Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/39f1e0-3627-492f-ae93-8b07acd07c94/1/cQLO_Qla_BZKxRPd-qt7zuV1syA.roa
File:                     cQLO_Qla_BZKxRPd-qt7zuV1syA.roa (raw, json)
Hash identifier:          9tQfAP1n7h2x3tjflekfQMuieEm+o+zP5izj/xLFWKA=
Subject key identifier:   71:02:CE:FD:09:5A:FC:16:4A:C5:13:DD:FA:AB:7B:CE:E5:75:B3:20
Certificate issuer:       /CN=6b5cceaa974b2905acb262af452c02280316aabb
Certificate serial:       018E2DA4E511F5B23C0D6F8B24AE7DDFFA98
Authority key identifier: 6B:5C:CE:AA:97:4B:29:05:AC:B2:62:AF:45:2C:02:28:03:16:AA:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1zOqpdLKQWssmKvRSwCKAMWqrs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/39f1e0-3627-492f-ae93-8b07acd07c94/1/cQLO_Qla_BZKxRPd-qt7zuV1syA.roa
Signing time:             Mon 11 Mar 2024 13:12:45 +0000
ROA not before:           Mon 11 Mar 2024 13:12:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39637
IP address blocks:        45.91.122.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 11:57:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:2d:a4:e5:11:f5:b2:3c:0d:6f:8b:24:ae:7d:df:fa:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5cceaa974b2905acb262af452c02280316aabb
        Validity
            Not Before: Mar 11 13:12:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7102cefd095afc164ac513ddfaab7bcee575b320
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:a9:a8:39:6f:72:1b:d2:99:d8:9b:50:3e:da:
                    1c:44:f9:37:9a:17:b0:44:8f:f2:52:7e:6d:cd:2c:
                    e1:64:b0:46:10:03:67:a0:68:c4:e5:14:cb:95:ca:
                    41:4f:9c:b9:91:6c:38:53:d2:04:46:44:f6:5d:d1:
                    47:6a:23:bb:c9:2f:c1:56:da:2a:28:43:0c:ed:e1:
                    38:92:6a:1a:88:c6:81:59:01:58:af:12:62:c4:79:
                    ae:b8:3c:71:3d:9c:0d:fa:de:d1:07:f9:23:b5:97:
                    e7:94:b7:d5:37:3a:62:44:22:23:63:87:83:fa:e6:
                    4a:64:e1:87:a7:55:50:83:0e:68:84:9b:90:25:45:
                    69:e8:21:11:24:65:13:da:01:ac:9e:c8:0c:df:56:
                    f5:89:34:21:d6:1a:2b:ab:e9:6b:1b:17:0d:d8:ae:
                    83:d0:45:32:74:81:99:32:6e:34:86:6b:3c:b2:03:
                    92:c2:c0:4a:3d:4b:6b:03:27:5e:5a:66:c7:9a:36:
                    a1:d9:7c:b2:da:18:a9:7d:55:cd:72:1a:ec:9e:d8:
                    2f:2a:5c:e4:92:dd:0f:77:a9:b6:10:d9:34:93:87:
                    34:0e:d0:59:d3:8a:29:81:d0:c2:bd:2f:cc:da:d1:
                    73:19:cd:17:48:b0:39:b0:2a:9b:7c:50:ea:e1:f3:
                    0c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:02:CE:FD:09:5A:FC:16:4A:C5:13:DD:FA:AB:7B:CE:E5:75:B3:20
            X509v3 Authority Key Identifier:
                keyid:6B:5C:CE:AA:97:4B:29:05:AC:B2:62:AF:45:2C:02:28:03:16:AA:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1zOqpdLKQWssmKvRSwCKAMWqrs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/39f1e0-3627-492f-ae93-8b07acd07c94/1/cQLO_Qla_BZKxRPd-qt7zuV1syA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/39f1e0-3627-492f-ae93-8b07acd07c94/1/a1zOqpdLKQWssmKvRSwCKAMWqrs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:6e:45:21:37:3d:66:40:19:a9:d0:23:97:1e:3e:9d:f2:d3:
         7e:63:32:48:3b:29:c3:41:d4:f8:cc:a4:76:75:0e:fb:10:ea:
         e2:a6:e4:e1:c3:20:dc:97:ec:ed:06:b3:16:a5:e7:78:ac:cb:
         54:ea:1a:de:4a:91:5b:ba:b2:45:03:fa:e6:18:ce:00:bf:94:
         fa:3a:4d:d0:80:b1:0f:dd:5d:81:bf:20:19:98:71:a5:59:b9:
         37:aa:d5:f1:a2:5b:f3:18:84:83:8a:80:c3:64:cc:ef:aa:f8:
         94:bf:c3:de:1c:40:80:83:b5:2f:c7:91:d3:5d:9d:a9:13:5f:
         c2:ba:f1:b8:7c:36:09:42:2d:b2:85:ac:77:59:19:8f:40:75:
         f0:fd:f7:21:d8:4f:9f:d4:97:4a:bb:eb:79:09:01:1e:fa:aa:
         56:fe:61:d4:3d:30:88:74:fa:13:28:a8:77:8b:ba:55:3e:e0:
         d9:da:b1:24:36:88:28:fc:0a:62:b9:6c:17:39:95:18:55:3e:
         f3:f5:76:6f:ed:b4:55:b5:bd:ad:1b:25:de:1f:de:02:e7:3e:
         27:ec:90:01:c9:b0:c1:23:e2:5e:c9:5e:9a:84:84:11:49:1d:
         43:e3:64:78:46:22:cb:b0:dd:9a:12:47:77:16:e3:92:9e:d9:
         7b:e0:f5:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4tpOUR9bI8DW+LJK593/qYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWNjZWFhOTc0YjI5MDVhY2IyNjJhZjQ1MmMwMjI4MDMx
NmFhYmIwHhcNMjQwMzExMTMxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTAyY2VmZDA5NWFmYzE2NGFjNTEzZGRmYWFiN2JjZWU1NzViMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmamoOW9yG9KZ2JtQPtocRPk3mhew
RI/yUn5tzSzhZLBGEANnoGjE5RTLlcpBT5y5kWw4U9IERkT2XdFHaiO7yS/BVtoq
KEMM7eE4kmoaiMaBWQFYrxJixHmuuDxxPZwN+t7RB/kjtZfnlLfVNzpiRCIjY4eD
+uZKZOGHp1VQgw5ohJuQJUVp6CERJGUT2gGsnsgM31b1iTQh1horq+lrGxcN2K6D
0EUydIGZMm40hms8sgOSwsBKPUtrAydeWmbHmjah2Xyy2hipfVXNchrsntgvKlzk
kt0Pd6m2ENk0k4c0DtBZ04opgdDCvS/M2tFzGc0XSLA5sCqbfFDq4fMMewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHECzv0JWvwWSsUT3fqre87ldbMgMB8GA1UdIwQY
MBaAFGtczqqXSykFrLJir0UsAigDFqq7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTF6T3FwZExLUVdzc21LdlJTd0NLQU1XcXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zOWYxZTAtMzYyNy00OTJmLWFlOTMt
OGIwN2FjZDA3Yzk0LzEvY1FMT19RbGFfQlpLeFJQZC1xdDd6dVYxc3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zOWYxZTAtMzYyNy00OTJmLWFlOTMtOGIwN2FjZDA3Yzk0
LzEvYTF6T3FwZExLUVdzc21LdlJTd0NLQU1XcXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVt6MA0G
CSqGSIb3DQEBCwUAA4IBAQB4bkUhNz1mQBmp0COXHj6d8tN+YzJIOynDQdT4zKR2
dQ77EOripuThwyDcl+ztBrMWped4rMtU6hreSpFburJFA/rmGM4Av5T6Ok3QgLEP
3V2BvyAZmHGlWbk3qtXxolvzGISDioDDZMzvqviUv8PeHECAg7Uvx5HTXZ2pE1/C
uvG4fDYJQi2yhax3WRmPQHXw/fch2E+f1JdKu+t5CQEe+qpW/mHUPTCIdPoTKKh3
i7pVPuDZ2rEkNogo/ApiuWwXOZUYVT7z9XZv7bRVtb2tGyXeH94C5z4n7JABybDB
I+JeyV6ahIQRSR1D42R4RiLLsN2aEkd3FuOSntl74PVq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:04 2024 by rpki-client on console-fra.rpki-client.org