Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/08aba8-b756-4492-a7ed-6320c460a3f8/1/QKLyWGonSAFBM497NvXAArlD2-w.roa
File:                     QKLyWGonSAFBM497NvXAArlD2-w.roa (raw, json)
Hash identifier:          H+yY2hlpAc1xtc42kSQ3p2itkZkGSkwzEbIj4u9LjZs=
Subject key identifier:   40:A2:F2:58:6A:27:48:01:41:33:8F:7B:36:F5:C0:02:B9:43:DB:EC
Certificate issuer:       /CN=e1cc45e84b078d458adf8d867445c46f8c8d0fae
Certificate serial:       01856B936C9AFFC75EBB2555070A7817E565
Authority key identifier: E1:CC:45:E8:4B:07:8D:45:8A:DF:8D:86:74:45:C4:6F:8C:8D:0F:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4cxF6EsHjUWK342GdEXEb4yND64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/08aba8-b756-4492-a7ed-6320c460a3f8/1/QKLyWGonSAFBM497NvXAArlD2-w.roa
Signing time:             Sun 01 Jan 2023 04:25:01 +0000
ROA not before:           Sun 01 Jan 2023 04:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12297
IP address blocks:        194.1.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:93:6c:9a:ff:c7:5e:bb:25:55:07:0a:78:17:e5:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1cc45e84b078d458adf8d867445c46f8c8d0fae
        Validity
            Not Before: Jan  1 04:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40a2f2586a27480141338f7b36f5c002b943dbec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ce:fd:6c:5d:2d:b2:01:ad:a1:37:90:63:c6:
                    bf:25:77:03:c4:6d:55:5c:b7:fd:82:bf:bf:b3:af:
                    05:e8:e5:62:ea:94:95:cc:92:6a:d1:46:d6:80:84:
                    13:63:a8:99:51:c7:e1:07:e9:88:05:d1:a7:51:85:
                    6c:6f:18:e7:2f:f0:b9:db:de:11:b9:a8:eb:ea:7a:
                    08:52:0b:ea:a6:30:77:72:50:0d:c7:9d:33:40:59:
                    0a:c3:cf:5c:5e:c0:6e:08:16:49:7e:d6:90:af:66:
                    36:e8:c9:1d:f5:ae:9d:b7:63:5f:e4:21:0c:df:fe:
                    40:e9:41:e2:94:d4:ec:06:31:c5:5e:21:01:6c:fd:
                    5f:b7:f7:93:8b:fd:88:e6:71:ea:b9:59:09:83:05:
                    fa:e3:a1:04:d8:8f:28:6e:03:1f:c4:09:47:1c:2a:
                    e4:87:68:85:d9:95:01:b4:90:08:69:e8:f4:c8:04:
                    d0:5b:79:be:c6:c4:3c:69:fd:31:24:81:c3:73:57:
                    7c:5c:5e:29:42:5a:58:fa:79:d6:89:f3:80:ea:81:
                    e8:b9:86:ee:b3:c9:0f:d3:22:e4:fc:8f:3d:4c:c4:
                    25:af:35:29:a1:c9:1a:ab:d3:f2:20:13:ec:1d:f3:
                    5a:37:8d:ce:89:a0:77:fb:66:fb:62:d1:51:70:27:
                    ef:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:A2:F2:58:6A:27:48:01:41:33:8F:7B:36:F5:C0:02:B9:43:DB:EC
            X509v3 Authority Key Identifier:
                keyid:E1:CC:45:E8:4B:07:8D:45:8A:DF:8D:86:74:45:C4:6F:8C:8D:0F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4cxF6EsHjUWK342GdEXEb4yND64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/08aba8-b756-4492-a7ed-6320c460a3f8/1/QKLyWGonSAFBM497NvXAArlD2-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/08aba8-b756-4492-a7ed-6320c460a3f8/1/4cxF6EsHjUWK342GdEXEb4yND64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.1.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:a0:e8:9c:34:80:87:29:f8:d5:16:55:64:fd:c5:1d:a0:e0:
         ed:49:54:78:41:91:c4:ea:fa:c9:32:8d:6a:84:db:2a:91:60:
         58:76:dc:cc:19:61:8d:2d:46:bc:76:29:79:52:3a:47:8d:2f:
         d0:88:33:93:12:b0:f1:fb:97:a9:25:15:13:b9:5f:d7:a5:4c:
         f4:c0:b9:5a:87:3d:6d:fd:39:7d:ee:b8:15:c5:8f:39:68:42:
         c2:c2:78:5b:69:25:69:77:a7:5f:c2:7b:0f:72:a6:b4:6c:f2:
         4c:02:f1:5b:99:51:c8:b7:ee:3d:2e:48:68:01:5a:82:d2:21:
         ba:d0:ee:bf:f0:20:0f:37:d3:1f:d8:5a:a1:63:05:75:62:03:
         f0:60:f9:6f:f2:82:57:f1:68:ce:aa:7c:20:06:6e:10:94:6e:
         40:4e:dd:a2:d5:06:6e:7d:b0:16:53:0a:57:d3:c5:39:7d:ac:
         26:e3:53:ce:0b:e2:06:d8:d8:4d:aa:ef:ba:76:9e:68:33:8e:
         7b:8f:ff:4f:75:52:ce:1c:d5:f9:67:fb:c7:59:25:60:3d:d0:
         83:36:bb:6d:5d:f5:8e:4e:46:47:39:41:31:49:c8:27:3e:b8:
         56:0e:70:cc:d2:c9:e8:43:92:f2:75:48:7c:65:fa:1b:aa:80:
         62:4c:aa:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrk2ya/8deuyVVBwp4F+VlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxY2M0NWU4NGIwNzhkNDU4YWRmOGQ4Njc0NDVjNDZmOGM4
ZDBmYWUwHhcNMjMwMTAxMDQyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGEyZjI1ODZhMjc0ODAxNDEzMzhmN2IzNmY1YzAwMmI5NDNkYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkc79bF0tsgGtoTeQY8a/JXcDxG1V
XLf9gr+/s68F6OVi6pSVzJJq0UbWgIQTY6iZUcfhB+mIBdGnUYVsbxjnL/C5294R
uajr6noIUgvqpjB3clANx50zQFkKw89cXsBuCBZJftaQr2Y26Mkd9a6dt2Nf5CEM
3/5A6UHilNTsBjHFXiEBbP1ft/eTi/2I5nHquVkJgwX646EE2I8obgMfxAlHHCrk
h2iF2ZUBtJAIaej0yATQW3m+xsQ8af0xJIHDc1d8XF4pQlpY+nnWifOA6oHouYbu
s8kP0yLk/I89TMQlrzUpockaq9PyIBPsHfNaN43OiaB3+2b7YtFRcCfvnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECi8lhqJ0gBQTOPezb1wAK5Q9vsMB8GA1UdIwQY
MBaAFOHMRehLB41Fit+NhnRFxG+MjQ+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGN4RjZFc0hqVVdLMzQyR2RFWEViNHlORDY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wOGFiYTgtYjc1Ni00NDkyLWE3ZWQt
NjMyMGM0NjBhM2Y4LzEvUUtMeVdHb25TQUZCTTQ5N052WEFBcmxEMi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wOGFiYTgtYjc1Ni00NDkyLWE3ZWQtNjMyMGM0NjBhM2Y4
LzEvNGN4RjZFc0hqVVdLMzQyR2RFWEViNHlORDY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgGYMA0G
CSqGSIb3DQEBCwUAA4IBAQBXoOicNICHKfjVFlVk/cUdoODtSVR4QZHE6vrJMo1q
hNsqkWBYdtzMGWGNLUa8dil5UjpHjS/QiDOTErDx+5epJRUTuV/XpUz0wLlahz1t
/Tl97rgVxY85aELCwnhbaSVpd6dfwnsPcqa0bPJMAvFbmVHIt+49LkhoAVqC0iG6
0O6/8CAPN9Mf2FqhYwV1YgPwYPlv8oJX8WjOqnwgBm4QlG5ATt2i1QZufbAWUwpX
08U5fawm41POC+IG2NhNqu+6dp5oM457j/9PdVLOHNX5Z/vHWSVgPdCDNrttXfWO
TkZHOUExScgnPrhWDnDM0snoQ5LydUh8ZfobqoBiTKpq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:23 2024 by rpki-client on console-ams.rpki-client.org