Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HFq21pvGJsVvXiZx8qPewKeK9eI.roa
File:                     HFq21pvGJsVvXiZx8qPewKeK9eI.roa (raw, json)
Hash identifier:          Ia7PWVswfd3roRduWA8Mztcd+2f60lPv9Du4DJESPAw=
Subject key identifier:   1C:5A:B6:D6:9B:C6:26:C5:6F:5E:26:71:F2:A3:DE:C0:A7:8A:F5:E2
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       01893EB051FDF67CF788592E5430067D0650
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HFq21pvGJsVvXiZx8qPewKeK9eI.roa
Signing time:             Mon 10 Jul 2023 07:24:49 +0000
ROA not before:           Mon 10 Jul 2023 07:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59729
IP address blocks:        91.243.44.0/22 maxlen: 22
                          5.188.10.0/23 maxlen: 23
                          46.161.26.0/24 maxlen: 24
                          5.8.66.0/23 maxlen: 23
                          91.243.52.0/22 maxlen: 22
                          91.243.56.0/22 maxlen: 22
                          46.161.28.0/22 maxlen: 22
                          46.161.41.0/24 maxlen: 24
                          91.243.32.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 12 Jul 2023 09:50:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3e:b0:51:fd:f6:7c:f7:88:59:2e:54:30:06:7d:06:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jul 10 07:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c5ab6d69bc626c56f5e2671f2a3dec0a78af5e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:3b:5e:53:85:e8:26:f9:77:5e:93:b4:b2:97:
                    e9:10:22:60:e7:ea:e6:86:ff:0a:0b:39:1d:ad:5c:
                    51:ba:e5:8f:4b:0d:93:d0:e0:8e:55:3c:2b:7c:c1:
                    24:a4:ac:de:82:b1:ea:5d:35:86:a4:ca:7c:d3:97:
                    3f:0a:1f:0b:45:31:7e:53:6d:28:7b:b1:71:54:32:
                    cb:e2:80:d8:07:71:df:24:58:c7:f9:db:cb:85:df:
                    3d:c4:07:e1:85:1a:a8:9b:c2:c7:4e:eb:68:b3:d7:
                    0a:11:a2:52:7b:66:df:0c:40:f3:e3:19:1c:ae:cc:
                    6b:53:99:c5:a9:41:82:cd:b5:27:71:05:22:e1:c2:
                    c5:f6:b0:47:d3:0b:75:3d:6b:a3:6f:1f:7d:4e:e3:
                    5c:eb:1d:a0:93:58:12:61:3b:8d:2b:d6:ec:b0:7e:
                    7a:bc:ce:4f:ea:e9:50:9f:11:f7:60:4f:42:ea:8c:
                    02:86:b0:3e:ad:7f:1f:40:72:1a:7d:35:6d:69:f5:
                    a6:7b:f7:46:d5:c5:26:e7:7c:eb:d9:ff:e3:51:da:
                    a2:31:04:14:e3:27:1f:4c:85:5e:2b:4a:99:f4:01:
                    08:65:19:5f:7e:ba:29:d1:9c:06:02:43:94:76:89:
                    c1:50:77:93:26:71:5b:f7:ec:05:4a:4e:7d:7b:7d:
                    c8:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:5A:B6:D6:9B:C6:26:C5:6F:5E:26:71:F2:A3:DE:C0:A7:8A:F5:E2
