Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8b93a4-868d-4f30-b44f-fce3d590c6db/1/h0xQukZV9yWz7SjEna59JkHKzjo.roa
File:                     h0xQukZV9yWz7SjEna59JkHKzjo.roa (raw, json)
Hash identifier:          qPtukiF8ATPPXjEPFaxBg7vZcYrivo7CJVsORj0m/9s=
Subject key identifier:   87:4C:50:BA:46:55:F7:25:B3:ED:28:C4:9D:AE:7D:26:41:CA:CE:3A
Certificate issuer:       /CN=0ff8e93f3472ea6be58f3feb74495470095a177d
Certificate serial:       01856FE71954EAB8BA3723C0A7EA014A40DC
Authority key identifier: 0F:F8:E9:3F:34:72:EA:6B:E5:8F:3F:EB:74:49:54:70:09:5A:17:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_jpPzRy6mvljz_rdElUcAlaF30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/8b93a4-868d-4f30-b44f-fce3d590c6db/1/h0xQukZV9yWz7SjEna59JkHKzjo.roa
Signing time:             Mon 02 Jan 2023 00:34:54 +0000
ROA not before:           Mon 02 Jan 2023 00:34:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198930
IP address blocks:        139.28.152.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 02 Mar 2023 15:41:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:e7:19:54:ea:b8:ba:37:23:c0:a7:ea:01:4a:40:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff8e93f3472ea6be58f3feb74495470095a177d
        Validity
            Not Before: Jan  2 00:34:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=874c50ba4655f725b3ed28c49dae7d2641cace3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e2:3d:39:21:3f:49:a6:81:a4:59:08:5a:64:
                    76:8d:61:9e:e0:6f:90:c9:1b:5b:7c:24:13:18:9a:
                    2e:1c:80:84:0d:7e:3e:22:5d:11:16:8b:74:e2:4c:
                    44:ee:21:8f:f7:a2:75:bf:a8:22:e3:fa:d9:04:50:
                    82:86:62:2e:d6:10:47:34:61:fa:84:ff:d4:fb:86:
                    82:6c:34:dd:95:95:f5:67:15:3c:0b:3a:f2:aa:4d:
                    ad:5c:e3:ee:0d:39:39:d8:81:e4:34:4a:55:83:28:
                    0e:6f:b4:09:c4:16:c8:37:27:4b:86:f5:6e:d4:41:
                    58:c7:34:85:55:cc:69:8e:43:49:22:0a:f7:7c:cf:
                    18:b3:28:4f:59:21:1e:cf:5b:23:d0:89:42:bc:ac:
                    53:00:d0:b5:9b:3a:55:0a:f9:26:48:58:f2:eb:ee:
                    0a:18:f0:b9:3b:a4:f9:10:7e:7e:32:7c:4c:08:da:
                    2a:5b:0c:9e:db:db:a8:a6:fe:17:b6:83:19:78:17:
                    d3:3b:1d:a9:19:61:6d:12:ca:d7:b9:58:5b:97:87:
                    a0:fb:95:ba:5f:7c:ef:f4:ee:13:fe:b8:1f:4d:7d:
                    e4:bf:65:e7:e4:01:61:af:94:b0:b2:6e:22:8f:50:
                    54:34:c7:83:b8:c7:a1:da:c5:19:74:3e:ad:28:78:
                    5b:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:4C:50:BA:46:55:F7:25:B3:ED:28:C4:9D:AE:7D:26:41:CA:CE:3A
            X509v3 Authority Key Identifier:
