Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/HPQI9s2447jJvvFKHvaPqdFFNfg.roa
File:                     HPQI9s2447jJvvFKHvaPqdFFNfg.roa (raw, json)
Hash identifier:          79Yn8QnoYy3RAqMEeS0MZHFZHB22GVmPSjMkKMXIn3k=
Subject key identifier:   1C:F4:08:F6:CD:B8:E3:B8:C9:BE:F1:4A:1E:F6:8F:A9:D1:45:35:F8
Certificate issuer:       /CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Certificate serial:       0185729EDAE182D67E7D94A01FD3DE4D4099
Authority key identifier: A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/HPQI9s2447jJvvFKHvaPqdFFNfg.roa
Signing time:             Mon 02 Jan 2023 13:14:51 +0000
ROA not before:           Mon 02 Jan 2023 13:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205376
IP address blocks:        185.220.151.0/24 maxlen: 24
                          185.220.150.0/24 maxlen: 24
                          185.220.149.0/24 maxlen: 24
                          185.220.148.0/22 maxlen: 24
                          185.220.148.0/24 maxlen: 24
                          2a0b:f840::/32 maxlen: 32
                          2a0b:f841::/32 maxlen: 32
                          2a0b:f840::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:da:e1:82:d6:7e:7d:94:a0:1f:d3:de:4d:40:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
        Validity
            Not Before: Jan  2 13:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cf408f6cdb8e3b8c9bef14a1ef68fa9d14535f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c2:a0:44:30:52:fd:9a:4c:3b:be:5e:3d:69:
                    21:51:17:f5:a7:02:e4:3a:16:04:7e:f1:8f:0b:ea:
                    fe:ce:3a:be:95:0d:2b:bd:77:e5:b8:5f:90:90:31:
                    82:09:e8:53:fd:b5:98:c0:df:a0:17:19:4b:03:72:
                    9b:11:8e:de:ae:ab:09:d2:2b:1b:03:ac:4a:ee:36:
                    79:66:8c:98:bb:d1:e8:d7:cc:d0:b3:83:f4:8e:63:
                    ee:db:5b:bc:3a:24:c0:97:b0:16:bf:54:28:11:19:
                    95:df:dd:ae:57:46:d8:6d:9b:bd:64:c6:03:0e:75:
                    eb:6a:d4:35:76:67:aa:1e:b6:de:8f:21:bb:5d:62:
                    6c:3d:eb:c6:f1:bb:4b:ef:38:69:29:eb:d0:12:4a:
                    e0:23:c2:a6:e8:49:71:f7:ec:f4:6f:bf:59:e2:b7:
                    f1:d8:27:ed:9b:e9:32:b4:a6:aa:49:fa:24:05:1f:
                    ae:31:92:30:11:b9:bc:b3:5c:88:df:ae:af:17:ed:
                    b7:77:53:9e:f0:ab:a9:8a:87:6f:f0:f1:5f:12:e8:
                    12:1b:49:d6:f4:07:4d:86:82:7f:11:aa:af:da:1d:
                    22:fa:b9:40:eb:6e:4f:50:bd:f9:35:f6:fa:fe:34:
                    76:42:48:1f:e7:bf:cd:33:58:b2:66:6c:39:52:d5:
                    4b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:F4:08:F6:CD:B8:E3:B8:C9:BE:F1:4A:1E:F6:8F:A9:D1:45:35:F8
            X509v3 Authority Key Identifier:
