Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hds_2sfUB-jX-8zZVm-hpPvOOhg.roa
File:                     hds_2sfUB-jX-8zZVm-hpPvOOhg.roa (raw, json)
Hash identifier:          CY2dOuHO/koT++JReIVUfeRtMAYif6BKK97gudCPaYw=
Subject key identifier:   85:DB:3F:DA:C7:D4:07:E8:D7:FB:CC:D9:56:6F:A1:A4:FB:CE:3A:18
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018969903B23B093BCA2E6BF7F8038BC3761
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hds_2sfUB-jX-8zZVm-hpPvOOhg.roa
Signing time:             Tue 18 Jul 2023 15:13:27 +0000
ROA not before:           Tue 18 Jul 2023 15:13:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206068
IP address blocks:        86.104.192.0/24 maxlen: 24
                          86.104.195.0/24 maxlen: 24
                          89.32.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 19:08:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:69:90:3b:23:b0:93:bc:a2:e6:bf:7f:80:38:bc:37:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jul 18 15:13:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85db3fdac7d407e8d7fbccd9566fa1a4fbce3a18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:50:9e:6e:68:3d:3a:88:2a:f4:d8:72:19:a6:
                    4c:a3:5d:97:c6:01:a2:8e:3d:22:51:be:82:ed:41:
                    70:e8:bd:4b:b2:b5:52:c1:b2:81:5f:68:b3:a0:61:
                    d8:52:fb:cc:6e:4f:47:34:9b:fc:b7:7e:2d:f2:30:
                    85:61:d5:9d:c4:ba:3e:da:c4:a2:80:6c:7d:d5:a9:
                    1b:b7:3e:4b:17:e6:59:4f:eb:da:ed:8f:ac:8b:37:
                    78:55:89:ee:5c:0c:f8:2a:32:7b:fc:51:ed:b0:5f:
                    6c:8e:6b:63:e2:34:fd:0f:db:e3:17:6e:d0:bf:99:
                    1e:8b:76:3c:64:f5:46:f8:68:30:72:1c:fb:a0:60:
                    72:fc:b6:6b:c5:37:62:c2:8e:8b:f1:f6:57:ad:f5:
                    b2:24:6f:c8:c7:7a:eb:0c:f7:e1:75:c4:f2:ba:0b:
                    c6:4f:76:ed:f7:47:ad:7a:c5:32:bc:58:6f:4a:8d:
                    4f:78:02:a0:30:c0:4b:d9:77:c6:73:7d:f0:9d:a2:
                    61:31:b7:26:2a:1a:8c:f7:c9:09:8d:ae:39:b6:d9:
                    2a:50:a4:e0:51:2f:2b:ad:6a:8b:7e:04:65:d4:28:
                    88:f4:e0:c8:16:1f:1d:54:73:79:e8:5f:6b:9f:d9:
                    e2:d1:3e:5c:57:2f:ef:6c:58:58:3e:24:a0:b9:49:
                    7a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:DB:3F:DA:C7:D4:07:E8:D7:FB:CC:D9:56:6F:A1:A4:FB:CE:3A:18
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hds_2sfUB-jX-8zZVm-hpPvOOhg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.104.192.0/24
                  86.104.195.0/24
                  89.32.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:68:78:df:86:33:38:ec:bd:d7:cc:31:3d:33:54:ce:03:c7:
         8a:3c:af:fd:67:35:64:2c:2f:7b:f3:bc:17:59:3f:67:e8:7b:
         4f:2c:d0:05:99:d0:f9:a2:45:a9:6a:04:cf:75:8c:0f:c3:60:
         45:e1:a0:9b:5b:10:f3:eb:5d:34:07:2c:e5:ed:7d:b4:52:6b:
         9e:99:04:37:16:fe:6f:29:4a:9e:f5:28:53:a6:59:6c:18:c3:
         52:f6:1c:8d:d1:9f:93:f3:1f:84:70:01:39:b2:cd:f4:aa:2b:
         80:a8:d2:c6:96:15:8f:5d:b6:55:41:c5:99:39:53:8b:a6:c0:
         18:d3:0f:48:be:e6:94:39:2e:34:b0:e7:43:77:a5:fb:a6:cd:
         88:46:1a:8c:c7:dc:4a:96:46:a3:74:37:e0:a5:98:9e:a8:ee:
         0a:77:67:0f:7a:cb:f0:8d:0b:fd:d3:98:cb:3b:9d:38:bf:bc:
         e7:04:4b:26:69:69:cb:c2:04:73:38:8b:71:d5:3f:e9:16:73:
         6e:84:cc:53:84:39:9b:a3:fe:04:3a:f8:71:41:1f:3d:b3:1c:
         08:91:6a:97:ae:1e:76:96:af:f6:5a:bb:bd:48:5c:1e:95:25:
         f2:21:ab:e0:c5:ae:51:f4:eb:5b:1c:4d:35:cb:88:11:a7:d0:
         ff:fc:48:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlpkDsjsJO8oua/f4A4vDdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNzE4MTUxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRiM2ZkYWM3ZDQwN2U4ZDdmYmNjZDk1NjZmYTFhNGZiY2UzYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFCebmg9Oogq9NhyGaZMo12XxgGi
jj0iUb6C7UFw6L1LsrVSwbKBX2izoGHYUvvMbk9HNJv8t34t8jCFYdWdxLo+2sSi
gGx91akbtz5LF+ZZT+va7Y+sizd4VYnuXAz4KjJ7/FHtsF9sjmtj4jT9D9vjF27Q
v5kei3Y8ZPVG+Ggwchz7oGBy/LZrxTdiwo6L8fZXrfWyJG/Ix3rrDPfhdcTyugvG
T3bt90etesUyvFhvSo1PeAKgMMBL2XfGc33wnaJhMbcmKhqM98kJja45ttkqUKTg
US8rrWqLfgRl1CiI9ODIFh8dVHN56F9rn9ni0T5cVy/vbFhYPiSguUl6QwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIXbP9rH1Afo1/vM2VZvoaT7zjoYMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaGRzXzJzZlVCLWpYLTh6WlZtLWhwUHZPT2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVmjAAwQA
VmjDAwQAWSB+MA0GCSqGSIb3DQEBCwUAA4IBAQB/aHjfhjM47L3XzDE9M1TOA8eK
PK/9ZzVkLC9787wXWT9n6HtPLNAFmdD5okWpagTPdYwPw2BF4aCbWxDz6100Byzl
7X20UmuemQQ3Fv5vKUqe9ShTpllsGMNS9hyN0Z+T8x+EcAE5ss30qiuAqNLGlhWP
XbZVQcWZOVOLpsAY0w9IvuaUOS40sOdDd6X7ps2IRhqMx9xKlkajdDfgpZieqO4K
d2cPesvwjQv905jLO504v7znBEsmaWnLwgRzOItx1T/pFnNuhMxThDmbo/4EOvhx
QR89sxwIkWqXrh52lq/2Wru9SFwelSXyIavgxa5R9OtbHE01y4gRp9D//Ejj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org