Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/hiaWDV70iGKEaA9R7g9KNP2BIxE.roa
File:                     hiaWDV70iGKEaA9R7g9KNP2BIxE.roa (raw, json)
Hash identifier:          hhpmWoYbJqyuxfiTGOHvnyBo95xLWYvadx9GdfjLjqs=
Subject key identifier:   86:26:96:0D:5E:F4:88:62:84:68:0F:51:EE:0F:4A:34:FD:81:23:11
Certificate issuer:       /CN=9280d3e4672968f86e8955db620cb765db9d7142
Certificate serial:       018CB527DECEBC5DC8CB86D3A96485039540
Authority key identifier: 92:80:D3:E4:67:29:68:F8:6E:89:55:DB:62:0C:B7:65:DB:9D:71:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/koDT5GcpaPhuiVXbYgy3ZdudcUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/hiaWDV70iGKEaA9R7g9KNP2BIxE.roa
Signing time:             Fri 29 Dec 2023 10:38:58 +0000
ROA not before:           Fri 29 Dec 2023 10:38:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29119
IP address blocks:        84.54.26.0/23 maxlen: 23
                          213.217.28.0/24 maxlen: 24
                          178.212.72.0/24 maxlen: 24
                          185.248.133.0/24 maxlen: 24
                          84.54.24.0/23 maxlen: 23
                          84.54.24.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b5:27:de:ce:bc:5d:c8:cb:86:d3:a9:64:85:03:95:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9280d3e4672968f86e8955db620cb765db9d7142
        Validity
            Not Before: Dec 29 10:38:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8626960d5ef4886284680f51ee0f4a34fd812311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:dd:20:ff:5a:8f:3e:ea:85:58:6f:c0:ae:7b:
                    e8:94:ab:8f:93:58:5a:c8:43:cd:b7:7d:05:74:e4:
                    01:ab:40:8d:6d:fe:55:54:3a:28:24:11:c0:7a:61:
                    50:c7:d7:06:2b:f7:01:bf:9e:25:b8:59:89:5f:62:
                    ed:74:ee:83:61:94:c4:66:7a:9a:84:cf:5c:20:d8:
                    4f:4f:9c:4c:13:69:1f:e8:de:c5:8a:20:75:9a:67:
                    3f:70:88:89:15:4f:f0:26:0d:3c:d1:0d:d5:b9:f8:
                    f0:14:9f:ba:c0:82:9e:a0:1a:6d:84:62:7e:48:5d:
                    c1:41:27:d3:5d:96:5a:58:df:e3:9f:1f:79:7f:ed:
                    e8:43:2e:1d:65:b8:ec:07:d5:77:1d:43:68:34:33:
                    33:54:36:ac:b3:12:1b:fe:40:f8:43:f0:84:f9:58:
                    9c:00:c5:e2:58:29:7c:28:3b:98:5e:79:6d:7b:b5:
                    e2:66:89:90:f6:1e:f9:f6:4a:54:a9:50:6a:9e:1a:
                    41:df:77:70:27:b2:ce:08:f6:c4:6f:ab:c3:18:7e:
                    2d:86:71:2f:f9:e7:b5:ca:5a:28:55:d6:09:45:77:
                    34:5c:35:11:89:2b:c3:06:9c:1f:3c:a7:7b:3f:04:
                    99:3a:d6:42:82:be:50:16:8d:d5:12:b5:be:06:58:
                    dc:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:26:96:0D:5E:F4:88:62:84:68:0F:51:EE:0F:4A:34:FD:81:23:11
            X509v3 Authority Key Identifier:
                keyid:92:80:D3:E4:67:29:68:F8:6E:89:55:DB:62:0C:B7:65:DB:9D:71:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koDT5GcpaPhuiVXbYgy3ZdudcUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/hiaWDV70iGKEaA9R7g9KNP2BIxE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.54.24.0/22
                  178.212.72.0/24
                  185.248.133.0/24
                  213.217.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:2c:e0:8b:52:cf:46:dd:b5:1e:d0:42:cf:76:f3:12:f7:ec:
         22:68:4d:c5:9f:70:8f:34:34:80:b4:0d:03:1d:ef:d9:d7:9e:
         45:e9:8f:97:91:7e:ef:a4:54:81:9a:7b:27:cc:d0:51:61:9a:
         8e:82:1f:5b:c5:9d:39:75:68:37:3a:d4:52:91:ab:31:9a:4d:
         e9:9d:c5:0a:8c:bd:f6:6d:c0:bd:f7:41:b5:b9:64:5c:75:bf:
         ee:0a:2b:26:45:0b:ac:7c:84:43:ea:ab:26:ea:54:f8:42:b8:
         65:2b:4d:34:d9:d4:38:2b:d5:ba:19:00:af:8a:34:19:5e:1f:
         cc:0d:35:54:c6:00:84:d9:54:0a:e0:5e:3d:17:f4:db:3a:cd:
         d0:57:0b:79:54:24:3f:95:66:35:3b:5c:1d:dc:00:60:78:97:
         fc:e5:4b:3f:d4:f3:54:f1:19:91:14:1b:d1:ed:4e:50:65:50:
         25:39:8a:c9:a8:9e:f9:e0:91:7c:e4:9f:64:b6:58:e8:f5:21:
         af:7a:6b:01:08:11:a3:6e:98:e9:4b:4b:9c:fb:3d:4c:a9:98:
         22:14:eb:0f:c8:6a:77:5b:f5:06:d5:b3:d5:a2:0f:97:5c:3b:
         9f:ff:37:a1:33:6f:58:17:13:9f:85:6f:8d:63:d1:ba:ce:3f:
         38:31:73:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYy1J97OvF3Iy4bTqWSFA5VAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyODBkM2U0NjcyOTY4Zjg2ZTg5NTVkYjYyMGNiNzY1ZGI5
ZDcxNDIwHhcNMjMxMjI5MTAzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI2OTYwZDVlZjQ4ODYyODQ2ODBmNTFlZTBmNGEzNGZkODEyMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv90g/1qPPuqFWG/ArnvolKuPk1ha
yEPNt30FdOQBq0CNbf5VVDooJBHAemFQx9cGK/cBv54luFmJX2LtdO6DYZTEZnqa
hM9cINhPT5xME2kf6N7FiiB1mmc/cIiJFU/wJg080Q3VufjwFJ+6wIKeoBpthGJ+
SF3BQSfTXZZaWN/jnx95f+3oQy4dZbjsB9V3HUNoNDMzVDassxIb/kD4Q/CE+Vic
AMXiWCl8KDuYXnlte7XiZomQ9h759kpUqVBqnhpB33dwJ7LOCPbEb6vDGH4thnEv
+ee1ylooVdYJRXc0XDURiSvDBpwfPKd7PwSZOtZCgr5QFo3VErW+Bljc6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIYmlg1e9IhihGgPUe4PSjT9gSMRMB8GA1UdIwQY
MBaAFJKA0+RnKWj4bolV22IMt2XbnXFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva29EVDVHY3BhUGh1aVZYYllneTNaZHVkY1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81OWRhNTAtYWVkYi00OTA2LWFmMTkt
MDkwZmUzZGEyNDMzLzEvaGlhV0RWNzBpR0tFYUE5UjdnOUtOUDJCSXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81OWRhNTAtYWVkYi00OTA2LWFmMTktMDkwZmUzZGEyNDMz
LzEva29EVDVHY3BhUGh1aVZYYllneTNaZHVkY1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVDYYAwQA
stRIAwQAufiFAwQA1dkcMA0GCSqGSIb3DQEBCwUAA4IBAQAFLOCLUs9G3bUe0ELP
dvMS9+wiaE3Fn3CPNDSAtA0DHe/Z155F6Y+XkX7vpFSBmnsnzNBRYZqOgh9bxZ05
dWg3OtRSkasxmk3pncUKjL32bcC990G1uWRcdb/uCismRQusfIRD6qsm6lT4Qrhl
K0002dQ4K9W6GQCvijQZXh/MDTVUxgCE2VQK4F49F/TbOs3QVwt5VCQ/lWY1O1wd
3ABgeJf85Us/1PNU8RmRFBvR7U5QZVAlOYrJqJ754JF85J9ktljo9SGvemsBCBGj
bpjpS0uc+z1MqZgiFOsPyGp3W/UG1bPVog+XXDuf/zehM29YFxOfhW+NY9G6zj84
MXPp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:21 2024 by rpki-client on console-ams.rpki-client.org