Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/HmbaD2FVPS8VVJIxpUVvfjoMMYQ.roa
File:                     HmbaD2FVPS8VVJIxpUVvfjoMMYQ.roa (raw, json)
Hash identifier:          TcHM2AcoTyQq3UVby16EplwUPVnPt3T4re6wS9VOYxQ=
Subject key identifier:   1E:66:DA:0F:61:55:3D:2F:15:54:92:31:A5:45:6F:7E:3A:0C:31:84
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       018BDCDA62D18722003F0BD724DE5F0708B2
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/HmbaD2FVPS8VVJIxpUVvfjoMMYQ.roa
Signing time:             Fri 17 Nov 2023 10:36:21 +0000
ROA not before:           Fri 17 Nov 2023 10:36:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        89.23.92.0/24 maxlen: 24
                          89.23.84.0/24 maxlen: 24
                          89.23.85.0/24 maxlen: 24
                          89.23.80.0/24 maxlen: 24
                          89.23.81.0/24 maxlen: 24
                          89.23.79.0/24 maxlen: 24
                          89.23.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 Nov 2023 07:58:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:dc:da:62:d1:87:22:00:3f:0b:d7:24:de:5f:07:08:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Nov 17 10:36:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e66da0f61553d2f15549231a5456f7e3a0c3184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:86:8b:1a:50:1c:04:bd:12:42:f4:f1:b9:f6:
                    1d:ed:8d:fb:9c:8b:55:d7:f1:ce:5e:f6:ff:b3:96:
                    f6:97:33:72:6c:14:eb:54:2d:fa:23:d2:0f:d8:22:
                    51:18:ed:ab:a7:71:50:ea:fc:46:a2:36:52:98:12:
                    e8:e9:25:9c:27:67:90:ea:a9:6b:b8:7c:0f:2c:aa:
                    4b:b4:df:82:4f:8d:06:44:14:e5:f8:e5:e0:d1:31:
                    a3:0f:e1:34:70:a7:fd:86:dc:0a:14:fb:6a:d7:fd:
                    e0:ff:78:c1:cf:41:86:9f:e6:da:26:b9:41:e9:16:
                    ac:58:67:81:05:8b:0c:c0:29:d1:11:84:67:0a:23:
                    b8:7d:d5:5b:e4:61:66:56:5d:d1:3c:80:b0:b5:e6:
                    17:6d:87:14:05:db:b5:1f:5d:7d:46:43:1a:6b:e2:
                    63:27:7d:09:55:7c:5f:52:05:a0:41:9d:95:52:7a:
                    f8:85:0b:dc:21:da:a4:43:c5:a1:5d:7a:e1:a5:d6:
                    4b:12:19:b3:41:07:1c:09:7d:6f:56:af:71:2e:73:
                    67:aa:92:8d:5f:bc:d2:6e:41:a9:0c:a2:e6:4f:7c:
                    e1:0b:94:f1:96:fb:e5:83:69:2a:18:30:c8:b2:ba:
                    2a:28:d4:d5:38:4d:3f:5d:46:4d:bd:2f:00:92:98:
                    6a:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:66:DA:0F:61:55:3D:2F:15:54:92:31:A5:45:6F:7E:3A:0C:31:84
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/HmbaD2FVPS8VVJIxpUVvfjoMMYQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.23.79.0-89.23.81.255
                  89.23.84.0/23
                  89.23.87.0/24
                  89.23.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:1e:0d:ed:da:78:66:3f:72:78:15:56:46:6d:6b:0f:87:fb:
         bc:7b:e7:41:6b:b7:d8:eb:f2:c8:8a:9e:39:c8:0f:f3:47:1b:
         f2:9e:6e:e8:37:40:ab:19:6a:25:6b:96:bc:b0:19:9d:93:fc:
         34:fe:d1:ae:1a:05:02:7d:0b:1a:fa:a3:74:2d:a4:17:f8:ee:
         bf:bf:80:b2:07:97:7a:6e:e2:b7:1f:ab:ca:d3:2b:4c:29:9c:
         4c:89:ae:7f:8f:9c:9c:e0:e7:25:d0:c0:a8:0f:b3:8c:41:7b:
         36:79:82:00:5f:49:21:c7:f4:1d:5b:99:71:0d:ef:61:2a:3a:
         97:7d:67:d9:12:cb:c6:88:a3:a2:2c:bd:e0:45:27:a9:c4:37:
         1d:35:dc:c4:10:d7:50:06:88:0a:bc:cb:b2:cf:39:4c:62:bc:
         8d:6f:74:06:b8:9c:25:73:2a:1b:c3:d2:c9:83:05:51:56:db:
         ce:ea:f8:e4:2b:36:f3:a7:08:71:94:5e:03:a9:4b:49:f1:64:
         1d:46:d1:e3:56:59:b9:fd:2b:c9:ca:6e:b4:f0:bc:54:1d:ee:
         b9:b5:ff:34:12:4e:86:5f:79:b7:93:fe:3c:55:20:40:40:c4:
         0a:50:e4:c5:2f:4a:d5:16:d9:e1:4c:ed:16:23:95:82:0e:73:
         3c:f0:cf:2d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYvc2mLRhyIAPwvXJN5fBwiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMxMTE3MTAzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTY2ZGEwZjYxNTUzZDJmMTU1NDkyMzFhNTQ1NmY3ZTNhMGMzMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoaLGlAcBL0SQvTxufYd7Y37nItV
1/HOXvb/s5b2lzNybBTrVC36I9IP2CJRGO2rp3FQ6vxGojZSmBLo6SWcJ2eQ6qlr
uHwPLKpLtN+CT40GRBTl+OXg0TGjD+E0cKf9htwKFPtq1/3g/3jBz0GGn+baJrlB
6RasWGeBBYsMwCnREYRnCiO4fdVb5GFmVl3RPICwteYXbYcUBdu1H119RkMaa+Jj
J30JVXxfUgWgQZ2VUnr4hQvcIdqkQ8WhXXrhpdZLEhmzQQccCX1vVq9xLnNnqpKN
X7zSbkGpDKLmT3zhC5Txlvvlg2kqGDDIsroqKNTVOE0/XUZNvS8AkphqlwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB5m2g9hVT0vFVSSMaVFb346DDGEMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvSG1iYUQyRlZQUzhWVkpJeHBVVnZmam9NTVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABZF08D
BAFZF1ADBAFZF1QDBABZF1cDBABZF1wwDQYJKoZIhvcNAQELBQADggEBAIYeDe3a
eGY/cngVVkZtaw+H+7x750Frt9jr8siKnjnID/NHG/Kebug3QKsZaiVrlrywGZ2T
/DT+0a4aBQJ9Cxr6o3QtpBf47r+/gLIHl3pu4rcfq8rTK0wpnEyJrn+PnJzg5yXQ
wKgPs4xBezZ5ggBfSSHH9B1bmXEN72EqOpd9Z9kSy8aIo6IsveBFJ6nENx013MQQ
11AGiAq8y7LPOUxivI1vdAa4nCVzKhvD0smDBVFW287q+OQrNvOnCHGUXgOpS0nx
ZB1G0eNWWbn9K8nKbrTwvFQd7rm1/zQSToZfebeT/jxVIEBAxApQ5MUvStUW2eFM
7RYjlYIOczzwzy0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org