Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/HJlWQklEQJEg3puJGHLORXKnJH4.roa
File:                     HJlWQklEQJEg3puJGHLORXKnJH4.roa (raw, json)
Hash identifier:          t2duH7NEUemfK0skZmGjTlg7S7jk/C3Due9Ko79hkKQ=
Subject key identifier:   1C:99:56:42:49:44:40:91:20:DE:9B:89:18:72:CE:45:72:A7:24:7E
Certificate issuer:       /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial:       0185703968A41B320E3C329E54AFD3E66FCA
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/HJlWQklEQJEg3puJGHLORXKnJH4.roa
Signing time:             Mon 02 Jan 2023 02:04:48 +0000
ROA not before:           Mon 02 Jan 2023 02:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60750
IP address blocks:        185.26.109.0/24 maxlen: 24
                          185.26.108.0/24 maxlen: 24
                          185.26.108.0/22 maxlen: 24
                          2a00:8760::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:68:a4:1b:32:0e:3c:32:9e:54:af:d3:e6:6f:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
        Validity
            Not Before: Jan  2 02:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c9956424944409120de9b891872ce4572a7247e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b4:f6:5e:5f:34:13:f8:97:0e:59:f6:61:13:
                    a8:7c:3b:2b:62:d4:66:ca:3e:6a:c2:3e:d6:02:38:
                    19:9c:9d:73:93:01:f7:a4:10:6e:cb:bb:fa:5a:78:
                    26:6b:3d:8c:39:bc:28:58:5c:82:53:5b:99:db:ca:
                    9f:90:d3:bd:d9:cf:df:9b:d0:e1:5b:3b:03:41:55:
                    3f:7e:8a:6b:87:76:52:05:a5:99:3c:70:3b:58:8f:
                    e3:51:6c:a8:b5:ad:29:85:ab:5d:fc:83:ea:eb:c2:
                    97:ed:f8:63:bd:af:e4:39:58:a9:52:a0:b3:fc:c5:
                    15:db:ca:41:06:53:a5:1d:22:0f:fa:b0:d6:47:b4:
                    7d:7f:a8:a3:20:87:0a:b4:6e:a6:90:f9:3f:66:15:
                    bd:d0:fc:34:ae:e0:0b:55:59:09:34:ec:62:74:0b:
                    c3:e2:8b:7a:ca:c2:f7:7c:06:d9:20:90:4d:05:7e:
                    1d:d6:fd:86:a0:18:74:6e:34:41:db:60:b4:8b:08:
                    5b:c7:21:94:63:e3:04:43:7b:b8:fd:f8:40:a6:16:
                    36:b1:28:a3:2d:45:4e:ef:22:0c:d9:37:cc:a7:62:
                    e8:e5:ae:73:1c:4d:b8:a1:07:39:52:36:b7:34:4b:
                    ae:3d:87:c7:ab:26:1a:80:e0:06:e5:71:c0:5c:f4:
                    5e:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:99:56:42:49:44:40:91:20:DE:9B:89:18:72:CE:45:72:A7:24:7E
            X509v3 Authority Key Identifier:
                keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/HJlWQklEQJEg3puJGHLORXKnJH4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.26.108.0/22
                IPv6:
                  2a00:8760::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:6f:df:f5:5a:98:ec:34:84:ab:5f:13:39:db:1f:3c:6b:61:
         11:26:23:c1:b0:15:ae:b6:bd:04:77:32:24:c2:dd:64:d1:38:
         07:d5:aa:93:a8:c4:6d:c6:39:db:db:d8:9d:17:ce:b5:85:98:
         2f:97:9c:78:d7:63:93:ea:a3:21:2b:dd:60:ad:f8:38:88:99:
         ef:68:9a:32:e9:5f:98:d3:be:49:b0:d7:44:22:2d:65:a7:a5:
         2e:d1:8a:20:4a:30:d3:43:49:ea:3a:19:4f:6d:22:e6:1a:74:
         e9:9b:ba:fe:6c:c7:e9:03:cd:56:bc:68:89:22:06:1c:c3:16:
         2b:c8:4b:97:53:41:27:60:37:ac:8b:19:00:54:66:d5:0e:5c:
         93:73:60:0f:17:b4:3a:3b:de:c6:20:fd:16:47:a6:36:1f:a2:
         e5:b3:49:0d:91:68:6f:1b:e7:b0:74:ba:89:78:74:03:1f:43:
         31:23:a6:29:08:a4:8f:c2:b6:85:0b:90:83:c9:4d:2c:6d:c8:
         5d:83:15:e1:52:fe:02:3e:4f:0b:bf:92:80:96:cf:0d:30:e7:
         0d:40:5d:20:60:bd:78:e9:1a:55:0f:83:58:48:ed:7b:09:ba:
         88:ed:0a:e9:8d:90:d7:74:71:ce:cc:fd:7d:00:fe:ee:14:32:
         39:b7:1f:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwOWikGzIOPDKeVK/T5m/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjMwMTAyMDIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk5NTY0MjQ5NDQ0MDkxMjBkZTliODkxODcyY2U0NTcyYTcyNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7T2Xl80E/iXDln2YROofDsrYtRm
yj5qwj7WAjgZnJ1zkwH3pBBuy7v6Wngmaz2MObwoWFyCU1uZ28qfkNO92c/fm9Dh
WzsDQVU/foprh3ZSBaWZPHA7WI/jUWyota0phatd/IPq68KX7fhjva/kOVipUqCz
/MUV28pBBlOlHSIP+rDWR7R9f6ijIIcKtG6mkPk/ZhW90Pw0ruALVVkJNOxidAvD
4ot6ysL3fAbZIJBNBX4d1v2GoBh0bjRB22C0iwhbxyGUY+MEQ3u4/fhAphY2sSij
LUVO7yIM2TfMp2Lo5a5zHE24oQc5Uja3NEuuPYfHqyYagOAG5XHAXPRe8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFByZVkJJRECRIN6biRhyzkVypyR+MB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvSEpsV1FrbEVRSkVnM3B1SkdITE9SWEtuSkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRpsMA0E
AgACMAcDBQAqAIdgMA0GCSqGSIb3DQEBCwUAA4IBAQBAb9/1WpjsNISrXxM52x88
a2ERJiPBsBWutr0EdzIkwt1k0TgH1aqTqMRtxjnb29idF861hZgvl5x412OT6qMh
K91grfg4iJnvaJoy6V+Y075JsNdEIi1lp6Uu0YogSjDTQ0nqOhlPbSLmGnTpm7r+
bMfpA81WvGiJIgYcwxYryEuXU0EnYDesixkAVGbVDlyTc2APF7Q6O97GIP0WR6Y2
H6Lls0kNkWhvG+ewdLqJeHQDH0MxI6YpCKSPwraFC5CDyU0sbchdgxXhUv4CPk8L
v5KAls8NMOcNQF0gYL146RpVD4NYSO17CbqI7QrpjZDXdHHOzP19AP7uFDI5tx8c
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:19 2024 by rpki-client on console-ams.rpki-client.org