Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/HT5izlPUnpNjereFtgNVoxeyxpI.roa
File:                     HT5izlPUnpNjereFtgNVoxeyxpI.roa (raw, json)
Hash identifier:          9JoqUM0On1aUZj+y49oHR6f96k7fle+XXQR4eWRzYWc=
Subject key identifier:   1D:3E:62:CE:53:D4:9E:93:63:7A:B7:85:B6:03:55:A3:17:B2:C6:92
Certificate issuer:       /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial:       018B612D89A3C7A226DA5BDE520ABB00AC1E
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/HT5izlPUnpNjereFtgNVoxeyxpI.roa
Signing time:             Tue 24 Oct 2023 10:14:16 +0000
ROA not before:           Tue 24 Oct 2023 10:14:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.126.134.0/23 maxlen: 24
                          91.221.116.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Dec 2023 08:20:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:61:2d:89:a3:c7:a2:26:da:5b:de:52:0a:bb:00:ac:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
        Validity
            Not Before: Oct 24 10:14:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d3e62ce53d49e93637ab785b60355a317b2c692
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:06:de:db:8f:94:0f:8d:58:02:6e:80:d0:da:
                    3e:b9:a0:64:4b:f9:31:78:9f:10:e3:64:8e:9f:f9:
                    f3:77:31:ab:c9:e6:5e:4b:5e:79:bb:01:ab:3c:8a:
                    e1:bb:94:6d:07:85:39:7e:43:e6:a4:ee:a0:ac:00:
                    d0:15:d6:dc:dd:45:0d:33:10:af:10:e7:6b:0a:8d:
                    15:b5:61:49:c7:5d:a2:01:1e:15:0d:49:6b:c9:3e:
                    23:26:fa:62:32:5e:4d:92:d2:36:16:6e:1a:2f:b9:
                    8d:ba:b2:5c:4e:7c:8e:62:cb:5c:f0:a9:b8:33:43:
                    ac:f6:6d:1a:d1:e4:30:9f:9c:df:93:c1:1a:52:07:
                    86:6a:25:ac:86:b8:e5:10:d1:30:96:d4:e7:c6:f3:
                    95:0e:93:90:46:dd:98:11:fa:2f:53:3e:e1:db:ec:
                    af:f4:0a:17:6d:bd:d8:1c:16:2a:f4:fa:df:f0:65:
                    08:60:de:f9:51:b3:43:a8:cc:56:c8:59:e4:6f:31:
                    7f:89:73:51:09:cf:f1:35:b6:c5:13:a6:91:61:11:
                    a2:e8:3f:39:6b:75:6c:d5:d8:01:21:b9:2e:c8:bb:
                    c4:f1:ea:71:f1:bc:e0:c0:37:42:a1:b0:bf:99:68:
                    27:df:cd:5b:ca:dd:2e:5b:d6:a3:bf:4c:8b:21:02:
                    0f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:3E:62:CE:53:D4:9E:93:63:7A:B7:85:B6:03:55:A3:17:B2:C6:92
            X509v3 Authority Key Identifier:
                keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/HT5izlPUnpNjereFtgNVoxeyxpI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.221.116.0/23
                  185.126.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         51:63:5a:41:ef:9b:bb:5b:d0:39:eb:67:ce:ea:18:bb:c3:d4:
         35:cd:bc:a0:d2:29:a5:42:11:8d:fc:71:ef:d0:8a:7e:71:cb:
         53:05:e2:de:b2:22:82:61:00:33:c2:ce:94:73:ea:ef:23:d8:
         16:38:c7:38:5e:82:ce:d3:41:d4:40:86:b5:cc:87:e4:9b:09:
         61:ad:e2:7f:d0:b1:1d:a5:8f:2c:d7:da:8b:a7:e3:f3:de:68:
         60:1e:c3:27:28:be:d7:90:36:50:0d:c6:20:7a:a3:90:87:27:
         b4:a6:0f:e4:ab:d1:4b:7e:98:64:2e:e6:a6:14:e2:9f:67:63:
         70:a3:16:99:c8:7f:7f:19:4f:0b:49:ad:7e:ff:c1:37:b5:01:
         af:22:be:0a:45:f6:af:31:0b:e0:c7:da:a6:33:82:14:b4:50:
         71:94:4e:bc:5b:18:df:6c:56:03:d9:a8:88:1b:d3:48:0b:04:
         2d:a4:97:5d:06:8a:bd:b1:c3:41:ed:92:c9:38:7f:77:21:38:
         f1:20:d9:64:ff:33:7f:0d:d4:a1:11:ab:74:d7:75:25:3b:4d:
         fc:76:d1:09:17:58:c8:f2:03:ff:dc:81:be:e7:09:e2:a3:8d:
         dc:59:ba:76:9a:da:cf:02:33:26:53:13:44:55:d5:2f:cf:15:
         2a:73:ea:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYthLYmjx6Im2lveUgq7AKweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMxMDI0MTAxNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDNlNjJjZTUzZDQ5ZTkzNjM3YWI3ODViNjAzNTVhMzE3YjJjNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAbe24+UD41YAm6A0No+uaBkS/kx
eJ8Q42SOn/nzdzGryeZeS155uwGrPIrhu5RtB4U5fkPmpO6grADQFdbc3UUNMxCv
EOdrCo0VtWFJx12iAR4VDUlryT4jJvpiMl5NktI2Fm4aL7mNurJcTnyOYstc8Km4
M0Os9m0a0eQwn5zfk8EaUgeGaiWshrjlENEwltTnxvOVDpOQRt2YEfovUz7h2+yv
9AoXbb3YHBYq9Prf8GUIYN75UbNDqMxWyFnkbzF/iXNRCc/xNbbFE6aRYRGi6D85
a3Vs1dgBIbkuyLvE8epx8bzgwDdCobC/mWgn381byt0uW9ajv0yLIQIPywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0+Ys5T1J6TY3q3hbYDVaMXssaSMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvSFQ1aXpsUFVucE5qZXJlRnRnTlZveGV5eHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW910AwQB
uX6GMA0GCSqGSIb3DQEBCwUAA4IBAQBRY1pB75u7W9A562fO6hi7w9Q1zbyg0iml
QhGN/HHv0Ip+cctTBeLesiKCYQAzws6Uc+rvI9gWOMc4XoLO00HUQIa1zIfkmwlh
reJ/0LEdpY8s19qLp+Pz3mhgHsMnKL7XkDZQDcYgeqOQhye0pg/kq9FLfphkLuam
FOKfZ2NwoxaZyH9/GU8LSa1+/8E3tQGvIr4KRfavMQvgx9qmM4IUtFBxlE68Wxjf
bFYD2aiIG9NICwQtpJddBoq9scNB7ZLJOH93ITjxINlk/zN/DdShEat013UlO038
dtEJF1jI8gP/3IG+5wnio43cWbp2mtrPAjMmUxNEVdUvzxUqc+os
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org