+XFJp/ZPAY0=
Subject key identifier:   B1:04:8F:1F:A7:C6:32:8D:D2:4B:B7:28:01:51:70:0F:FE:90:D0:65
Certificate issuer:       /CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4
Certificate serial:       018CC3DCACDD0D4CC490F97702676EF6ABCF
Authority key identifier: C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/sQSPH6fGMo3SS7coAVFwD_6Q0GU.roa
Signing time:             Mon 01 Jan 2024 07:11:08 +0000
ROA not before:           Mon 01 Jan 2024 07:11:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207661
IP address blocks:        194.32.161.0/24 maxlen: 24
                          2a05:5100::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:dc:ac:dd:0d:4c:c4:90:f9:77:02:67:6e:f6:ab:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4
        Validity
            Not Before: Jan  1 07:11:08 2024 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1048f1fa7c6328dd24bb7280151700ffe90d065
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:94:82:07:31:ff:9d:83:0f:9e:37:69:e1:58:
                    01:18:11:90:06:9c:34:e9:fb:d4:93:7f:dd:fa:14:
                    02:b2:35:a3:fc:52:ef:c3:60:ca:2a:b4:58:69:d8:
                    77:f2:d0:58:ee:b6:a5:68:ea:ce:93:61:8c:ba:35:
                    7f:3a:ff:08:c2:9f:26:04:8c:87:e8:91:40:11:9d:
                    a8:c3:0c:b5:fa:2e:9b:30:b5:ad:aa:df:e7:0f:36:
                    eb:1c:94:c7:3b:08:34:a3:ee:54:ac:9e:d9:f4:f3:
                    85:b5:04:bc:37:b3:56:ba:27:8e:83:b3:51:63:38:
                    49:24:40:af:31:68:08:17:da:e3:cb:57:ab:74:6b:
                    69:3e:89:31:85:3e:02:15:6b:e2:1a:7b:34:13:f5:
                    52:0e:2f:08:09:ab:0a:bd:b9:22:61:1b:04:5b:b2:
                    ba:ae:67:3c:38:c0:58:fc:88:78:a8:ea:a2:7e:f6:
                    41:37:aa:67:b3:21:77:4a:b4:e1:b8:83:bc:02:ab:
                    23:f4:f9:b6:19:36:55:af:f7:04:8c:9a:f4:c5:83:
                    55:7a:d4:16:bd:98:82:87:e3:b2:2f:ee:b0:27:e4:
                    19:a1:15:8b:93:b8:37:12:97:63:ec:1d:eb:9a:33:
                    0f:34:59:22:73:ae:56:a1:95:e9:f9:f3:88:dc:09:
                    73:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:04:8F:1F:A7:C6:32:8D:D2:4B:B7:28:01:51:70:0F:FE:90:D0:65
            X509v3 Authority Key Identifier:
                keyid:C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/sQSPH6fGMo3SS7coAVFwD_6Q0GU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.161.0/24
                IPv6:
                  2a05:5100::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:7d:15:dd:88:cd:a8:f6:9b:75:14:22:dd:a8:fd:73:a2:7d:
         f0:35:32:39:07:d6:0f:9f:54:49:98:5c:9b:a2:b2:f6:54:74:
         c1:86:f7:d0:0f:de:8a:5a:a3:b6:3f:ce:56:86:46:ca:aa:3c:
         b2:2a:15:a4:a0:ce:14:1b:33:c9:19:01:0f:c0:12:29:e5:32:
         5a:bc:ea:bb:20:80:57:4d:17:cb:4a:d6:34:b1:de:ea:ac:6e:
         a4:99:9b:0b:76:ac:f3:bd:43:1c:ed:73:37:06:f7:f9:73:da:
         3b:80:6c:dd:af:14:90:21:3d:ca:b0:71:fe:29:ff:64:7e:00:
         b8:b7:a5:a5:ee:89:80:4a:20:16:57:1a:09:f5:8e:50:94:26:
         b9:ef:92:a1:04:47:92:90:d4:f1:01:82:f2:5a:d2:e6:d4:4f:
         dc:b2:50:9e:c3:fa:87:45:47:e6:1c:14:53:b4:60:7f:0c:df:
         65:f8:3a:4a:22:88:23:e2:3f:26:e9:2c:f2:55:5c:0b:50:06:
         51:ca:24:aa:c8:42:bf:76:6c:43:b2:98:6e:fa:9f:31:a6:a6:
         43:ac:1a:d4:6a:6d:54:fe:60:32:29:a1:3b:12:4a:49:b5:bf:
         7f:5d:c3:fd:8d:f1:c2:a0:3e:a9:64:49:17:a1:76:f7:21:97:
         55:6e:5a:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzD3KzdDUzEkPl3Amdu9qvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTg1MDE3M2M4ZDI4ZDVhZmJmOTEwOTFjYTYzZTVkYTNj
NzVlZDQwHhcNMjQwMTAxMDcxMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA0OGYxZmE3YzYzMjhkZDI0YmI3MjgwMTUxNzAwZmZlOTBkMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5SCBzH/nYMPnjdp4VgBGBGQBpw0
6fvUk3/d+hQCsjWj/FLvw2DKKrRYadh38tBY7ralaOrOk2GMujV/Ov8Iwp8mBIyH
6JFAEZ2owwy1+i6bMLWtqt/nDzbrHJTHOwg0o+5UrJ7Z9POFtQS8N7NWuieOg7NR
YzhJJECvMWgIF9rjy1erdGtpPokxhT4CFWviGns0E/VSDi8ICasKvbkiYRsEW7K6
rmc8OMBY/Ih4qOqifvZBN6pnsyF3SrThuIO8Aqsj9Pm2GTZVr/cEjJr0xYNVetQW
vZiCh+OyL+6wJ+QZoRWLk7g3Epdj7B3rmjMPNFkic65WoZXp+fOI3Alz0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLEEjx+nxjKN0ku3KAFRcA/+kNBlMB8GA1UdIwQY
MBaAFMYYUBc8jSjVr7+RCRymPl2jx17UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUt
YmI4ZGViYzAwMzg4LzEvc1FTUEg2ZkdNbzNTUzdjb0FWRndEXzZRMEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUtYmI4ZGViYzAwMzg4
LzEveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwiChMA8E
AgACMAkDBwAqBVEAAAAwDQYJKoZIhvcNAQELBQADggEBABB9Fd2Izaj2m3UUIt2o
/XOiffA1MjkH1g+fVEmYXJuisvZUdMGG99AP3opao7Y/zlaGRsqqPLIqFaSgzhQb
M8kZAQ/AEinlMlq86rsggFdNF8tK1jSx3uqsbqSZmwt2rPO9QxztczcG9/lz2juA
bN2vFJAhPcqwcf4p/2R+ALi3paXuiYBKIBZXGgn1jlCUJrnvkqEER5KQ1PEBgvJa
0ubUT9yyUJ7D+odFR+YcFFO0YH8M32X4OkoiiCPiPybpLPJVXAtQBlHKJKrIQr92
bEOymG76nzGmpkOsGtRqbVT+YDIpoTsSSkm1v39dw/2N8cKgPqlkSRehdvchl1Vu
WrE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:33 2024 by rpki-client on console-ams.rpki-client.org