Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/hin1THMf1t2JERVxgiXcX9pbs1Y.roa
File:                     hin1THMf1t2JERVxgiXcX9pbs1Y.roa (raw, json)
Hash identifier:          hWW2w135lVSqBXLA229/n6b5ksOuf02HcskI1wQkwVc=
Subject key identifier:   86:29:F5:4C:73:1F:D6:DD:89:11:15:71:82:25:DC:5F:DA:5B:B3:56
Certificate issuer:       /CN=ce00e112c03f695f9f25d3b72bb23a4c34ed2138
Certificate serial:       01856D13AF9E5EB86D94B76FAF2E8D60E442
Authority key identifier: CE:00:E1:12:C0:3F:69:5F:9F:25:D3:B7:2B:B2:3A:4C:34:ED:21:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgDhEsA_aV-fJdO3K7I6TDTtITg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/hin1THMf1t2JERVxgiXcX9pbs1Y.roa
Signing time:             Sun 01 Jan 2023 11:24:44 +0000
ROA not before:           Sun 01 Jan 2023 11:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9021
IP address blocks:        185.237.68.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:af:9e:5e:b8:6d:94:b7:6f:af:2e:8d:60:e4:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce00e112c03f695f9f25d3b72bb23a4c34ed2138
        Validity
            Not Before: Jan  1 11:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8629f54c731fd6dd891115718225dc5fda5bb356
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:a7:4c:b6:d7:59:b3:92:d1:9f:76:e4:d7:7e:
                    39:ac:91:07:25:c1:ad:7b:bf:ad:60:b9:61:7c:75:
                    82:2e:f3:4a:fe:ef:e9:80:71:a5:4b:2a:41:e2:9c:
                    b8:2b:0e:e1:4b:42:c2:00:ec:f6:23:6d:ba:cd:a5:
                    b3:52:6a:9d:a3:73:72:88:d8:06:80:3a:34:40:41:
                    92:84:73:ec:a1:3a:84:c5:78:08:46:6f:45:ea:ca:
                    1d:e2:e9:33:f2:24:23:aa:f5:ee:c0:1a:05:b3:4a:
                    a8:01:4d:4f:f5:1b:bd:34:d1:32:30:5a:c0:4c:b1:
                    15:0b:2e:66:14:69:25:c7:06:1a:89:ce:8f:fb:a8:
                    8e:c9:fc:92:5e:f6:31:d3:fb:8b:f1:74:18:71:64:
                    0e:61:c2:a2:bf:a9:3b:d1:25:b7:a2:0c:bb:11:e6:
                    f5:6a:22:fb:0e:c4:1c:2e:da:77:c4:a5:cd:86:40:
                    eb:7f:43:de:e2:24:47:63:0d:b2:5a:12:62:8c:c3:
                    e0:3b:7f:d9:45:bf:31:dd:ba:d1:30:a7:24:d9:3b:
                    4e:74:ee:60:31:e6:e5:68:93:0e:4d:af:96:89:26:
                    de:b5:0c:0d:68:78:ea:53:fb:d1:cf:00:2e:2a:e6:
                    ed:e2:ad:7a:b3:2a:a2:53:4b:b0:a2:07:ca:a0:61:
                    43:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:29:F5:4C:73:1F:D6:DD:89:11:15:71:82:25:DC:5F:DA:5B:B3:56
            X509v3 Authority Key Identifier:
                keyid:CE:00:E1:12:C0:3F:69:5F:9F:25:D3:B7:2B:B2:3A:4C:34:ED:21:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgDhEsA_aV-fJdO3K7I6TDTtITg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/hin1THMf1t2JERVxgiXcX9pbs1Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/zgDhEsA_aV-fJdO3K7I6TDTtITg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.237.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:59:f0:aa:c8:e9:44:89:a7:c0:39:a6:10:f2:d3:ab:80:0e:
         b0:34:f5:6a:e7:e8:77:2b:7e:d0:e5:df:57:4b:35:c0:a7:e7:
         10:57:11:eb:aa:ac:79:d4:57:1c:29:fe:7e:a2:74:d0:25:14:
         93:aa:c6:1f:74:58:64:e4:96:01:04:48:7d:b8:e7:10:2d:35:
         57:fd:7e:2d:08:9e:06:c1:0b:ee:f3:21:75:d9:f2:ba:85:8c:
         2e:77:2b:dc:11:8d:a2:af:72:72:c9:27:b3:0b:38:1c:a7:15:
         89:78:90:72:72:88:7e:ba:e0:48:7d:6c:8a:f5:e9:4d:2a:0f:
         48:41:e0:c5:da:e8:9c:16:c3:85:09:aa:8c:69:29:2e:63:c4:
         64:54:9f:70:4a:aa:66:34:19:e5:4b:46:81:c8:df:26:51:ef:
         ab:33:d8:bc:65:dd:97:9e:ce:2a:bb:57:08:cc:0c:a1:34:dc:
         1e:be:c6:9e:47:a5:b4:2d:c5:dd:e0:79:ee:4e:93:c0:0f:41:
         9d:a2:a5:06:bc:b6:61:8a:94:9a:e8:4e:f8:3d:93:07:3a:16:
         c2:69:cb:d2:de:2e:40:a7:53:96:8f:21:fd:f9:dc:e7:d5:78:
         9c:80:8e:64:af:01:97:23:d4:ee:47:f0:80:d4:cf:58:b5:3c:
         70:75:76:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE6+eXrhtlLdvry6NYORCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDBlMTEyYzAzZjY5NWY5ZjI1ZDNiNzJiYjIzYTRjMzRl
ZDIxMzgwHhcNMjMwMTAxMTEyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI5ZjU0YzczMWZkNmRkODkxMTE1NzE4MjI1ZGM1ZmRhNWJiMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkadMttdZs5LRn3bk1345rJEHJcGt
e7+tYLlhfHWCLvNK/u/pgHGlSypB4py4Kw7hS0LCAOz2I226zaWzUmqdo3NyiNgG
gDo0QEGShHPsoTqExXgIRm9F6sod4ukz8iQjqvXuwBoFs0qoAU1P9Ru9NNEyMFrA
TLEVCy5mFGklxwYaic6P+6iOyfySXvYx0/uL8XQYcWQOYcKiv6k70SW3ogy7Eeb1
aiL7DsQcLtp3xKXNhkDrf0Pe4iRHYw2yWhJijMPgO3/ZRb8x3brRMKck2TtOdO5g
MeblaJMOTa+WiSbetQwNaHjqU/vRzwAuKubt4q16syqiU0uwogfKoGFDJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYp9UxzH9bdiREVcYIl3F/aW7NWMB8GA1UdIwQY
MBaAFM4A4RLAP2lfnyXTtyuyOkw07SE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdEaEVzQV9hVi1mSmRPM0s3STZURFR0SVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xMDBjMjUtZTAyNS00NWVmLTkwYTkt
ZjM0NjNmYzcyY2I1LzEvaGluMVRITWYxdDJKRVJWeGdpWGNYOXBiczFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xMDBjMjUtZTAyNS00NWVmLTkwYTktZjM0NjNmYzcyY2I1
LzEvemdEaEVzQV9hVi1mSmRPM0s3STZURFR0SVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue1EMA0G
CSqGSIb3DQEBCwUAA4IBAQAQWfCqyOlEiafAOaYQ8tOrgA6wNPVq5+h3K37Q5d9X
SzXAp+cQVxHrqqx51FccKf5+onTQJRSTqsYfdFhk5JYBBEh9uOcQLTVX/X4tCJ4G
wQvu8yF12fK6hYwudyvcEY2ir3JyySezCzgcpxWJeJBycoh+uuBIfWyK9elNKg9I
QeDF2uicFsOFCaqMaSkuY8RkVJ9wSqpmNBnlS0aByN8mUe+rM9i8Zd2Xns4qu1cI
zAyhNNwevsaeR6W0LcXd4HnuTpPAD0GdoqUGvLZhipSa6E74PZMHOhbCacvS3i5A
p1OWjyH9+dzn1XicgI5krwGXI9TuR/CA1M9YtTxwdXbL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:59 2024 by rpki-client on console-fra.rpki-client.org