                keyid:0F:F8:E9:3F:34:72:EA:6B:E5:8F:3F:EB:74:49:54:70:09:5A:17:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_jpPzRy6mvljz_rdElUcAlaF30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8b93a4-868d-4f30-b44f-fce3d590c6db/1/h0xQukZV9yWz7SjEna59JkHKzjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8b93a4-868d-4f30-b44f-fce3d590c6db/1/D_jpPzRy6mvljz_rdElUcAlaF30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.28.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:0d:ce:3f:d9:9e:1e:38:05:94:31:42:35:34:19:2c:c0:0c:
         5a:f0:bc:17:15:f1:02:a9:a4:26:0d:a3:8f:23:8b:7e:e3:1c:
         85:f1:42:fe:ee:75:45:8c:26:04:12:c7:c5:80:08:d1:59:d2:
         76:90:0a:eb:a2:cb:5b:bf:60:18:83:d9:e2:d6:33:dc:c6:e3:
         f3:11:bc:4a:55:22:7d:95:64:72:9a:08:6f:94:47:d9:bb:95:
         71:f2:13:73:cc:60:0c:1d:e9:df:8b:5b:13:4b:25:bb:07:92:
         88:ef:8f:ec:10:d0:de:9b:c1:30:c2:1c:68:14:8d:17:95:ea:
         66:11:21:8e:4c:c4:08:60:4f:2c:ef:59:ce:b8:35:c5:19:bc:
         a2:28:74:ce:85:8e:92:6d:eb:41:2d:82:90:40:cc:a7:a8:e2:
         6a:af:5a:8c:8d:50:0a:82:01:50:4b:8b:1e:23:12:4a:30:5b:
         00:55:f3:59:c8:03:7b:f7:d4:f7:77:7f:72:c8:46:5c:39:e7:
         30:f0:29:e8:88:99:e2:1d:cb:02:3c:f0:9b:9f:cc:e4:0e:c9:
         0b:f2:21:63:89:b4:30:a1:9d:4f:47:99:b6:d2:92:35:a3:59:
         69:a6:1b:c2:c7:df:06:3b:07:35:ca:3b:15:05:a4:d4:a7:e6:
         e1:09:1c:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5xlU6ri6NyPAp+oBSkDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjhlOTNmMzQ3MmVhNmJlNThmM2ZlYjc0NDk1NDcwMDk1
YTE3N2QwHhcNMjMwMTAyMDAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzRjNTBiYTQ2NTVmNzI1YjNlZDI4YzQ5ZGFlN2QyNjQxY2FjZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OI9OSE/SaaBpFkIWmR2jWGe4G+Q
yRtbfCQTGJouHICEDX4+Il0RFot04kxE7iGP96J1v6gi4/rZBFCChmIu1hBHNGH6
hP/U+4aCbDTdlZX1ZxU8Czryqk2tXOPuDTk52IHkNEpVgygOb7QJxBbINydLhvVu
1EFYxzSFVcxpjkNJIgr3fM8YsyhPWSEez1sj0IlCvKxTANC1mzpVCvkmSFjy6+4K
GPC5O6T5EH5+MnxMCNoqWwye29uopv4XtoMZeBfTOx2pGWFtEsrXuVhbl4eg+5W6
X3zv9O4T/rgfTX3kv2Xn5AFhr5Swsm4ij1BUNMeDuMeh2sUZdD6tKHhbFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdMULpGVfcls+0oxJ2ufSZBys46MB8GA1UdIwQY
MBaAFA/46T80cupr5Y8/63RJVHAJWhd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9qcFB6Unk2bXZsanpfcmRFbFVjQWxhRjMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84YjkzYTQtODY4ZC00ZjMwLWI0NGYt
ZmNlM2Q1OTBjNmRiLzEvaDB4UXVrWlY5eVd6N1NqRW5hNTlKa0hLempvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84YjkzYTQtODY4ZC00ZjMwLWI0NGYtZmNlM2Q1OTBjNmRi
LzEvRF9qcFB6Unk2bXZsanpfcmRFbFVjQWxhRjMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixyYMA0G
CSqGSIb3DQEBCwUAA4IBAQAMDc4/2Z4eOAWUMUI1NBkswAxa8LwXFfECqaQmDaOP
I4t+4xyF8UL+7nVFjCYEEsfFgAjRWdJ2kArrostbv2AYg9ni1jPcxuPzEbxKVSJ9
lWRymghvlEfZu5Vx8hNzzGAMHenfi1sTSyW7B5KI74/sENDem8EwwhxoFI0Xlepm
ESGOTMQIYE8s71nOuDXFGbyiKHTOhY6SbetBLYKQQMynqOJqr1qMjVAKggFQS4se
IxJKMFsAVfNZyAN799T3d39yyEZcOecw8CnoiJniHcsCPPCbn8zkDskL8iFjibQw
oZ1PR5m20pI1o1lpphvCx98GOwc1yjsVBaTUp+bhCRw5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org