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HFq21pvGJsVvXiZx8qPewKeK9eI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.66.0/23
                  5.188.10.0/23
                  46.161.26.0/24
                  46.161.28.0/22
                  46.161.41.0/24
                  91.243.32.0/22
                  91.243.44.0/22
                  91.243.52.0-91.243.59.255

    Signature Algorithm: sha256WithRSAEncryption
         29:4c:3b:01:c0:fe:c7:81:c8:3d:c6:0c:d9:f7:78:ba:16:5f:
         99:f8:8a:8d:45:f0:2f:39:d9:9a:b6:9c:ce:ec:ac:3a:6a:ce:
         b7:4e:df:eb:a5:89:22:1d:8d:40:a2:87:94:5d:df:be:a9:78:
         02:5d:0f:a9:f6:dd:9e:f0:3d:d5:85:04:b1:4d:35:69:ed:0f:
         47:78:7e:8f:c7:b4:9b:54:8e:73:80:32:e7:fa:87:0f:b2:e4:
         1e:00:50:12:49:71:f6:ad:cb:84:4c:df:97:4c:ea:6a:d3:35:
         74:2b:6c:97:32:06:36:04:68:32:68:b1:34:10:80:31:33:47:
         88:18:bb:2b:d6:f7:71:52:72:a5:79:49:c3:e3:5d:b5:3b:65:
         73:66:d7:36:50:6b:f1:3a:b8:0f:ec:17:8c:c0:8b:9c:18:84:
         d9:14:d1:6f:d6:05:3a:ef:8f:80:9a:b7:b4:0f:af:ca:6d:65:
         a9:67:74:3a:3b:04:9a:04:d4:d4:04:ee:df:59:b5:bb:2d:9f:
         bf:35:fb:34:63:53:51:f4:7c:40:71:9c:07:58:38:6c:73:2a:
         cb:e8:55:d4:8a:62:87:66:dd:31:f8:ed:ee:d6:73:31:e1:71:
         45:2a:af:6f:99:9a:c2:f6:45:5d:f5:16:4c:13:aa:d2:a1:03:
         c3:bc:73:8d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYk+sFH99nz3iFkuVDAGfQZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwNzEwMDcyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVhYjZkNjliYzYyNmM1NmY1ZTI2NzFmMmEzZGVjMGE3OGFmNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTteU4XoJvl3XpO0spfpECJg5+rm
hv8KCzkdrVxRuuWPSw2T0OCOVTwrfMEkpKzegrHqXTWGpMp805c/Ch8LRTF+U20o
e7FxVDLL4oDYB3HfJFjH+dvLhd89xAfhhRqom8LHTutos9cKEaJSe2bfDEDz4xkc
rsxrU5nFqUGCzbUncQUi4cLF9rBH0wt1PWujbx99TuNc6x2gk1gSYTuNK9bssH56
vM5P6ulQnxH3YE9C6owChrA+rX8fQHIafTVtafWme/dG1cUm53zr2f/jUdqiMQQU
4ycfTIVeK0qZ9AEIZRlffrop0ZwGAkOUdonBUHeTJnFb9+wFSk59e33IIQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBxattabxibFb14mcfKj3sCnivXiMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvSEZxMjFwdkdKc1Z2WGlaeDhxUGV3S2VLOWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBBQhCAwQB
BbwKAwQALqEaAwQCLqEcAwQALqEpAwQCW/MgAwQCW/MsMAwDBAJb8zQDBAJb8zgw
DQYJKoZIhvcNAQELBQADggEBAClMOwHA/seByD3GDNn3eLoWX5n4io1F8C852Zq2
nM7srDpqzrdO3+uliSIdjUCih5Rd376peAJdD6n23Z7wPdWFBLFNNWntD0d4fo/H
tJtUjnOAMuf6hw+y5B4AUBJJcfaty4RM35dM6mrTNXQrbJcyBjYEaDJosTQQgDEz
R4gYuyvW93FScqV5ScPjXbU7ZXNm1zZQa/E6uA/sF4zAi5wYhNkU0W/WBTrvj4Ca
t7QPr8ptZalndDo7BJoE1NQE7t9Ztbstn781+zRjU1H0fEBxnAdYOGxzKsvoVdSK
Yodm3TH47e7WczHhcUUqr2+ZmsL2RV31FkwTqtKhA8O8c40=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:28 2024 by rpki-client on console-fra.rpki-client.org