Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/hBHmJD1zVYYgqwfWhRUnkgPXTu8.roa
File:                     hBHmJD1zVYYgqwfWhRUnkgPXTu8.roa (raw, json)
Hash identifier:          /dkL2ubmTeodObc7Dvfu7Xr8PEXsn9TA+bRaDn5rL98=
Subject key identifier:   84:11:E6:24:3D:73:55:86:20:AB:07:D6:85:15:27:92:03:D7:4E:EF
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185738FFA128911845A30882AAEA2CEEEEF
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/hBHmJD1zVYYgqwfWhRUnkgPXTu8.roa
Signing time:             Mon 02 Jan 2023 17:38:13 +0000
ROA not before:           Mon 02 Jan 2023 17:38:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202562
IP address blocks:        185.186.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:fa:12:89:11:84:5a:30:88:2a:ae:a2:ce:ee:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8411e6243d73558620ab07d68515279203d74eef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d5:3e:80:21:0c:bf:ad:34:a7:6d:8c:85:31:
                    5d:c2:aa:1f:91:ce:fc:81:f6:f4:05:b8:c5:e9:f8:
                    f0:e1:96:37:24:39:3a:d9:42:e2:28:e7:c2:b0:c1:
                    40:d6:8c:58:28:50:b5:8d:78:ca:c0:27:79:f5:9d:
                    8f:48:c9:e4:0a:f2:fa:c7:28:ee:79:ac:dc:a7:95:
                    60:2a:df:36:c4:91:26:d9:ac:58:b6:76:6b:48:39:
                    64:e0:d7:11:9f:f0:7a:64:f6:d5:ba:7a:2f:0a:a8:
                    20:37:74:c4:b6:b2:2b:ce:4f:26:71:13:eb:10:f2:
                    b9:41:35:d0:e5:ae:33:4e:b3:fe:50:9f:a8:3f:05:
                    41:40:ae:d8:c1:91:c2:1c:d2:8b:fc:54:5f:3a:e1:
                    46:57:42:c3:1c:c0:e8:fd:8d:10:e1:43:55:7b:5b:
                    9e:ef:a3:35:e8:d9:fc:94:9a:ee:9d:bb:b9:9b:d8:
                    6c:25:ea:1e:a5:20:c9:82:3e:66:3f:23:1a:75:58:
                    d8:c5:58:71:b0:20:5f:88:dd:f5:e8:72:54:fd:91:
                    c8:f9:9a:47:07:1f:34:0b:e7:85:bd:af:bb:b0:51:
                    9e:56:63:f9:fe:b2:3b:69:4e:be:fd:02:7c:dd:c5:
                    f4:fd:06:d4:08:ab:63:4c:1c:99:32:aa:04:47:a4:
                    17:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:11:E6:24:3D:73:55:86:20:AB:07:D6:85:15:27:92:03:D7:4E:EF
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/hBHmJD1zVYYgqwfWhRUnkgPXTu8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:4b:d3:f5:6f:d3:f5:02:69:97:bb:23:98:37:49:3b:06:d8:
         a5:96:b5:a8:c9:63:f7:68:05:6c:99:83:c9:c4:6e:00:3a:d9:
         ee:41:b3:e5:52:79:cb:6d:46:25:73:a0:a7:12:d6:3b:07:2a:
         4f:e7:ee:93:03:49:51:c4:69:40:77:03:3b:a0:41:88:60:1f:
         61:cf:7c:58:be:b8:62:07:47:53:16:54:98:cc:fb:7c:9a:39:
         02:8a:2d:e5:74:5a:a9:a6:a5:10:52:e9:5f:d6:d4:72:bb:00:
         ac:7b:9d:13:c8:2c:2f:76:f4:61:28:c0:44:4f:ff:e1:77:48:
         89:7f:0a:38:ec:eb:cb:2d:68:e5:7e:13:4c:d6:af:aa:f4:5d:
         be:51:d6:85:c2:8f:3e:89:6f:9b:c2:48:28:28:41:62:84:da:
         e0:de:a7:e5:e3:4b:8c:22:e4:4b:42:f2:39:08:f9:14:fe:57:
         fa:9f:51:44:67:4a:ed:f2:0b:20:f6:3d:f3:37:7b:5a:69:d0:
         ae:7c:ca:69:ee:1f:3d:07:53:e7:e3:e7:86:a9:e7:c8:03:b7:
         ad:7e:d3:2a:84:32:27:c7:e0:16:5d:7d:d1:a0:72:de:7e:ca:
         bf:5c:ad:ad:ed:35:7c:88:8d:e5:ca:bf:1f:90:a1:2a:dc:6e:
         de:3a:18:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzj/oSiRGEWjCIKq6izu7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDExZTYyNDNkNzM1NTg2MjBhYjA3ZDY4NTE1Mjc5MjAzZDc0ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdU+gCEMv600p22MhTFdwqofkc78
gfb0BbjF6fjw4ZY3JDk62ULiKOfCsMFA1oxYKFC1jXjKwCd59Z2PSMnkCvL6xyju
eazcp5VgKt82xJEm2axYtnZrSDlk4NcRn/B6ZPbVunovCqggN3TEtrIrzk8mcRPr
EPK5QTXQ5a4zTrP+UJ+oPwVBQK7YwZHCHNKL/FRfOuFGV0LDHMDo/Y0Q4UNVe1ue
76M16Nn8lJrunbu5m9hsJeoepSDJgj5mPyMadVjYxVhxsCBfiN316HJU/ZHI+ZpH
Bx80C+eFva+7sFGeVmP5/rI7aU6+/QJ83cX0/QbUCKtjTByZMqoER6QXBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQR5iQ9c1WGIKsH1oUVJ5ID107vMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvaEJIbUpEMXpWWVlncXdmV2hSVW5rZ1BYVHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubpAMA0G
CSqGSIb3DQEBCwUAA4IBAQBwS9P1b9P1AmmXuyOYN0k7BtillrWoyWP3aAVsmYPJ
xG4AOtnuQbPlUnnLbUYlc6CnEtY7BypP5+6TA0lRxGlAdwM7oEGIYB9hz3xYvrhi
B0dTFlSYzPt8mjkCii3ldFqppqUQUulf1tRyuwCse50TyCwvdvRhKMBET//hd0iJ
fwo47OvLLWjlfhNM1q+q9F2+UdaFwo8+iW+bwkgoKEFihNrg3qfl40uMIuRLQvI5
CPkU/lf6n1FEZ0rt8gsg9j3zN3taadCufMpp7h89B1Pn4+eGqefIA7etftMqhDIn
x+AWXX3RoHLefsq/XK2t7TV8iI3lyr8fkKEq3G7eOhju
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org