Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/Q2WXeCzyQ_GHDpdjLMQWUJ1CNGg.roa
File:                     Q2WXeCzyQ_GHDpdjLMQWUJ1CNGg.roa (raw, json)
Hash identifier:          jAmv/ZFibTJcGGJed2B4kNERYtmXyfSLppiwsy6xk+s=
Subject key identifier:   43:65:97:78:2C:F2:43:F1:87:0E:97:63:2C:C4:16:50:9D:42:34:68
Certificate issuer:       /CN=6f98d1f99e3833ef401d46348eec8b752088c55d
Certificate serial:       01856B9C5F94E053D0470D98B483CBDFD10B
Authority key identifier: 6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/Q2WXeCzyQ_GHDpdjLMQWUJ1CNGg.roa
Signing time:             Sun 01 Jan 2023 04:34:48 +0000
ROA not before:           Sun 01 Jan 2023 04:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212003
IP address blocks:        176.126.158.0/24 maxlen: 24
                          176.126.158.0/23 maxlen: 23
                          176.126.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:9c:5f:94:e0:53:d0:47:0d:98:b4:83:cb:df:d1:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f98d1f99e3833ef401d46348eec8b752088c55d
        Validity
            Not Before: Jan  1 04:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=436597782cf243f1870e97632cc416509d423468
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:65:dd:e6:ff:74:89:54:12:a6:ad:9b:5b:79:
                    a8:58:4d:99:70:02:a0:ca:e1:44:74:69:78:3e:43:
                    99:35:b5:cb:37:a0:ac:50:4e:39:db:50:53:1e:5b:
                    25:f0:fd:02:45:0e:c5:41:c3:57:e5:e2:30:f2:5d:
                    9b:66:b6:31:52:26:3c:6a:8a:67:c4:bd:f9:79:5b:
                    c0:c7:8d:52:78:5d:19:d0:5d:46:64:d3:ed:21:e7:
                    ef:a5:a1:94:8a:55:fb:6c:8b:f8:a5:47:3e:5a:68:
                    eb:47:dd:7f:4e:b8:71:03:76:e2:d5:9c:70:df:d5:
                    d1:89:23:24:14:f9:a5:2d:45:b4:bb:51:5d:68:56:
                    47:e8:7e:fe:7b:0e:df:83:9d:68:72:58:64:70:35:
                    43:00:87:db:ba:d9:a0:66:ab:69:21:7f:be:bd:90:
                    46:43:8c:cb:f5:1c:7a:e8:e1:f1:f7:5b:9e:3e:a1:
                    c2:2c:32:ac:bb:b6:df:32:76:0e:bf:10:d0:50:4f:
                    9a:4a:18:ce:7e:bc:25:67:b8:35:b1:95:63:56:0d:
                    32:20:41:23:c0:1d:83:2d:3d:fe:6e:89:97:ff:57:
                    08:0b:29:cb:10:e0:d1:61:d6:1c:c0:0a:06:76:3d:
                    30:9c:ad:31:84:f0:df:45:78:ca:13:cb:05:4d:54:
                    13:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:65:97:78:2C:F2:43:F1:87:0E:97:63:2C:C4:16:50:9D:42:34:68
            X509v3 Authority Key Identifier:
                keyid:6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/Q2WXeCzyQ_GHDpdjLMQWUJ1CNGg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.126.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         38:9f:94:dd:da:48:80:24:e8:72:4f:26:9d:62:7f:31:63:67:
         91:c8:51:a1:aa:ed:a5:f1:51:f2:e3:7f:3b:73:90:5e:d6:b3:
         7e:e8:d7:c8:4c:1f:fa:10:0f:43:bf:38:39:f9:3d:53:e2:00:
         68:b3:d8:85:aa:c2:81:fa:6c:31:15:89:e0:05:ba:07:52:db:
         56:5a:75:40:26:80:6f:f7:03:68:0a:e7:26:17:48:5f:81:e3:
         1d:1b:de:de:3a:43:87:5e:d5:8d:98:4c:7d:b4:94:77:69:86:
         df:c5:f1:a4:36:91:53:3e:95:38:35:0f:bc:d2:25:a0:0c:e5:
         e9:2a:1d:cf:cd:8c:f1:c7:df:69:53:26:70:27:8b:8d:17:56:
         d7:31:7c:ad:be:be:fd:1d:06:82:e0:3b:90:1f:6a:17:02:cd:
         c8:7a:52:cc:66:37:e5:ea:fe:ba:bb:90:00:ff:e1:99:69:53:
         32:0c:87:07:3e:e1:51:95:c2:94:dd:5c:55:3e:a6:61:5d:36:
         64:ee:c5:c2:6f:bd:dc:a6:6d:74:d8:78:6d:36:bb:ae:16:95:
         15:de:0a:2f:9c:eb:bc:7f:ef:2b:93:53:e8:44:c8:56:13:60:
         2e:99:0c:19:9e:78:25:85:41:cd:f8:a4:c0:f5:c0:40:27:c7:
         53:ea:97:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrnF+U4FPQRw2YtIPL39ELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOThkMWY5OWUzODMzZWY0MDFkNDYzNDhlZWM4Yjc1MjA4
OGM1NWQwHhcNMjMwMTAxMDQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzY1OTc3ODJjZjI0M2YxODcwZTk3NjMyY2M0MTY1MDlkNDIzNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmXd5v90iVQSpq2bW3moWE2ZcAKg
yuFEdGl4PkOZNbXLN6CsUE4521BTHlsl8P0CRQ7FQcNX5eIw8l2bZrYxUiY8aopn
xL35eVvAx41SeF0Z0F1GZNPtIefvpaGUilX7bIv4pUc+WmjrR91/TrhxA3bi1Zxw
39XRiSMkFPmlLUW0u1FdaFZH6H7+ew7fg51oclhkcDVDAIfbutmgZqtpIX++vZBG
Q4zL9Rx66OHx91uePqHCLDKsu7bfMnYOvxDQUE+aShjOfrwlZ7g1sZVjVg0yIEEj
wB2DLT3+bomX/1cICynLEODRYdYcwAoGdj0wnK0xhPDfRXjKE8sFTVQTKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFENll3gs8kPxhw6XYyzEFlCdQjRoMB8GA1UdIwQY
MBaAFG+Y0fmeODPvQB1GNI7si3UgiMVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYt
MDdkNGIxMTVjYzgyLzEvUTJXWGVDenlRX0dIRHBkakxNUVdVSjFDTkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYtMDdkNGIxMTVjYzgy
LzEvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsH6eMA0G
CSqGSIb3DQEBCwUAA4IBAQA4n5Td2kiAJOhyTyadYn8xY2eRyFGhqu2l8VHy4387
c5Be1rN+6NfITB/6EA9Dvzg5+T1T4gBos9iFqsKB+mwxFYngBboHUttWWnVAJoBv
9wNoCucmF0hfgeMdG97eOkOHXtWNmEx9tJR3aYbfxfGkNpFTPpU4NQ+80iWgDOXp
Kh3PzYzxx99pUyZwJ4uNF1bXMXytvr79HQaC4DuQH2oXAs3IelLMZjfl6v66u5AA
/+GZaVMyDIcHPuFRlcKU3VxVPqZhXTZk7sXCb73cpm102HhtNruuFpUV3govnOu8
f+8rk1PoRMhWE2AumQwZnnglhUHN+KTA9cBAJ8dT6pe8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:24 2024 by rpki-client on console-ams.rpki-client.org