Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/hBYh_EMylee9mp6IGw5B9DjqVk0.roa
File:                     hBYh_EMylee9mp6IGw5B9DjqVk0.roa (raw, json)
Hash identifier:          oB+T1gQbBCAEpKIUfgn+MTfV9ipsiupxP+4TlDbC1oM=
Subject key identifier:   84:16:21:FC:43:32:95:E7:BD:9A:9E:88:1B:0E:41:F4:38:EA:56:4D
Certificate issuer:       /CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Certificate serial:       01877B4304B2AE54FAB3E952C211116A5457
Authority key identifier: D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/hBYh_EMylee9mp6IGw5B9DjqVk0.roa
Signing time:             Thu 13 Apr 2023 15:36:42 +0000
ROA not before:           Thu 13 Apr 2023 15:36:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29063
IP address blocks:        212.159.224.0/19 maxlen: 19
                          212.159.192.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Wed 19 Jul 2023 13:35:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7b:43:04:b2:ae:54:fa:b3:e9:52:c2:11:11:6a:54:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
        Validity
            Not Before: Apr 13 15:36:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=841621fc433295e7bd9a9e881b0e41f438ea564d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:72:42:c5:39:82:cc:6c:4c:b6:46:de:ca:1f:
                    cf:17:48:86:ea:fb:68:b1:2e:c7:7b:d2:4e:c4:6a:
                    b2:3e:0e:eb:f4:54:a8:4a:fe:55:90:71:50:ee:fe:
                    cc:44:08:86:51:ed:10:a1:d6:e8:71:26:f1:1e:2c:
                    3b:e7:e5:50:fc:f1:0b:bd:6c:f2:05:d4:2c:66:80:
                    e0:7d:5a:3c:fd:82:42:98:30:f8:19:9a:3e:f1:31:
                    ee:72:84:91:4c:8a:b6:1d:47:5a:58:7e:98:43:4c:
                    23:86:e5:89:16:e2:a8:2b:c4:5d:fc:e5:ce:2b:ae:
                    fb:1c:58:60:e1:98:eb:75:c1:9f:01:24:a9:81:8d:
                    65:12:53:72:51:4f:4f:63:b6:ac:52:28:a9:fc:22:
                    f3:6c:a4:26:c7:64:f6:1b:f0:05:46:f0:c0:41:46:
                    50:56:ae:76:a8:53:92:8c:84:61:70:18:36:0b:6c:
                    1e:c9:00:e6:15:34:d6:f6:15:e4:35:64:9a:0f:85:
                    13:55:6e:73:7b:16:d5:df:dd:b6:60:d4:55:fb:08:
                    a2:92:56:be:3e:e9:6e:80:88:3c:2f:62:b8:c7:ea:
                    32:b0:7c:1a:b9:74:d1:eb:bf:4b:eb:cf:e8:c3:34:
                    1b:ea:e3:01:c4:ad:54:4a:14:3c:b8:99:43:34:f8:
                    29:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:16:21:FC:43:32:95:E7:BD:9A:9E:88:1B:0E:41:F4:38:EA:56:4D
            X509v3 Authority Key Identifier:
                keyid:D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/hBYh_EMylee9mp6IGw5B9DjqVk0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.159.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         1a:20:b5:18:d7:3e:dc:eb:f2:cb:e0:d5:03:8d:44:aa:9b:6e:
         57:1e:89:d6:4b:72:31:af:54:25:94:05:4f:c8:0a:ef:43:36:
         f3:72:d0:6a:06:b5:5b:1f:0d:d2:c7:c6:47:37:c3:fa:41:c5:
         52:bb:37:c7:10:e1:f5:02:8f:1c:06:68:96:72:23:d8:99:6d:
         0f:f4:cc:8b:9d:be:ea:6b:b1:76:25:e4:2c:82:2b:ad:a9:5e:
         f2:cb:90:db:bb:2d:25:40:8b:23:8e:70:07:7e:9d:95:3e:a6:
         4b:d7:98:62:55:74:a5:3f:e5:89:6d:1e:66:3e:59:3e:90:47:
         02:51:ee:e5:5f:ce:9e:c1:8c:e5:29:10:e7:d4:28:ee:70:03:
         1c:f9:57:8a:23:9a:75:a0:88:38:a2:ce:68:f1:6e:b0:e1:b3:
         81:70:5c:73:7a:2e:85:70:44:e1:86:7a:4c:94:ff:be:40:88:
         00:bb:24:6c:aa:8e:c8:51:04:e2:e8:98:41:29:b8:b5:5a:16:
         fd:39:aa:3b:06:02:ab:a5:b0:71:43:7f:41:44:8f:28:59:75:
         fd:05:a3:c9:f0:28:aa:8d:82:55:df:86:fc:7e:41:68:de:e4:
         d4:b2:40:8d:4e:61:fd:d6:ae:c1:fb:7e:ed:9e:a4:15:98:38:
         ba:08:6a:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd7QwSyrlT6s+lSwhERalRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNmJmZDkyOGJjY2I0MmFkOWM0NjhhNTUyYWI3MzkzZmRk
ODcwOTUwHhcNMjMwNDEzMTUzNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDE2MjFmYzQzMzI5NWU3YmQ5YTllODgxYjBlNDFmNDM4ZWE1NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03JCxTmCzGxMtkbeyh/PF0iG6vto
sS7He9JOxGqyPg7r9FSoSv5VkHFQ7v7MRAiGUe0QodbocSbxHiw75+VQ/PELvWzy
BdQsZoDgfVo8/YJCmDD4GZo+8THucoSRTIq2HUdaWH6YQ0wjhuWJFuKoK8Rd/OXO
K677HFhg4ZjrdcGfASSpgY1lElNyUU9PY7asUiip/CLzbKQmx2T2G/AFRvDAQUZQ
Vq52qFOSjIRhcBg2C2weyQDmFTTW9hXkNWSaD4UTVW5zexbV3922YNRV+wiikla+
PulugIg8L2K4x+oysHwauXTR679L68/owzQb6uMBxK1UShQ8uJlDNPgpywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQWIfxDMpXnvZqeiBsOQfQ46lZNMB8GA1UdIwQY
MBaAFNNr/ZKLzLQq2cRopVKrc5P92HCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjkt
YTc0ZTRhODg3ODA0LzEvaEJZaF9FTXlsZWU5bXA2SUd3NUI5RGpxVmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjktYTc0ZTRhODg3ODA0
LzEvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG1J/AMA0G
CSqGSIb3DQEBCwUAA4IBAQAaILUY1z7c6/LL4NUDjUSqm25XHonWS3Ixr1QllAVP
yArvQzbzctBqBrVbHw3Sx8ZHN8P6QcVSuzfHEOH1Ao8cBmiWciPYmW0P9MyLnb7q
a7F2JeQsgiutqV7yy5Dbuy0lQIsjjnAHfp2VPqZL15hiVXSlP+WJbR5mPlk+kEcC
Ue7lX86ewYzlKRDn1CjucAMc+VeKI5p1oIg4os5o8W6w4bOBcFxzei6FcEThhnpM
lP++QIgAuyRsqo7IUQTi6JhBKbi1Whb9Oao7BgKrpbBxQ39BRI8oWXX9BaPJ8Ciq
jYJV34b8fkFo3uTUskCNTmH91q7B+37tnqQVmDi6CGrA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:05 2024 by rpki-client on console-ams.rpki-client.org