Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HlxMbzFACo4pidr9shxDFz1ZK30.roa
File:                     HlxMbzFACo4pidr9shxDFz1ZK30.roa (raw, json)
Hash identifier:          iWSbbvxKFmlKgUPwlUQUN677htggEjWbzFIzlas4/qA=
Subject key identifier:   1E:5C:4C:6F:31:40:0A:8E:29:89:DA:FD:B2:1C:43:17:3D:59:2B:7D
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185738FDA9ACBD33C8301584CDD4651CDC7
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HlxMbzFACo4pidr9shxDFz1ZK30.roa
Signing time:             Mon 02 Jan 2023 17:38:05 +0000
ROA not before:           Mon 02 Jan 2023 17:38:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        2a0b:b87:ffb0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:da:9a:cb:d3:3c:83:01:58:4c:dd:46:51:cd:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e5c4c6f31400a8e2989dafdb21c43173d592b7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:98:e0:9c:6d:5b:47:fa:33:df:e9:02:18:ce:
                    76:3c:be:be:0b:c5:f8:31:c0:1f:52:87:39:70:c9:
                    a9:28:aa:ff:ff:f3:a6:74:cf:82:2f:d2:fe:48:68:
                    25:d7:d4:4c:b9:74:72:2e:00:3a:1e:b2:1f:a4:e7:
                    dc:c4:59:56:b7:33:65:7a:54:66:2c:62:8e:6d:44:
                    1d:2a:bd:54:85:9f:b7:f7:2f:3e:24:7e:22:dc:2b:
                    f8:ce:14:cf:95:07:72:d2:ce:4d:0d:9f:96:7c:b3:
                    37:93:29:6d:1b:82:91:b0:c6:27:e8:e2:e4:9e:b2:
                    a3:84:46:dd:ae:39:a5:ea:12:13:38:c6:4f:63:79:
                    12:f1:38:f7:96:c7:db:97:62:2f:6b:ee:4a:00:a5:
                    4f:0f:30:1e:fe:85:78:52:f6:65:d8:30:c4:a8:65:
                    1d:15:91:44:80:93:c6:79:f7:8e:16:b0:da:5c:26:
                    5e:ea:dc:3f:a8:b3:0e:10:a1:c2:2b:93:f2:17:ae:
                    b0:a4:13:c2:6e:cd:ca:c5:aa:37:93:29:c7:6b:34:
                    a3:2d:98:19:ad:cd:de:e9:06:72:6a:6e:1b:95:ad:
                    72:90:e3:b0:44:a9:b8:9e:93:43:1e:77:5c:54:2e:
                    05:b6:a9:e8:1a:e0:03:bf:7a:4c:b1:48:9c:c3:29:
                    64:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:5C:4C:6F:31:40:0A:8E:29:89:DA:FD:B2:1C:43:17:3D:59:2B:7D
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HlxMbzFACo4pidr9shxDFz1ZK30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b87:ffb0::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:60:2e:4b:96:e5:6b:b2:68:d9:9e:e0:6a:2f:5a:44:95:ea:
         fd:3d:d1:fb:57:f7:28:c7:16:95:c3:09:84:55:f7:4e:2e:bf:
         00:9e:6c:52:44:c3:d6:b4:ed:d4:99:8e:95:c8:95:fe:e0:d2:
         99:24:16:6d:c6:83:9d:f1:79:b3:22:e3:48:ee:e0:3a:70:15:
         84:f5:ac:fe:6d:0e:66:62:b8:61:6b:d0:a1:c2:eb:54:a0:af:
         72:a8:aa:c0:53:1f:fc:5a:10:a5:b6:fe:fb:ab:4e:67:d4:4b:
         b2:56:14:ba:dd:2f:fe:b9:5b:07:3e:ef:89:b7:cb:19:07:95:
         c9:64:4f:67:ed:9c:e4:51:11:75:d3:a6:f2:7c:2f:a6:13:84:
         f0:de:45:fa:de:15:30:16:e9:6d:64:2a:0c:27:54:40:d8:b1:
         15:76:c1:a6:52:2f:10:88:39:f3:ed:38:c5:4f:34:19:d1:c4:
         0c:44:2d:e4:d3:7b:d7:52:32:40:bf:38:b2:46:af:db:f4:a9:
         4c:cc:31:f8:1d:5b:a6:48:27:a6:a1:77:d3:07:01:96:a1:22:
         b8:a2:6d:92:0b:1e:ce:9b:59:f8:15:fb:08:a8:1d:b3:50:44:
         2a:8c:df:5c:68:9a:0c:d1:09:a0:0a:2b:e5:4b:61:09:50:4d:
         85:44:c9:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzj9qay9M8gwFYTN1GUc3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVjNGM2ZjMxNDAwYThlMjk4OWRhZmRiMjFjNDMxNzNkNTkyYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5jgnG1bR/oz3+kCGM52PL6+C8X4
McAfUoc5cMmpKKr///OmdM+CL9L+SGgl19RMuXRyLgA6HrIfpOfcxFlWtzNlelRm
LGKObUQdKr1UhZ+39y8+JH4i3Cv4zhTPlQdy0s5NDZ+WfLM3kyltG4KRsMYn6OLk
nrKjhEbdrjml6hITOMZPY3kS8Tj3lsfbl2Iva+5KAKVPDzAe/oV4UvZl2DDEqGUd
FZFEgJPGefeOFrDaXCZe6tw/qLMOEKHCK5PyF66wpBPCbs3Kxao3kynHazSjLZgZ
rc3e6QZyam4bla1ykOOwRKm4npNDHndcVC4FtqnoGuADv3pMsUicwylkIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB5cTG8xQAqOKYna/bIcQxc9WSt9MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSGx4TWJ6RkFDbzRwaWRyOXNoeERGejFaSzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+w
MA0GCSqGSIb3DQEBCwUAA4IBAQCiYC5LluVrsmjZnuBqL1pEler9PdH7V/coxxaV
wwmEVfdOLr8AnmxSRMPWtO3UmY6VyJX+4NKZJBZtxoOd8XmzIuNI7uA6cBWE9az+
bQ5mYrhha9ChwutUoK9yqKrAUx/8WhCltv77q05n1EuyVhS63S/+uVsHPu+Jt8sZ
B5XJZE9n7ZzkURF106byfC+mE4Tw3kX63hUwFultZCoMJ1RA2LEVdsGmUi8QiDnz
7TjFTzQZ0cQMRC3k03vXUjJAvziyRq/b9KlMzDH4HVumSCemoXfTBwGWoSK4om2S
Cx7Om1n4FfsIqB2zUEQqjN9caJoM0QmgCivlS2EJUE2FRMn5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org