Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Hkut6QpzLqmgm0OQV0iuBxq5Alc.roa
File:                     Hkut6QpzLqmgm0OQV0iuBxq5Alc.roa (raw, json)
Hash identifier:          ZjT1CCSdxq/cKZ0CXj/sGrUpGu+UwFMIVCfzbrvzSzM=
Subject key identifier:   1E:4B:AD:E9:0A:73:2E:A9:A0:9B:43:90:57:48:AE:07:1A:B9:02:57
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01881EF05EBB579D7EBC75DE99F55DF725B8
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Hkut6QpzLqmgm0OQV0iuBxq5Alc.roa
Signing time:             Mon 15 May 2023 10:24:09 +0000
ROA not before:           Mon 15 May 2023 10:24:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208046
IP address blocks:        2.58.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 14:51:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1e:f0:5e:bb:57:9d:7e:bc:75:de:99:f5:5d:f7:25:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: May 15 10:24:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e4bade90a732ea9a09b43905748ae071ab90257
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:fc:7c:76:6a:0e:da:2a:36:a0:e8:76:4d:93:
                    e3:cf:a1:17:25:28:93:36:d2:42:bd:b2:ed:9e:64:
                    ee:c2:6b:68:e3:8b:8d:38:5e:e5:70:99:60:ce:e1:
                    9a:a6:8f:eb:e3:dd:3a:93:e9:46:2e:ec:45:0e:7e:
                    cf:b7:aa:e6:7b:2f:73:c3:8a:09:34:49:9d:c9:1a:
                    c6:1d:ae:55:ce:d4:b3:1c:15:3a:30:81:dc:38:e3:
                    ef:ab:f6:6f:4e:c4:e8:69:79:9a:af:8b:b9:9f:cb:
                    fb:18:de:4d:0b:e1:9c:cc:31:0a:03:a5:0b:d9:9c:
                    03:6f:26:33:f2:4b:6e:5c:6b:d3:d3:66:03:e8:d9:
                    76:48:ba:0d:d2:3b:d0:1e:87:9f:f2:fb:47:54:88:
                    3d:59:2f:a4:16:6d:08:d7:1e:c1:1f:4d:13:fc:35:
                    24:a6:2d:d6:60:73:f5:8e:b0:d0:b4:c4:fe:61:28:
                    d8:ae:35:8a:4a:ec:8c:b9:c0:fb:37:d8:86:00:02:
                    54:0f:8a:05:71:ec:2a:ae:72:ce:ce:d6:e6:6e:bf:
                    a0:2a:93:07:08:d7:b5:99:ae:71:16:ec:97:ac:9a:
                    1b:45:7c:b0:03:09:17:71:7a:e8:b1:34:95:a3:7a:
                    73:6a:1e:3d:b0:f4:50:c5:89:00:11:76:1c:ed:dd:
                    03:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:4B:AD:E9:0A:73:2E:A9:A0:9B:43:90:57:48:AE:07:1A:B9:02:57
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Hkut6QpzLqmgm0OQV0iuBxq5Alc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:00:2f:9f:73:74:2c:08:5a:46:e9:81:d9:5f:5c:cc:46:f0:
         34:38:64:3e:91:b8:6d:89:1a:03:09:44:2a:85:78:d4:b7:7a:
         0b:9c:67:2c:9e:4f:a1:31:52:aa:56:98:a6:58:5c:51:04:56:
         9f:c2:8e:cc:59:67:77:52:2a:66:05:de:bb:31:77:79:4a:8b:
         96:65:21:70:be:d6:76:f3:46:31:13:2d:fd:4c:2e:a3:77:32:
         82:70:24:31:a5:0f:20:37:c6:7f:fe:07:2d:5b:81:71:73:f0:
         a1:29:61:e6:91:bd:0a:eb:c5:8f:9e:9d:4f:fd:83:95:22:c4:
         c3:d4:f9:20:d7:42:51:41:13:75:6c:c4:4e:a6:00:86:87:3e:
         25:a5:fc:ba:f5:df:63:b4:8b:a9:c1:87:e0:b4:73:26:ae:26:
         fe:75:b9:0a:d2:f1:a3:6f:35:49:45:7b:2e:dc:a4:3f:8b:f7:
         10:d7:fb:60:77:2c:b8:af:08:00:00:4d:f3:a7:18:89:19:8e:
         ce:c4:10:5a:9d:54:c4:03:5d:9a:1b:ab:40:fa:46:be:df:d9:
         a5:bc:87:1a:19:86:e9:5d:9d:8e:8c:6f:43:ce:ea:e3:b1:55:
         d5:59:ea:aa:82:d7:0e:44:4d:ca:df:2c:c1:71:81:a1:e6:69:
         23:fa:a8:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYge8F67V51+vHXemfVd9yW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwNTE1MTAyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRiYWRlOTBhNzMyZWE5YTA5YjQzOTA1NzQ4YWUwNzFhYjkwMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfx8dmoO2io2oOh2TZPjz6EXJSiT
NtJCvbLtnmTuwmto44uNOF7lcJlgzuGapo/r4906k+lGLuxFDn7Pt6rmey9zw4oJ
NEmdyRrGHa5VztSzHBU6MIHcOOPvq/ZvTsToaXmar4u5n8v7GN5NC+GczDEKA6UL
2ZwDbyYz8ktuXGvT02YD6Nl2SLoN0jvQHoef8vtHVIg9WS+kFm0I1x7BH00T/DUk
pi3WYHP1jrDQtMT+YSjYrjWKSuyMucD7N9iGAAJUD4oFcewqrnLOztbmbr+gKpMH
CNe1ma5xFuyXrJobRXywAwkXcXrosTSVo3pzah49sPRQxYkAEXYc7d0DlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5LrekKcy6poJtDkFdIrgcauQJXMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvSGt1dDZRcHpMcW1nbTBPUVYwaXVCeHE1QWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjrLMA0G
CSqGSIb3DQEBCwUAA4IBAQB6AC+fc3QsCFpG6YHZX1zMRvA0OGQ+kbhtiRoDCUQq
hXjUt3oLnGcsnk+hMVKqVpimWFxRBFafwo7MWWd3UipmBd67MXd5SouWZSFwvtZ2
80YxEy39TC6jdzKCcCQxpQ8gN8Z//gctW4Fxc/ChKWHmkb0K68WPnp1P/YOVIsTD
1Pkg10JRQRN1bMROpgCGhz4lpfy69d9jtIupwYfgtHMmrib+dbkK0vGjbzVJRXsu
3KQ/i/cQ1/tgdyy4rwgAAE3zpxiJGY7OxBBanVTEA12aG6tA+ka+39mlvIcaGYbp
XZ2OjG9DzurjsVXVWeqqgtcORE3K3yzBcYGh5mkj+qjf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org