Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pq-AETJN4dWXsUgrww3F2Iomag8.roa
File:                     pq-AETJN4dWXsUgrww3F2Iomag8.roa (raw, json)
Hash identifier:          plfOQvVP9+WgLnd2yPjHHJZdhPL8RW7eEEGatD8aaK4=
Subject key identifier:   A6:AF:80:11:32:4D:E1:D5:97:B1:48:2B:C3:0D:C5:D8:8A:26:6A:0F
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0190C15112C6CC94770B0E7D33CAA71D901B
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pq-AETJN4dWXsUgrww3F2Iomag8.roa
Signing time:             Wed 17 Jul 2024 15:30:34 +0000
ROA not before:           Wed 17 Jul 2024 15:30:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        46.37.98.0/24 maxlen: 24
                          46.37.113.0/24 maxlen: 24
                          46.37.122.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 20 Jul 2024 06:08:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:c1:51:12:c6:cc:94:77:0b:0e:7d:33:ca:a7:1d:90:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jul 17 15:30:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a6af8011324de1d597b1482bc30dc5d88a266a0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:0c:cc:4f:a6:49:d4:25:ec:07:68:e0:05:79:
                    6a:0a:06:cd:69:42:09:7e:ab:f8:59:98:c8:49:fa:
                    22:33:91:c5:48:98:21:40:a5:c4:8f:2b:80:45:56:
                    96:7f:fe:49:62:ad:67:b5:e4:10:b5:9a:03:6b:a2:
                    f5:e3:5b:ce:0c:29:be:04:f3:70:ba:8d:74:c0:54:
                    d1:09:cd:67:9a:ac:af:e4:fc:3c:79:0e:d1:56:af:
                    b9:fe:7f:fb:a5:d7:f8:f2:28:32:f5:a7:b0:8e:a1:
                    fa:5c:54:5f:f0:53:9e:80:f0:52:4a:46:79:b4:33:
                    96:bf:4e:af:4c:44:22:63:11:47:9f:67:5a:6e:f4:
                    da:88:95:8d:8a:2a:1d:cc:10:93:19:74:29:67:75:
                    07:1c:f4:8f:24:01:41:8f:00:b4:50:98:3e:88:03:
                    ea:b3:1a:28:1b:3d:79:e0:3a:34:75:15:f4:db:b9:
                    88:2d:34:cd:be:38:77:0b:18:05:a9:8c:40:31:05:
                    b3:81:ab:63:bd:67:2c:aa:a6:ed:86:e9:89:fc:8b:
                    93:2a:8e:c0:4e:f7:7e:fe:8d:38:69:53:0f:3a:05:
                    f3:cd:74:9a:10:4c:a3:81:7d:57:5d:0f:00:43:cb:
                    ad:53:55:75:57:47:b6:57:61:40:c6:45:59:8f:b4:
                    61:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:AF:80:11:32:4D:E1:D5:97:B1:48:2B:C3:0D:C5:D8:8A:26:6A:0F
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/pq-AETJN4dWXsUgrww3F2Iomag8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.98.0/24
                  46.37.113.0/24
                  46.37.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:a5:61:1c:2b:7c:bd:cc:c7:54:bf:9b:6a:f7:05:8e:35:ad:
         e6:df:65:00:17:3f:07:8e:ce:16:4a:1e:f5:31:f0:24:44:4f:
         20:6f:92:f3:dd:21:dd:41:6c:46:ae:a1:2e:4f:6e:7a:80:cf:
         5c:d2:15:4c:fd:46:2d:31:4d:11:53:76:1f:fe:a8:dc:53:61:
         e3:ac:91:2a:bf:6b:64:f1:d5:55:da:c9:f0:81:78:2f:0e:6f:
         df:cb:01:ee:92:98:27:34:60:63:78:42:fa:bc:38:92:58:68:
         c3:2a:49:b4:b3:89:dd:74:1f:aa:c3:1b:ad:58:50:ca:b7:3d:
         43:8a:b6:43:51:cd:de:b4:05:fe:53:bd:9c:5f:d0:f5:39:f4:
         f6:b6:23:b3:d9:9f:f6:bb:3c:84:7a:28:ba:4c:bd:0e:81:8f:
         c1:80:f8:51:5e:6d:95:1d:2f:de:01:48:be:95:84:98:03:7a:
         ce:a0:d7:76:d2:58:dd:0e:f8:0a:19:78:c9:01:bc:08:7a:a9:
         40:2d:9e:54:78:7f:8d:bf:09:40:92:12:ef:39:f4:4a:47:e6:
         1f:1a:b4:6c:a5:d8:a6:b2:02:1a:1a:9f:c5:da:9b:46:39:45:
         d9:8f:f8:2f:03:5c:f7:b3:46:47:75:f2:9e:bd:d6:c8:fe:44:
         08:32:ad:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDBURLGzJR3Cw59M8qnHZAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwNzE3MTUzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFmODAxMTMyNGRlMWQ1OTdiMTQ4MmJjMzBkYzVkODhhMjY2YTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AzMT6ZJ1CXsB2jgBXlqCgbNaUIJ
fqv4WZjISfoiM5HFSJghQKXEjyuARVaWf/5JYq1nteQQtZoDa6L141vODCm+BPNw
uo10wFTRCc1nmqyv5Pw8eQ7RVq+5/n/7pdf48igy9aewjqH6XFRf8FOegPBSSkZ5
tDOWv06vTEQiYxFHn2dabvTaiJWNiiodzBCTGXQpZ3UHHPSPJAFBjwC0UJg+iAPq
sxooGz154Do0dRX027mILTTNvjh3CxgFqYxAMQWzgatjvWcsqqbthumJ/IuTKo7A
Tvd+/o04aVMPOgXzzXSaEEyjgX1XXQ8AQ8utU1V1V0e2V2FAxkVZj7Rh7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKavgBEyTeHVl7FIK8MNxdiKJmoPMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvcHEtQUVUSk40ZFdYc1Vncnd3M0YySW9tYWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV6MA0GCSqGSIb3DQEBCwUAA4IBAQBspWEcK3y9zMdUv5tq9wWONa3m
32UAFz8Hjs4WSh71MfAkRE8gb5Lz3SHdQWxGrqEuT256gM9c0hVM/UYtMU0RU3Yf
/qjcU2HjrJEqv2tk8dVV2snwgXgvDm/fywHukpgnNGBjeEL6vDiSWGjDKkm0s4nd
dB+qwxutWFDKtz1DirZDUc3etAX+U72cX9D1OfT2tiOz2Z/2uzyEeii6TL0OgY/B
gPhRXm2VHS/eAUi+lYSYA3rOoNd20ljdDvgKGXjJAbwIeqlALZ5UeH+NvwlAkhLv
OfRKR+YfGrRspdimsgIaGp/F2ptGOUXZj/gvA1z3s0ZHdfKevdbI/kQIMq05
-----END CERTIFICATE-----
Generated at Sat Jul 20 08:41:22 2024 by rpki-client on console-ams.rpki-client.org