Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/hCHbuHCYFbOL7RF7dKnqs_EaOw4.roa
File:                     hCHbuHCYFbOL7RF7dKnqs_EaOw4.roa (raw, json)
Hash identifier:          Ry6pBGD+36cLCB3tdatruO6JUrluhf7hCLATgm1vHOQ=
Subject key identifier:   84:21:DB:B8:70:98:15:B3:8B:ED:11:7B:74:A9:EA:B3:F1:1A:3B:0E
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       0185ED665511EE18BAE9B130969E7BE9B25F
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/hCHbuHCYFbOL7RF7dKnqs_EaOw4.roa
Signing time:             Thu 26 Jan 2023 09:26:24 +0000
ROA not before:           Thu 26 Jan 2023 09:26:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200224
IP address blocks:        2a0e:8f02:f053::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ed:66:55:11:ee:18:ba:e9:b1:30:96:9e:7b:e9:b2:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan 26 09:26:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8421dbb8709815b38bed117b74a9eab3f11a3b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:72:1a:84:ab:ef:aa:96:d6:e7:64:de:5d:c3:
                    ee:ef:4b:bb:90:14:9d:45:2d:80:53:47:58:c3:6a:
                    1b:10:8a:b5:07:7b:77:71:7e:70:7f:89:1f:11:27:
                    35:9a:db:c1:4e:d9:0f:90:68:23:f2:c1:2c:5c:d3:
                    19:20:69:b4:d8:df:66:ba:a1:b8:8f:64:07:f9:1c:
                    b0:ff:ec:8e:87:8f:61:d2:57:8c:15:4f:7c:12:17:
                    bc:e0:ec:f4:b5:77:48:2e:c7:6c:56:d5:ad:47:99:
                    be:48:d8:cd:95:a6:d4:b5:25:dd:e2:26:de:13:ea:
                    a8:bd:30:69:3b:b8:02:df:c9:80:26:33:6f:05:f3:
                    b1:bb:0c:5b:a7:d5:0f:bc:23:61:83:32:3a:4d:1e:
                    f0:1e:d2:16:71:83:6f:f9:44:41:2b:e7:35:50:c7:
                    f7:da:7e:f7:3e:8c:9e:b7:c1:3d:a7:30:5b:08:f5:
                    86:4c:d7:fa:b8:79:2e:64:70:fa:cf:ff:29:9e:bb:
                    96:0e:79:a2:88:6e:38:f9:b6:61:65:53:01:ad:fd:
                    46:8c:16:5d:e1:28:04:04:b1:ba:97:6e:88:e1:16:
                    37:1f:c0:4e:b1:37:22:24:14:8e:70:4a:f9:8e:b6:
                    6f:1f:d0:bc:36:3d:b8:46:33:d6:4c:f7:3c:45:25:
                    a3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:21:DB:B8:70:98:15:B3:8B:ED:11:7B:74:A9:EA:B3:F1:1A:3B:0E
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/hCHbuHCYFbOL7RF7dKnqs_EaOw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f053::/48

    Signature Algorithm: sha256WithRSAEncryption
         85:f9:51:11:29:fa:7c:1a:e8:cf:bd:db:52:5d:57:02:b7:f2:
         08:05:ef:c5:fc:4d:d2:6c:da:3a:ec:56:ae:2d:6d:3f:cc:4a:
         ab:26:43:24:e0:ff:8c:d0:c4:43:3d:b7:af:ca:ea:cb:b0:ba:
         7d:2e:0a:06:7e:05:22:95:df:e5:c6:c3:c3:e2:31:74:73:3a:
         66:a5:d0:2c:41:7d:c8:e1:f6:a3:51:0d:1c:1a:f4:30:32:aa:
         7b:02:d1:9c:89:ae:42:ac:05:ff:58:0f:04:6c:94:23:f7:83:
         0e:00:2d:6c:37:a5:86:4d:66:b0:93:2c:bb:d6:0d:92:44:71:
         eb:7d:95:23:65:dc:f5:e6:9a:70:be:60:a9:01:28:0d:08:b5:
         e6:cc:c3:95:aa:8c:60:2a:af:eb:84:eb:d8:40:4e:91:36:a6:
         ae:a4:db:ca:1a:26:c3:f6:3d:3f:7c:84:35:c9:82:35:d4:4e:
         47:a8:1e:87:14:7f:76:4b:49:b9:c2:a9:59:b7:21:cb:50:9d:
         06:77:40:d7:9b:9d:fe:5f:b6:2a:c0:aa:f1:d0:03:7c:07:30:
         84:a6:1f:10:07:59:d2:43:34:3c:59:2e:69:45:a5:6c:1c:c5:
         bf:f5:5a:b9:cc:23:34:53:51:2b:4a:57:95:49:9f:7c:90:5b:
         78:82:8c:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXtZlUR7hi66bEwlp576bJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTI2MDkyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDIxZGJiODcwOTgxNWIzOGJlZDExN2I3NGE5ZWFiM2YxMWEzYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3IahKvvqpbW52TeXcPu70u7kBSd
RS2AU0dYw2obEIq1B3t3cX5wf4kfESc1mtvBTtkPkGgj8sEsXNMZIGm02N9muqG4
j2QH+Ryw/+yOh49h0leMFU98Ehe84Oz0tXdILsdsVtWtR5m+SNjNlabUtSXd4ibe
E+qovTBpO7gC38mAJjNvBfOxuwxbp9UPvCNhgzI6TR7wHtIWcYNv+URBK+c1UMf3
2n73Poyet8E9pzBbCPWGTNf6uHkuZHD6z/8pnruWDnmiiG44+bZhZVMBrf1GjBZd
4SgEBLG6l26I4RY3H8BOsTciJBSOcEr5jrZvH9C8Nj24RjPWTPc8RSWjDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIQh27hwmBWzi+0Re3Sp6rPxGjsOMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvaENIYnVIQ1lGYk9MN1JGN2RLbnFzX0VhT3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBT
MA0GCSqGSIb3DQEBCwUAA4IBAQCF+VERKfp8GujPvdtSXVcCt/IIBe/F/E3SbNo6
7FauLW0/zEqrJkMk4P+M0MRDPbevyurLsLp9LgoGfgUild/lxsPD4jF0czpmpdAs
QX3I4fajUQ0cGvQwMqp7AtGcia5CrAX/WA8EbJQj94MOAC1sN6WGTWawkyy71g2S
RHHrfZUjZdz15ppwvmCpASgNCLXmzMOVqoxgKq/rhOvYQE6RNqaupNvKGibD9j0/
fIQ1yYI11E5HqB6HFH92S0m5wqlZtyHLUJ0Gd0DXm53+X7YqwKrx0AN8BzCEph8Q
B1nSQzQ8WS5pRaVsHMW/9Vq5zCM0U1ErSleVSZ98kFt4goyz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org