Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1hq0Y9bPWRWgbLvbklMoJCWgqDA.roa
File:                     1hq0Y9bPWRWgbLvbklMoJCWgqDA.roa (raw, json)
Hash identifier:          XhNJeUwV8JivXHpYX7Y8oh0hYaSEz2C2MOBdp8dUqtM=
Subject key identifier:   D6:1A:B4:63:D6:CF:59:15:A0:6C:BB:DB:92:53:28:24:25:A0:A8:30
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       018573038F04C2C0BA53DEB4544DB637C998
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1hq0Y9bPWRWgbLvbklMoJCWgqDA.roa
Signing time:             Mon 02 Jan 2023 15:04:51 +0000
ROA not before:           Mon 02 Jan 2023 15:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201814
IP address blocks:        109.105.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:03:8f:04:c2:c0:ba:53:de:b4:54:4d:b6:37:c9:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jan  2 15:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d61ab463d6cf5915a06cbbdb9253282425a0a830
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3d:93:13:e3:eb:3a:56:40:84:4d:14:95:4f:
                    95:34:d3:44:85:09:49:50:21:f7:10:eb:55:fd:27:
                    41:28:d0:d8:17:c6:87:b3:46:fd:5a:2f:d7:74:41:
                    7f:62:65:a2:7a:f8:4a:80:16:2e:5b:77:f4:f2:44:
                    71:9a:76:d2:94:8a:96:d9:0f:91:aa:a5:06:16:6b:
                    54:95:bd:ab:84:23:59:c0:2f:6f:16:99:00:1a:cb:
                    25:b7:d9:e6:0c:13:f7:d3:f8:3e:95:bf:4d:20:73:
                    93:f2:fa:f6:57:28:ae:03:ca:f4:36:0c:ee:a5:9a:
                    51:ce:91:a0:58:c4:33:0a:32:97:76:f4:58:de:b5:
                    f7:82:51:08:dc:c6:08:c8:8a:2b:9f:d3:45:90:11:
                    41:f5:28:1c:df:a2:76:99:82:7b:86:11:91:59:99:
                    19:42:8a:0c:13:60:ee:09:35:e3:c4:0c:96:e9:25:
                    07:cf:41:5c:97:3a:ec:7d:78:21:dc:e8:17:d7:4a:
                    78:15:f6:73:5d:51:d4:08:fa:94:ea:e2:8e:6b:5d:
                    d9:9c:16:d9:06:98:23:49:4c:4b:aa:3e:03:81:f5:
                    cb:12:f7:6e:9f:d9:dd:e6:be:9f:ef:62:67:0b:27:
                    94:2f:b0:cb:13:c3:e5:59:f2:2e:e1:0f:d9:43:0d:
                    5d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:1A:B4:63:D6:CF:59:15:A0:6C:BB:DB:92:53:28:24:25:A0:A8:30
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1hq0Y9bPWRWgbLvbklMoJCWgqDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:5b:d7:4b:eb:4c:31:24:f2:9c:7f:d5:fb:0f:1f:70:f7:82:
         0d:50:00:7c:78:3d:12:61:97:97:ec:6d:e1:be:75:f7:13:5d:
         73:d5:86:08:5c:96:47:43:eb:60:7a:59:ee:fe:f1:e9:f1:fe:
         c4:7e:64:71:f8:80:aa:1e:94:cf:8a:dd:d4:28:75:08:0e:39:
         16:49:10:49:b7:45:f6:1a:71:be:b5:c7:9f:0e:7b:fe:74:38:
         b2:8f:66:24:28:81:52:8b:f8:63:e7:d6:c1:ee:ad:34:b9:3e:
         ae:d9:ef:54:4d:27:fb:bf:ca:cc:4e:60:ea:d9:85:c0:d8:d2:
         09:98:6c:a5:d2:78:2b:2e:31:a8:eb:e1:43:5d:e3:fb:e7:27:
         49:e0:e3:bb:db:dc:5a:f3:49:9a:04:ac:4f:da:11:2a:12:97:
         62:81:d7:92:1f:dc:8a:5f:9c:53:49:88:fd:88:3a:cb:f9:c5:
         c3:a7:e4:03:da:1a:91:b4:af:02:d2:d5:e4:6a:0b:ec:ab:09:
         e9:73:fc:84:62:37:9a:b4:5f:18:85:24:62:bb:ec:9d:c4:2e:
         d2:ff:c9:64:f8:6a:ad:c1:db:e9:19:f0:73:e6:00:92:14:8c:
         3b:b2:10:0a:6e:62:d0:d9:2d:c2:29:a9:93:74:fb:ee:1f:f9:
         fa:52:1f:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA48EwsC6U960VE22N8mYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTAyMTUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFhYjQ2M2Q2Y2Y1OTE1YTA2Y2JiZGI5MjUzMjgyNDI1YTBhODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz2TE+PrOlZAhE0UlU+VNNNEhQlJ
UCH3EOtV/SdBKNDYF8aHs0b9Wi/XdEF/YmWievhKgBYuW3f08kRxmnbSlIqW2Q+R
qqUGFmtUlb2rhCNZwC9vFpkAGsslt9nmDBP30/g+lb9NIHOT8vr2VyiuA8r0Ngzu
pZpRzpGgWMQzCjKXdvRY3rX3glEI3MYIyIorn9NFkBFB9Sgc36J2mYJ7hhGRWZkZ
QooME2DuCTXjxAyW6SUHz0FclzrsfXgh3OgX10p4FfZzXVHUCPqU6uKOa13ZnBbZ
BpgjSUxLqj4DgfXLEvdun9nd5r6f72JnCyeUL7DLE8PlWfIu4Q/ZQw1dwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYatGPWz1kVoGy725JTKCQloKgwMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvMWhxMFk5YlBXUldnYkx2YmtsTW9KQ1dncURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnCMA0G
CSqGSIb3DQEBCwUAA4IBAQBuW9dL60wxJPKcf9X7Dx9w94INUAB8eD0SYZeX7G3h
vnX3E11z1YYIXJZHQ+tgelnu/vHp8f7EfmRx+ICqHpTPit3UKHUIDjkWSRBJt0X2
GnG+tcefDnv+dDiyj2YkKIFSi/hj59bB7q00uT6u2e9UTSf7v8rMTmDq2YXA2NIJ
mGyl0ngrLjGo6+FDXeP75ydJ4OO729xa80maBKxP2hEqEpdigdeSH9yKX5xTSYj9
iDrL+cXDp+QD2hqRtK8C0tXkagvsqwnpc/yEYjeatF8YhSRiu+ydxC7S/8lk+Gqt
wdvpGfBz5gCSFIw7shAKbmLQ2S3CKamTdPvuH/n6Uh8S
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org