Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hya2dVcLvt4SM1DMWpgQKKlUWnA.roa
File:                     Hya2dVcLvt4SM1DMWpgQKKlUWnA.roa (raw, json)
Hash identifier:          +/5Bdk8bC4KflF2qRwJQ/rS0Pmdb7XWUVl/NT5tnUHI=
Subject key identifier:   1F:26:B6:75:57:0B:BE:DE:12:33:50:CC:5A:98:10:28:A9:54:5A:70
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018FC89D9A8F1E5450F4082EA69E2A578C47
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hya2dVcLvt4SM1DMWpgQKKlUWnA.roa
Signing time:             Thu 30 May 2024 08:28:42 +0000
ROA not before:           Thu 30 May 2024 08:28:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205007
IP address blocks:        193.108.115.0/24 maxlen: 24
                          194.87.43.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          194.87.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Sep 2024 05:17:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:c8:9d:9a:8f:1e:54:50:f4:08:2e:a6:9e:2a:57:8c:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 30 08:28:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1f26b675570bbede123350cc5a981028a9545a70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:49:67:c2:8c:7f:1d:96:0d:98:68:a2:87:6f:
                    05:bd:bf:16:0f:46:f2:1b:ba:02:51:ea:64:0a:ba:
                    fc:b1:38:57:f3:77:68:bf:59:9d:85:6b:d0:3b:4d:
                    26:e4:75:9a:9a:a7:ac:69:4e:7a:4d:b8:b6:1b:6c:
                    ea:58:7c:47:76:4c:c0:7d:0c:a1:08:a8:cb:60:c0:
                    f4:4b:40:a4:73:d7:a3:df:d3:26:50:20:11:c2:b4:
                    db:d4:7f:66:d8:8f:ab:37:94:f2:f5:0c:ad:25:a9:
                    dd:84:ab:1b:46:34:62:9b:04:cc:73:95:61:20:cb:
                    42:61:44:96:9b:fe:5e:1c:17:39:94:3d:e8:93:2b:
                    71:8f:74:78:ac:da:f6:44:a6:b5:e7:e6:81:e7:a2:
                    ab:20:ff:5b:75:1a:69:33:f7:ea:ef:19:d6:ef:6c:
                    f2:dd:5d:8d:cb:0f:8e:b1:7d:54:bf:21:0b:d5:ba:
                    a1:9e:ff:16:36:f7:b2:16:54:89:06:80:e7:66:f7:
                    dd:46:46:90:13:00:8c:1f:6b:1a:00:d5:ab:e4:cd:
                    b0:79:d4:50:08:13:32:da:f4:8e:e5:98:b1:ec:15:
                    ac:12:39:65:38:12:52:36:85:a4:c0:e3:39:5b:4c:
                    08:09:f9:a4:6f:db:9a:13:5b:8b:fd:77:93:63:92:
                    06:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:26:B6:75:57:0B:BE:DE:12:33:50:CC:5A:98:10:28:A9:54:5A:70
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hya2dVcLvt4SM1DMWpgQKKlUWnA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.115.0/24
                  194.87.43.0/24
                  194.87.240.0/24
                  194.87.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:69:bf:cc:6a:6a:2c:ed:56:83:58:a0:a5:0f:cd:ac:26:ce:
         02:9a:7a:61:a0:f9:29:ad:55:6c:3b:21:ae:5a:f3:3c:9e:8e:
         50:22:44:f2:61:9c:72:0b:bd:fa:30:07:21:50:f1:78:76:97:
         e4:cb:69:48:f7:c2:5f:bf:4b:74:3b:fc:be:f2:78:a3:c1:fb:
         72:46:d9:2e:1c:dd:73:b7:79:87:68:4e:3c:29:7c:9e:9b:8a:
         a6:6e:94:f6:f8:19:bc:a2:3f:02:7b:28:21:d2:14:df:61:37:
         9b:53:14:f1:d3:86:b6:e8:78:21:20:49:88:f5:fd:e8:38:a2:
         09:68:67:a3:cd:43:e3:fe:f4:39:5b:e4:91:3c:9a:ff:46:bf:
         ce:0c:4e:e5:00:ab:02:43:98:c1:35:49:79:f7:df:4a:b3:1b:
         de:c9:13:19:b2:45:68:85:e3:3c:67:68:66:51:f0:8b:df:93:
         94:fe:5d:dc:b5:c9:12:bd:64:7c:43:64:72:49:75:f9:b6:b1:
         f5:0d:36:b6:e7:72:f0:27:6c:82:f5:a4:1b:ef:a9:1a:79:6f:
         f4:b1:aa:ca:80:cd:40:fd:e1:df:4d:33:d8:f5:75:4d:88:50:
         63:7b:56:f5:4c:92:9e:77:5f:29:15:62:72:1f:a5:bc:70:93:
         dc:86:72:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/InZqPHlRQ9Agupp4qV4xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTMwMDgyODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI2YjY3NTU3MGJiZWRlMTIzMzUwY2M1YTk4MTAyOGE5NTQ1YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0lnwox/HZYNmGiih28Fvb8WD0by
G7oCUepkCrr8sThX83dov1mdhWvQO00m5HWamqesaU56Tbi2G2zqWHxHdkzAfQyh
CKjLYMD0S0Ckc9ej39MmUCARwrTb1H9m2I+rN5Ty9QytJandhKsbRjRimwTMc5Vh
IMtCYUSWm/5eHBc5lD3okytxj3R4rNr2RKa15+aB56KrIP9bdRppM/fq7xnW72zy
3V2Nyw+OsX1UvyEL1bqhnv8WNveyFlSJBoDnZvfdRkaQEwCMH2saANWr5M2wedRQ
CBMy2vSO5Zix7BWsEjllOBJSNoWkwOM5W0wICfmkb9uaE1uL/XeTY5IGKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB8mtnVXC77eEjNQzFqYECipVFpwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSHlhMmRWY0x2dDRTTTFETVdwZ1FLS2xVV25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwWxzAwQA
wlcrAwQAwlfwAwQAwlfzMA0GCSqGSIb3DQEBCwUAA4IBAQAcab/Mamos7VaDWKCl
D82sJs4CmnphoPkprVVsOyGuWvM8no5QIkTyYZxyC736MAchUPF4dpfky2lI98Jf
v0t0O/y+8nijwftyRtkuHN1zt3mHaE48KXyem4qmbpT2+Bm8oj8Ceygh0hTfYTeb
UxTx04a26HghIEmI9f3oOKIJaGejzUPj/vQ5W+SRPJr/Rr/ODE7lAKsCQ5jBNUl5
999KsxveyRMZskVoheM8Z2hmUfCL35OU/l3ctckSvWR8Q2RySXX5trH1DTa253Lw
J2yC9aQb76kaeW/0sarKgM1A/eHfTTPY9XVNiFBje1b1TJKed18pFWJyH6W8cJPc
hnLY
-----END CERTIFICATE-----
Generated at Mon Sep 2 06:47:53 2024 by rpki-client on console-ams.rpki-client.org