                keyid:A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/HPQI9s2447jJvvFKHvaPqdFFNfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.148.0/22
                IPv6:
                  2a0b:f840::/29

    Signature Algorithm: sha256WithRSAEncryption
         68:61:e7:4e:f2:69:b7:8f:35:e2:c2:2e:79:f4:21:16:c1:61:
         0d:69:60:a5:9a:8c:f4:89:e9:95:e2:09:25:b1:81:a4:c4:78:
         fb:1a:b3:80:15:3d:1a:df:a8:1c:9f:5c:34:54:dd:8a:ea:15:
         f4:6b:ec:52:2f:9c:f2:67:f0:c4:17:33:52:da:aa:22:0e:74:
         ed:d9:ff:d1:e5:dd:8a:21:d5:56:8e:f9:8c:dc:14:6d:5a:8e:
         91:d7:9d:c6:b3:3e:bd:96:65:a6:2f:3c:31:a5:05:51:4d:26:
         3a:ef:b1:ff:8e:5e:77:7f:c1:31:3e:2d:51:62:24:ab:85:a7:
         f2:aa:f3:8a:2b:56:80:82:43:2c:eb:df:a1:01:8f:a8:fc:7b:
         5b:cd:93:c8:86:4a:49:73:36:b6:3e:5e:0f:4a:a4:23:0e:89:
         ff:e3:4e:46:7d:04:ee:4d:0d:fb:a4:17:71:3f:44:75:7f:6e:
         e5:4b:81:89:46:cc:57:71:01:30:ae:8f:b0:70:59:b1:a2:d0:
         30:8f:e6:60:57:16:36:42:1e:d8:9d:60:fb:03:00:9c:60:59:
         52:b4:22:e0:7e:08:0e:7c:d9:e4:4b:f1:6f:cf:f4:60:2a:98:
         b3:da:d1:a6:f9:d9:8b:89:02:a5:29:d0:3d:53:13:10:af:cf:
         51:9a:76:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyntrhgtZ+fZSgH9PeTUCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNWUzZjk3NGI1Zjk3NDY1NmNjZjRkNDU1OTZjYWFkMWI5
MDk2ZDQwHhcNMjMwMTAyMTMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Y0MDhmNmNkYjhlM2I4YzliZWYxNGExZWY2OGZhOWQxNDUzNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MKgRDBS/ZpMO75ePWkhURf1pwLk
OhYEfvGPC+r+zjq+lQ0rvXfluF+QkDGCCehT/bWYwN+gFxlLA3KbEY7erqsJ0isb
A6xK7jZ5ZoyYu9Ho18zQs4P0jmPu21u8OiTAl7AWv1QoERmV392uV0bYbZu9ZMYD
DnXratQ1dmeqHrbejyG7XWJsPevG8btL7zhpKevQEkrgI8Km6Elx9+z0b79Z4rfx
2Cftm+kytKaqSfokBR+uMZIwEbm8s1yI366vF+23d1Oe8Kupiodv8PFfEugSG0nW
9AdNhoJ/Eaqv2h0i+rlA625PUL35Nfb6/jR2Qkgf57/NM1iyZmw5UtVL3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBz0CPbNuOO4yb7xSh72j6nRRTX4MB8GA1UdIwQY
MBaAFKFeP5dLX5dGVsz01FWWyq0bkJbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1Y0X2wwdGZsMFpXelBUVVZaYktyUnVRbHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kNmE0MjItMzYxMi00NWFmLTgzYWIt
ZDI0YjY4OTY2ZTBlLzEvSFBRSTlzMjQ0N2pKdnZGS0h2YVBxZEZGTmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kNmE0MjItMzYxMi00NWFmLTgzYWItZDI0YjY4OTY2ZTBl
LzEvb1Y0X2wwdGZsMFpXelBUVVZaYktyUnVRbHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudyUMA0E
AgACMAcDBQMqC/hAMA0GCSqGSIb3DQEBCwUAA4IBAQBoYedO8mm3jzXiwi559CEW
wWENaWClmoz0iemV4gklsYGkxHj7GrOAFT0a36gcn1w0VN2K6hX0a+xSL5zyZ/DE
FzNS2qoiDnTt2f/R5d2KIdVWjvmM3BRtWo6R153Gsz69lmWmLzwxpQVRTSY677H/
jl53f8ExPi1RYiSrhafyqvOKK1aAgkMs69+hAY+o/HtbzZPIhkpJcza2Pl4PSqQj
Don/405GfQTuTQ37pBdxP0R1f27lS4GJRsxXcQEwro+wcFmxotAwj+ZgVxY2Qh7Y
nWD7AwCcYFlStCLgfggOfNnkS/Fvz/RgKpiz2tGm+dmLiQKlKdA9UxMQr89RmnZc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:37 2024 by rpki-client on console-fra.rpki-client.org