Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ceff08-0527-48be-92b7-0cdfa1c291f6/1/HCYBq6b0LMPhdEOitg1cgqxKGXs.roa
File:                     HCYBq6b0LMPhdEOitg1cgqxKGXs.roa (raw, json)
Hash identifier:          1nbHd19RjNhr7ZrrslRTED7aUlPtkJLCua19dGRVA+o=
Subject key identifier:   1C:26:01:AB:A6:F4:2C:C3:E1:74:43:A2:B6:0D:5C:82:AC:4A:19:7B
Certificate issuer:       /CN=1639e611b58b7f7055df6a7f995d01fb95d790c9
Certificate serial:       01856DD4270D7962F58A90600CA36223BCF5
Authority key identifier: 16:39:E6:11:B5:8B:7F:70:55:DF:6A:7F:99:5D:01:FB:95:D7:90:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FjnmEbWLf3BV32p_mV0B-5XXkMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/ceff08-0527-48be-92b7-0cdfa1c291f6/1/HCYBq6b0LMPhdEOitg1cgqxKGXs.roa
Signing time:             Sun 01 Jan 2023 14:54:58 +0000
ROA not before:           Sun 01 Jan 2023 14:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42160
IP address blocks:        91.206.84.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:27:0d:79:62:f5:8a:90:60:0c:a3:62:23:bc:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1639e611b58b7f7055df6a7f995d01fb95d790c9
        Validity
            Not Before: Jan  1 14:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c2601aba6f42cc3e17443a2b60d5c82ac4a197b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bb:a1:a6:30:37:21:de:c0:f6:18:a7:4f:c1:
                    a8:02:fb:16:db:64:9a:cd:69:ea:9c:b1:77:94:84:
                    b5:e8:89:14:ad:67:96:4c:a0:1c:9e:f6:e4:03:53:
                    cc:39:8a:ef:d9:1e:ba:96:c9:9a:47:b4:fb:6c:c5:
                    60:a7:54:45:87:5e:e4:92:e6:c1:46:e1:9d:b4:16:
                    3c:f3:78:6f:94:b9:d2:ee:10:17:9d:3e:ea:1d:1a:
                    d0:0b:4b:54:c1:8b:e6:9e:ac:33:70:3d:8f:af:a9:
                    39:ba:db:a7:56:20:59:a9:53:16:a3:6b:9f:09:20:
                    24:11:8a:7c:b9:8d:86:e9:2b:e5:de:be:b3:db:ba:
                    23:f2:d1:68:fa:73:88:a0:75:07:54:45:aa:ac:d6:
                    fc:41:95:fd:43:37:9f:0d:d9:c2:7c:82:a3:cb:08:
                    08:f9:fd:5a:e5:b9:a1:86:98:c5:8a:a8:7a:b5:2f:
                    2a:9d:ce:3a:6a:0c:b0:30:e3:a7:1b:1a:d2:44:6e:
                    b8:bc:d7:d2:fc:f0:06:f9:3b:bd:04:88:31:6a:ed:
                    36:ec:94:76:24:bc:91:ea:6c:40:1b:ac:22:e4:7a:
                    34:be:78:8b:1a:37:4c:07:f1:78:8c:3d:7e:e8:61:
                    6e:e3:01:61:74:3f:07:c0:11:b6:5c:ce:64:2f:94:
                    c4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:26:01:AB:A6:F4:2C:C3:E1:74:43:A2:B6:0D:5C:82:AC:4A:19:7B
            X509v3 Authority Key Identifier:
                keyid:16:39:E6:11:B5:8B:7F:70:55:DF:6A:7F:99:5D:01:FB:95:D7:90:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjnmEbWLf3BV32p_mV0B-5XXkMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ceff08-0527-48be-92b7-0cdfa1c291f6/1/HCYBq6b0LMPhdEOitg1cgqxKGXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ceff08-0527-48be-92b7-0cdfa1c291f6/1/FjnmEbWLf3BV32p_mV0B-5XXkMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         69:5d:41:d9:46:68:8e:b8:49:ca:9a:bc:58:08:99:0b:3b:f7:
         54:b1:c3:ae:0f:96:13:e9:51:57:16:96:cb:71:91:39:82:6f:
         de:91:e6:11:17:d5:34:77:50:7b:28:50:cd:b8:0d:26:c4:b3:
         cf:04:2d:25:9c:ee:44:4e:78:d8:f9:28:d9:68:f2:98:3d:31:
         86:db:1b:cf:85:4e:f4:46:cf:8f:c3:fd:d7:7b:dc:32:81:88:
         f6:41:06:ec:38:5d:be:eb:fc:ff:9c:4e:da:98:af:88:ac:18:
         0d:36:28:a9:2b:28:aa:28:06:26:26:e4:bd:f2:79:d2:be:26:
         fe:39:f6:70:a5:3e:e8:e9:fb:05:e9:c4:dc:50:12:5a:b2:27:
         54:23:b2:ad:13:e0:9f:20:d3:ef:9e:57:4e:16:15:e3:07:54:
         08:7b:6f:30:00:d8:aa:1b:2f:44:9e:87:c8:91:b8:eb:2b:d0:
         fa:c2:66:8f:25:06:3f:6c:9e:f3:a9:a2:66:f0:d3:2f:d4:c8:
         42:cf:37:40:8e:d9:68:4a:00:1a:ce:d4:ff:7d:83:b1:b7:bb:
         ca:9d:89:6b:30:1b:0d:8e:f2:6e:47:24:ce:9b:5f:c1:12:08:
         6d:11:29:e3:71:d6:e1:2b:5e:e2:50:c8:17:aa:6a:56:3e:13:
         57:dc:59:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1CcNeWL1ipBgDKNiI7z1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzllNjExYjU4YjdmNzA1NWRmNmE3Zjk5NWQwMWZiOTVk
NzkwYzkwHhcNMjMwMTAxMTQ1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI2MDFhYmE2ZjQyY2MzZTE3NDQzYTJiNjBkNWM4MmFjNGExOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbuhpjA3Id7A9hinT8GoAvsW22Sa
zWnqnLF3lIS16IkUrWeWTKAcnvbkA1PMOYrv2R66lsmaR7T7bMVgp1RFh17kkubB
RuGdtBY883hvlLnS7hAXnT7qHRrQC0tUwYvmnqwzcD2Pr6k5utunViBZqVMWo2uf
CSAkEYp8uY2G6Svl3r6z27oj8tFo+nOIoHUHVEWqrNb8QZX9QzefDdnCfIKjywgI
+f1a5bmhhpjFiqh6tS8qnc46agywMOOnGxrSRG64vNfS/PAG+Tu9BIgxau027JR2
JLyR6mxAG6wi5Ho0vniLGjdMB/F4jD1+6GFu4wFhdD8HwBG2XM5kL5TEKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwmAaum9CzD4XRDorYNXIKsShl7MB8GA1UdIwQY
MBaAFBY55hG1i39wVd9qf5ldAfuV15DJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpubUViV0xmM0JWMzJwX21WMEItNVhYa01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jZWZmMDgtMDUyNy00OGJlLTkyYjct
MGNkZmExYzI5MWY2LzEvSENZQnE2YjBMTVBoZEVPaXRnMWNncXhLR1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jZWZmMDgtMDUyNy00OGJlLTkyYjctMGNkZmExYzI5MWY2
LzEvRmpubUViV0xmM0JWMzJwX21WMEItNVhYa01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW85UMA0G
CSqGSIb3DQEBCwUAA4IBAQBpXUHZRmiOuEnKmrxYCJkLO/dUscOuD5YT6VFXFpbL
cZE5gm/ekeYRF9U0d1B7KFDNuA0mxLPPBC0lnO5ETnjY+SjZaPKYPTGG2xvPhU70
Rs+Pw/3Xe9wygYj2QQbsOF2+6/z/nE7amK+IrBgNNiipKyiqKAYmJuS98nnSvib+
OfZwpT7o6fsF6cTcUBJasidUI7KtE+CfINPvnldOFhXjB1QIe28wANiqGy9EnofI
kbjrK9D6wmaPJQY/bJ7zqaJm8NMv1MhCzzdAjtloSgAaztT/fYOxt7vKnYlrMBsN
jvJuRyTOm1/BEghtESnjcdbhK17iUMgXqmpWPhNX3Fk/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:34 2024 by rpki-client on console-ams.rpki-client.org