Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/HLKkzTVPVyRRtn8xwPy_SmyHXn4.roa
File:                     HLKkzTVPVyRRtn8xwPy_SmyHXn4.roa (raw, json)
Hash identifier:          AaSYP2cqI25i+OJS8wvoHreHStLGMyPUsBQOY2KqtPE=
Subject key identifier:   1C:B2:A4:CD:35:4F:57:24:51:B6:7F:31:C0:FC:BF:4A:6C:87:5E:7E
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01856F26D9C43E268AEC396688249491D7F4
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/HLKkzTVPVyRRtn8xwPy_SmyHXn4.roa
Signing time:             Sun 01 Jan 2023 21:04:55 +0000
ROA not before:           Sun 01 Jan 2023 21:04:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3229
IP address blocks:        193.233.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:26:d9:c4:3e:26:8a:ec:39:66:88:24:94:91:d7:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 21:04:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cb2a4cd354f572451b67f31c0fcbf4a6c875e7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:49:2d:17:d6:ca:2e:58:ee:35:fb:d0:ae:6a:
                    fc:d5:35:87:4c:62:23:b9:d2:4b:ce:91:a0:eb:e4:
                    20:2a:da:1d:d5:34:05:78:fa:0a:aa:14:6c:a1:3f:
                    1f:a6:85:75:a2:4e:9e:1a:ef:87:93:91:fa:2c:23:
                    d3:58:82:25:11:ef:96:cd:18:21:4b:c1:96:f6:c5:
                    a7:9c:3f:79:e7:84:c1:5b:1b:fa:67:99:d3:e7:0f:
                    43:08:2d:bc:8d:d6:7b:56:70:4d:14:50:26:5e:3c:
                    2d:ed:cf:74:56:79:e3:e7:86:20:05:e6:45:9f:ac:
                    b7:ea:2c:12:b0:78:43:0a:4f:8a:fc:30:20:a2:94:
                    8f:69:6a:cd:d6:ed:88:71:a7:56:42:f5:1e:b7:17:
                    b7:e7:78:43:f9:66:84:43:89:e4:4e:c5:23:61:cd:
                    8d:7d:a1:f2:53:61:33:66:50:03:0e:76:03:31:0b:
                    55:91:87:f1:c0:64:d1:00:a8:0f:99:ec:dd:52:e0:
                    b5:57:2b:b0:e7:ab:b2:a2:71:d1:68:e7:b0:8e:0b:
                    05:e3:89:6c:d5:ac:04:a2:10:cd:51:23:3f:3e:64:
                    d3:71:de:d8:89:8f:9a:18:07:8b:e0:86:96:5b:f1:
                    4c:84:85:11:bd:4a:80:ef:f5:5b:e0:e3:da:8c:55:
                    87:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B2:A4:CD:35:4F:57:24:51:B6:7F:31:C0:FC:BF:4A:6C:87:5E:7E
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/HLKkzTVPVyRRtn8xwPy_SmyHXn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:74:be:e5:f9:71:20:9e:30:6d:dc:f1:01:e8:aa:0a:2f:05:
         4c:7e:29:c3:82:48:e6:50:d6:98:41:f4:4d:ab:ce:8f:ee:a1:
         18:43:42:a4:0a:ea:46:ee:1a:70:f4:86:a3:24:44:82:e5:87:
         e5:9d:5a:08:41:59:d4:dc:05:d1:20:96:f1:0f:3d:9c:54:78:
         d7:bf:17:07:7f:23:b3:26:e2:a6:28:2d:56:22:c8:1f:7a:48:
         db:30:8f:03:e4:4d:90:91:2b:75:1e:00:63:7b:4f:78:8d:ed:
         31:13:7a:8d:e7:2d:ca:01:07:a7:49:bd:97:8e:ed:bc:46:61:
         f2:e4:cd:af:8e:4c:ca:5a:fa:d9:4c:e2:1a:7a:5c:ec:87:59:
         49:5e:a6:10:e8:e7:f4:e4:f3:75:16:c6:6f:74:c1:68:26:02:
         3b:a2:c5:18:52:64:27:50:f8:51:c0:cd:81:a6:88:86:0b:c8:
         4a:2f:60:35:c8:bb:05:87:f6:08:b4:94:43:3f:bc:3b:75:f4:
         06:df:f2:aa:38:80:d9:8d:cf:fd:7b:ff:93:c5:c7:09:60:f3:
         ed:81:f8:07:24:aa:92:9f:d9:57:8c:f9:d3:98:30:35:60:72:
         3e:ac:9f:4a:aa:9a:a6:5b:c1:75:d5:e7:13:75:80:fd:88:36:
         fe:a4:50:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJtnEPiaK7DlmiCSUkdf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IyYTRjZDM1NGY1NzI0NTFiNjdmMzFjMGZjYmY0YTZjODc1ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUktF9bKLljuNfvQrmr81TWHTGIj
udJLzpGg6+QgKtod1TQFePoKqhRsoT8fpoV1ok6eGu+Hk5H6LCPTWIIlEe+WzRgh
S8GW9sWnnD9554TBWxv6Z5nT5w9DCC28jdZ7VnBNFFAmXjwt7c90Vnnj54YgBeZF
n6y36iwSsHhDCk+K/DAgopSPaWrN1u2IcadWQvUetxe353hD+WaEQ4nkTsUjYc2N
faHyU2EzZlADDnYDMQtVkYfxwGTRAKgPmezdUuC1Vyuw56uyonHRaOewjgsF44ls
1awEohDNUSM/PmTTcd7YiY+aGAeL4IaWW/FMhIURvUqA7/Vb4OPajFWHewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByypM01T1ckUbZ/McD8v0psh15+MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvSExLa3pUVlBWeVJSdG44eHdQeV9TbXlIWG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwemsMA0G
CSqGSIb3DQEBCwUAA4IBAQAldL7l+XEgnjBt3PEB6KoKLwVMfinDgkjmUNaYQfRN
q86P7qEYQ0KkCupG7hpw9IajJESC5YflnVoIQVnU3AXRIJbxDz2cVHjXvxcHfyOz
JuKmKC1WIsgfekjbMI8D5E2QkSt1HgBje094je0xE3qN5y3KAQenSb2Xju28RmHy
5M2vjkzKWvrZTOIaelzsh1lJXqYQ6Of05PN1FsZvdMFoJgI7osUYUmQnUPhRwM2B
poiGC8hKL2A1yLsFh/YItJRDP7w7dfQG3/KqOIDZjc/9e/+TxccJYPPtgfgHJKqS
n9lXjPnTmDA1YHI+rJ9KqpqmW8F11ecTdYD9iDb+pFCy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org