Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HSLqcHbMq3-A-N8AxlZUyBs-EwY.roa
File:                     HSLqcHbMq3-A-N8AxlZUyBs-EwY.roa (raw, json)
Hash identifier:          c57fpvTp8r5PmZyKtxTCOHZ/rwneo+3ZLKFHDkv/wUg=
Subject key identifier:   1D:22:EA:70:76:CC:AB:7F:80:F8:DF:00:C6:56:54:C8:1B:3E:13:06
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018B1E2BE7B40F46B969C163FEA9B2966B93
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HSLqcHbMq3-A-N8AxlZUyBs-EwY.roa
Signing time:             Wed 11 Oct 2023 09:57:55 +0000
ROA not before:           Wed 11 Oct 2023 09:57:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209371
IP address blocks:        193.57.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Nov 2023 04:58:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1e:2b:e7:b4:0f:46:b9:69:c1:63:fe:a9:b2:96:6b:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Oct 11 09:57:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d22ea7076ccab7f80f8df00c65654c81b3e1306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:c4:85:3c:57:e0:36:67:23:19:08:96:01:3c:
                    61:90:1f:42:8e:82:ab:0c:dd:9b:63:21:b4:f8:05:
                    03:ab:6c:7b:d5:46:50:f4:16:a4:45:fe:05:88:a6:
                    bd:d0:6e:51:dd:42:00:41:06:f2:1a:24:1d:2e:ce:
                    e7:9a:dc:fe:7b:c3:99:18:cc:1d:43:29:67:23:16:
                    d5:90:06:fa:d3:d0:f3:63:64:ff:82:c1:4d:38:d0:
                    a0:78:b3:9d:35:6c:00:dd:06:91:9e:29:1e:ca:cc:
                    99:07:d5:cf:7b:a1:ac:f8:4c:3b:a1:65:ff:c4:60:
                    e9:88:98:fa:74:86:06:7e:f6:23:17:be:9b:d4:66:
                    1c:9e:08:a3:36:dc:99:f3:e9:c8:dc:66:0c:65:08:
                    a0:ea:32:52:a2:bd:1e:60:5f:2c:cf:7b:a9:6e:4b:
                    02:ff:0d:00:93:42:00:48:35:06:9d:d5:70:ec:75:
                    e1:99:b8:d8:86:0b:45:54:f5:ff:8b:63:3e:ba:68:
                    76:14:14:23:c7:9d:6d:5d:37:ee:1e:09:53:6a:15:
                    a5:f6:e6:e2:ea:ee:4a:13:4e:9d:86:0a:b9:61:a7:
                    35:e3:8e:ab:ed:82:32:d9:14:21:7e:87:12:4f:7d:
                    6d:64:0c:f2:d4:b6:9a:a6:d5:22:83:2c:17:88:20:
                    b3:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:22:EA:70:76:CC:AB:7F:80:F8:DF:00:C6:56:54:C8:1B:3E:13:06
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HSLqcHbMq3-A-N8AxlZUyBs-EwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:86:bd:48:91:e7:70:e2:c5:6a:8b:57:1f:d5:9e:ae:41:87:
         3e:ab:cc:90:06:a8:0f:1b:f6:60:98:d9:d5:5c:19:92:15:3e:
         ab:08:36:30:a6:64:dd:29:9b:79:8e:f4:07:b3:1f:85:ff:c3:
         88:5e:66:ea:5c:01:22:0b:8a:eb:5d:04:e6:b3:c0:17:cc:6e:
         28:89:55:fa:b8:66:b8:37:67:d9:bc:5d:27:81:17:6b:69:6c:
         e3:4e:a1:12:56:55:1f:27:9d:ee:75:90:35:d7:15:e0:50:7b:
         96:42:bf:1b:39:d2:ab:84:b9:9b:a9:a0:57:ad:1d:3f:91:c2:
         89:b2:b9:1a:66:dc:23:e8:15:74:27:eb:68:76:4a:28:05:f7:
         48:f4:ba:89:cf:d7:63:44:5a:3e:a5:02:f4:7e:bb:8d:28:9d:
         33:b7:17:11:8f:b7:14:0f:f0:e2:94:4c:23:a1:f4:68:35:95:
         9a:8c:b0:26:d3:88:c6:ab:94:4e:2f:9d:a5:09:11:a8:c7:01:
         76:9f:77:2e:09:6a:15:0e:50:55:df:af:90:f1:a0:7a:c9:07:
         e3:f7:2a:66:a2:94:10:76:29:7f:62:ea:82:7c:78:ac:2d:f7:
         25:b9:ba:91:2a:70:ac:c2:21:ae:d6:48:f1:9c:2c:15:7c:19:
         a2:bc:3b:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYseK+e0D0a5acFj/qmylmuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDExMDk1NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDIyZWE3MDc2Y2NhYjdmODBmOGRmMDBjNjU2NTRjODFiM2UxMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMSFPFfgNmcjGQiWATxhkB9CjoKr
DN2bYyG0+AUDq2x71UZQ9BakRf4FiKa90G5R3UIAQQbyGiQdLs7nmtz+e8OZGMwd
QylnIxbVkAb609DzY2T/gsFNONCgeLOdNWwA3QaRnikeysyZB9XPe6Gs+Ew7oWX/
xGDpiJj6dIYGfvYjF76b1GYcngijNtyZ8+nI3GYMZQig6jJSor0eYF8sz3upbksC
/w0Ak0IASDUGndVw7HXhmbjYhgtFVPX/i2M+umh2FBQjx51tXTfuHglTahWl9ubi
6u5KE06dhgq5Yac1446r7YIy2RQhfocST31tZAzy1LaaptUigywXiCCzswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0i6nB2zKt/gPjfAMZWVMgbPhMGMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSFNMcWNIYk1xMy1BLU44QXhsWlV5QnMtRXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTkpMA0G
CSqGSIb3DQEBCwUAA4IBAQBRhr1Ikedw4sVqi1cf1Z6uQYc+q8yQBqgPG/ZgmNnV
XBmSFT6rCDYwpmTdKZt5jvQHsx+F/8OIXmbqXAEiC4rrXQTms8AXzG4oiVX6uGa4
N2fZvF0ngRdraWzjTqESVlUfJ53udZA11xXgUHuWQr8bOdKrhLmbqaBXrR0/kcKJ
srkaZtwj6BV0J+todkooBfdI9LqJz9djRFo+pQL0fruNKJ0ztxcRj7cUD/DilEwj
ofRoNZWajLAm04jGq5ROL52lCRGoxwF2n3cuCWoVDlBV36+Q8aB6yQfj9ypmopQQ
dil/YuqCfHisLfclubqRKnCswiGu1kjxnCwVfBmivDu9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org