Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/qgNdDY5XqOYRP_36eHSdZqIMwpY.roa
File:                     qgNdDY5XqOYRP_36eHSdZqIMwpY.roa (raw, json)
Hash identifier:          qhuII2CWbozbuw5ew4rCTWIBfSAroTMVgFNGxtVePho=
Subject key identifier:   AA:03:5D:0D:8E:57:A8:E6:11:3F:FD:FA:78:74:9D:66:A2:0C:C2:96
Certificate issuer:       /CN=6faae55613fc89586f7bd6de0edca097b8615a6a
Certificate serial:       018699402E56D8B61AEE47954E3A5495B688
Authority key identifier: 6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/qgNdDY5XqOYRP_36eHSdZqIMwpY.roa
Signing time:             Tue 28 Feb 2023 18:19:25 +0000
ROA not before:           Tue 28 Feb 2023 18:19:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29488
IP address blocks:        217.74.176.0/20 maxlen: 20
                          2001:1a30::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 01 Mar 2023 07:08:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:99:40:2e:56:d8:b6:1a:ee:47:95:4e:3a:54:95:b6:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6faae55613fc89586f7bd6de0edca097b8615a6a
        Validity
            Not Before: Feb 28 18:19:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa035d0d8e57a8e6113ffdfa78749d66a20cc296
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:2e:3c:2f:c0:a7:b0:af:7c:0f:62:de:1e:f5:
                    78:6f:98:fa:3b:54:ae:50:38:f8:4d:83:ab:5a:f5:
                    81:23:2b:9f:75:4e:50:b3:94:94:fa:ba:41:85:47:
                    9e:31:04:95:08:91:69:5a:72:73:15:c6:b7:df:f1:
                    d2:8c:39:58:c2:2f:9d:5d:07:88:3b:55:c1:38:31:
                    d0:66:d2:3d:72:65:1e:df:8f:b2:4b:91:e2:67:47:
                    e3:09:c4:92:64:a8:dc:97:7f:74:39:c2:e8:2b:d9:
                    e8:c9:b8:f4:3e:f4:a2:e4:c6:4d:23:dc:7d:3e:e0:
                    48:a2:2a:b5:ec:9f:4d:29:a4:6e:da:1f:a0:08:cf:
                    a5:3f:6b:b3:58:15:17:7e:6a:f8:a2:3c:75:d2:a7:
                    08:e2:1c:94:16:90:a7:cc:a9:2e:ef:26:b7:07:7d:
                    b0:5d:7d:c8:5f:48:ad:82:cb:a4:b9:b4:b2:cd:ea:
                    ab:bf:ce:b4:fb:7b:bf:21:7b:ca:1e:42:10:40:39:
                    07:8b:0c:9d:d1:45:c0:c9:8c:5e:6a:b4:de:93:3a:
                    bb:6d:d1:50:81:01:4c:de:cb:f7:a1:1e:96:8a:fa:
                    ff:d7:cd:a5:f5:c4:c4:86:81:dc:56:1b:56:15:5d:
                    39:5e:a4:2b:80:15:ce:2d:db:ea:dd:91:e2:08:b7:
                    b0:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:03:5D:0D:8E:57:A8:E6:11:3F:FD:FA:78:74:9D:66:A2:0C:C2:96
            X509v3 Authority Key Identifier:
                keyid:6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/qgNdDY5XqOYRP_36eHSdZqIMwpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/b6rlVhP8iVhve9beDtygl7hhWmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.74.176.0/20
