Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/QdoVcndh5u2ZqyjVKmm1ezB_k-Q.roa
File:                     QdoVcndh5u2ZqyjVKmm1ezB_k-Q.roa (raw, json)
Hash identifier:          ZEaC37FCVJIwwQVEEE+iJptpf7FqLzjSkmAa6q3Ds1A=
Subject key identifier:   41:DA:15:72:77:61:E6:ED:99:AB:28:D5:2A:69:B5:7B:30:7F:93:E4
Certificate issuer:       /CN=843be8639f4039993c1f6e7879f4729e47dc37ae
Certificate serial:       018CC50056901E8EE51E124EA07E44E6C7C6
Authority key identifier: 84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/QdoVcndh5u2ZqyjVKmm1ezB_k-Q.roa
Signing time:             Mon 01 Jan 2024 12:29:42 +0000
ROA not before:           Mon 01 Jan 2024 12:29:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199800
IP address blocks:        185.45.140.0/23 maxlen: 23
                          185.45.142.0/24 maxlen: 24
                          2a01:8020::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 18:26:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:56:90:1e:8e:e5:1e:12:4e:a0:7e:44:e6:c7:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=843be8639f4039993c1f6e7879f4729e47dc37ae
        Validity
            Not Before: Jan  1 12:29:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=41da15727761e6ed99ab28d52a69b57b307f93e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:27:88:38:e2:79:e8:26:17:77:ee:d5:46:e8:
                    80:80:3b:16:36:3d:d3:c6:e4:b4:9f:a3:da:16:1f:
                    e7:a3:f6:85:b6:85:03:a4:ce:6c:88:36:1d:bd:d0:
                    85:f5:31:d0:af:d3:e1:e4:52:ac:0f:c2:91:61:e4:
                    d3:de:44:a8:e0:2f:f7:30:5a:07:0b:68:2e:c5:df:
                    e5:ea:df:e0:c8:71:cc:3c:e5:1d:21:fe:e5:b7:59:
                    a3:b1:b3:43:02:bd:bb:6e:e8:80:36:54:e5:65:ba:
                    aa:d8:6c:ff:f1:a6:6c:dc:55:c9:03:c8:e2:7b:1b:
                    3e:80:d2:5f:6d:c6:d1:af:46:13:3b:e0:ce:db:ac:
                    c8:22:e7:ba:38:8a:a4:14:8a:03:9c:22:5f:ea:bf:
                    09:2a:e8:37:e4:b7:81:30:2a:10:eb:ad:73:9a:77:
                    50:61:a7:19:77:01:42:06:bb:b6:81:05:53:5b:52:
                    1f:df:7f:6c:d4:29:6e:7d:d9:9d:4d:68:01:35:3b:
                    33:8c:e1:66:3b:2f:7a:fc:2b:9b:5f:56:88:d3:5e:
                    5a:69:3d:ae:75:1b:28:d3:9d:21:9a:54:92:d3:28:
                    29:ad:8e:ac:0d:1b:dc:6f:18:4c:0e:ba:30:57:3c:
                    9c:1e:44:0c:8a:4a:2b:d7:67:9d:94:51:1c:6c:b3:
                    eb:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:DA:15:72:77:61:E6:ED:99:AB:28:D5:2A:69:B5:7B:30:7F:93:E4
            X509v3 Authority Key Identifier:
                keyid:84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/QdoVcndh5u2ZqyjVKmm1ezB_k-Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.45.140.0-185.45.142.255
                IPv6:
                  2a01:8020::/32

    Signature Algorithm: sha256WithRSAEncryption
         96:0f:fd:ad:9d:e8:4f:08:a1:9e:8d:cc:4a:de:5a:3d:75:5f:
         5f:dd:fa:01:cf:79:18:b7:2b:42:54:9d:0b:cf:46:6f:84:09:
         38:e6:04:c2:85:fb:30:03:77:2d:ec:49:97:ea:0e:7a:c3:8a:
         a9:19:42:47:9c:f1:3b:9c:e7:6e:4a:18:bd:17:41:2a:d7:73:
         c3:86:25:f2:40:80:f5:ff:da:f2:98:f1:e9:99:19:8e:9e:73:
         86:40:1a:97:72:d9:a6:eb:aa:8e:7c:1a:fa:af:97:1d:18:0f:
         bd:cd:e0:ae:f9:8d:5b:b0:15:55:6c:4e:af:23:f1:e3:bc:a7:
         e5:23:8f:5e:f9:4f:a0:cc:6c:8f:81:ff:98:b6:f5:04:51:41:
         45:79:35:eb:6e:ec:7e:51:9e:9e:9c:f8:8f:37:94:32:8b:4f:
         2e:68:65:37:d0:15:92:fb:67:23:b1:53:bc:74:58:f4:13:85:
         54:d7:c2:66:ca:8d:d8:b8:4a:a5:a0:92:f4:96:17:1a:81:0b:
         8b:7e:b0:47:e8:a4:ea:f8:cf:1e:e1:f1:af:e0:ac:d5:77:10:
         8e:16:65:d1:e5:83:28:9e:46:95:a3:7a:96:93:13:1a:1d:07:
         ff:15:48:d8:cb:ac:a9:ef:ab:87:63:75:ca:48:bb:73:b6:f5:
         11:61:53:dd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFAFaQHo7lHhJOoH5E5sfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2JlODYzOWY0MDM5OTkzYzFmNmU3ODc5ZjQ3MjllNDdk
YzM3YWUwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWRhMTU3Mjc3NjFlNmVkOTlhYjI4ZDUyYTY5YjU3YjMwN2Y5M2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryeIOOJ56CYXd+7VRuiAgDsWNj3T
xuS0n6PaFh/no/aFtoUDpM5siDYdvdCF9THQr9Ph5FKsD8KRYeTT3kSo4C/3MFoH
C2guxd/l6t/gyHHMPOUdIf7lt1mjsbNDAr27buiANlTlZbqq2Gz/8aZs3FXJA8ji
exs+gNJfbcbRr0YTO+DO26zIIue6OIqkFIoDnCJf6r8JKug35LeBMCoQ661zmndQ
YacZdwFCBru2gQVTW1If339s1ClufdmdTWgBNTszjOFmOy96/CubX1aI015aaT2u
dRso050hmlSS0ygprY6sDRvcbxhMDrowVzycHkQMikor12edlFEcbLPr4wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEHaFXJ3Yebtmaso1SpptXswf5PkMB8GA1UdIwQY
MBaAFIQ76GOfQDmZPB9ueHn0cp5H3DeuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2Mt
Nzc4ODc0OGY2N2NiLzEvUWRvVmNuZGg1dTJacXlqVkttbTFlekJfay1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2MtNzc4ODc0OGY2N2Ni
LzEvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5LYwD
BAC5LY4wDQQCAAIwBwMFACoBgCAwDQYJKoZIhvcNAQELBQADggEBAJYP/a2d6E8I
oZ6NzEreWj11X1/d+gHPeRi3K0JUnQvPRm+ECTjmBMKF+zADdy3sSZfqDnrDiqkZ
Qkec8Tuc525KGL0XQSrXc8OGJfJAgPX/2vKY8emZGY6ec4ZAGpdy2abrqo58Gvqv
lx0YD73N4K75jVuwFVVsTq8j8eO8p+Ujj175T6DMbI+B/5i29QRRQUV5Netu7H5R
np6c+I83lDKLTy5oZTfQFZL7ZyOxU7x0WPQThVTXwmbKjdi4SqWgkvSWFxqBC4t+
sEfopOr4zx7h8a/grNV3EI4WZdHlgyieRpWjepaTExodB/8VSNjLrKnvq4djdcpI
u3O29RFhU90=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:59 2024 by rpki-client on console-ams.rpki-client.org