                IPv6:
                  2001:1a30::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:e9:5f:14:0c:0e:37:eb:15:3a:d4:59:73:0b:e1:d1:07:ed:
         ee:4d:cb:3b:28:fe:02:81:cc:23:8e:8f:8b:16:fe:b3:45:37:
         b6:9f:3d:93:60:ac:fa:e6:9b:51:0e:bb:87:09:41:ca:97:ca:
         a2:40:bf:62:c1:27:6f:d6:73:5a:c2:c3:74:3e:99:5e:a4:71:
         d2:fe:bf:47:14:da:2d:08:ad:53:f4:3f:a7:07:78:33:05:78:
         fc:c2:05:fd:ba:e6:1f:db:c7:a9:62:2c:62:31:3d:b6:22:d6:
         53:18:50:24:a0:48:ec:07:b4:f6:da:80:ae:f5:5f:65:74:4d:
         2a:d5:22:27:24:c3:11:38:d1:a0:89:e5:0f:4e:63:6f:f8:c6:
         5c:c3:b8:92:6e:e6:8f:1f:41:d7:79:c9:fb:07:98:0c:f9:7d:
         8a:92:da:fe:4b:ae:e7:04:0b:a1:dc:6e:24:f3:7d:cb:71:96:
         58:94:e4:77:e2:95:06:68:9a:8e:b0:bf:41:20:df:38:50:eb:
         35:c3:38:4d:4d:af:b3:ca:04:87:53:fa:03:9e:99:b1:3e:a1:
         16:5f:99:60:fb:a7:6d:39:86:09:31:76:ec:57:a4:13:ce:de:
         95:c6:45:62:49:62:03:91:99:17:d6:c1:73:ef:9b:a0:c9:1f:
         63:12:20:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaZQC5W2LYa7keVTjpUlbaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYWFlNTU2MTNmYzg5NTg2ZjdiZDZkZTBlZGNhMDk3Yjg2
MTVhNmEwHhcNMjMwMjI4MTgxOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTAzNWQwZDhlNTdhOGU2MTEzZmZkZmE3ODc0OWQ2NmEyMGNjMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny48L8CnsK98D2LeHvV4b5j6O1Su
UDj4TYOrWvWBIyufdU5Qs5SU+rpBhUeeMQSVCJFpWnJzFca33/HSjDlYwi+dXQeI
O1XBODHQZtI9cmUe34+yS5HiZ0fjCcSSZKjcl390OcLoK9noybj0PvSi5MZNI9x9
PuBIoiq17J9NKaRu2h+gCM+lP2uzWBUXfmr4ojx10qcI4hyUFpCnzKku7ya3B32w
XX3IX0itgsukubSyzeqrv860+3u/IXvKHkIQQDkHiwyd0UXAyYxearTekzq7bdFQ
gQFM3sv3oR6Wivr/182l9cTEhoHcVhtWFV05XqQrgBXOLdvq3ZHiCLewaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKoDXQ2OV6jmET/9+nh0nWaiDMKWMB8GA1UdIwQY
MBaAFG+q5VYT/IlYb3vW3g7coJe4YVpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUt
MWIxMjY0MWY0OTNiLzEvcWdOZERZNVhxT1lSUF8zNmVIU2RacUlNd3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUtMWIxMjY0MWY0OTNi
LzEvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UqwMA0E
AgACMAcDBQAgARowMA0GCSqGSIb3DQEBCwUAA4IBAQA76V8UDA436xU61FlzC+HR
B+3uTcs7KP4Cgcwjjo+LFv6zRTe2nz2TYKz65ptRDruHCUHKl8qiQL9iwSdv1nNa
wsN0PplepHHS/r9HFNotCK1T9D+nB3gzBXj8wgX9uuYf28epYixiMT22ItZTGFAk
oEjsB7T22oCu9V9ldE0q1SInJMMRONGgieUPTmNv+MZcw7iSbuaPH0HXecn7B5gM
+X2Kktr+S67nBAuh3G4k833LcZZYlOR34pUGaJqOsL9BIN84UOs1wzhNTa+zygSH
U/oDnpmxPqEWX5lg+6dtOYYJMXbsV6QTzt6VxkViSWIDkZkX1sFz75ugyR9jEiAD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:58 2024 by rpki-client on console-fra.rpki-client.org