Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hxkQlj7eY3rbnbPz27iqCSwYzUA.roa
File:                     hxkQlj7eY3rbnbPz27iqCSwYzUA.roa (raw, json)
Hash identifier:          ZjIgVA/GE5tqEUOzY8brLGRGKcpllRTGhFyaOBiIqk0=
Subject key identifier:   87:19:10:96:3E:DE:63:7A:DB:9D:B3:F3:DB:B8:AA:09:2C:18:CD:40
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7A7BE7576997F2E0E0159896AF7D6
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hxkQlj7eY3rbnbPz27iqCSwYzUA.roa
Signing time:             Mon 02 Jan 2023 08:44:50 +0000
ROA not before:           Mon 02 Jan 2023 08:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62013
IP address blocks:        194.213.8.0/24 maxlen: 24
                          45.67.118.0/23 maxlen: 23
                          185.181.42.0/23 maxlen: 24
                          185.181.40.0/23 maxlen: 24
                          185.181.48.0/23 maxlen: 24
                          185.181.50.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:a7:be:75:76:99:7f:2e:0e:01:59:89:6a:f7:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=871910963ede637adb9db3f3dbb8aa092c18cd40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:3b:13:7e:31:c1:87:f0:64:4d:0d:d2:9e:0c:
                    98:e5:12:3b:c2:9a:87:0d:43:f1:37:e2:61:5e:7a:
                    d0:1c:23:c1:b2:70:45:d5:ba:3d:e8:da:99:88:1e:
                    52:73:fc:58:d7:53:8c:70:2b:1e:ab:b3:df:b1:c1:
                    3b:b6:92:4b:80:25:02:4e:10:68:77:fa:93:d8:30:
                    48:8c:f6:7f:33:59:b4:d6:fc:4a:08:ae:a0:da:fa:
                    13:39:6c:dd:ef:a3:7f:ae:76:6b:f3:e7:db:ec:e3:
                    b3:83:1b:32:25:68:4b:a9:09:f4:e0:b7:2e:34:bb:
                    7c:ca:89:05:8d:70:3e:1b:e1:0f:89:c1:30:57:60:
                    ce:99:eb:47:ca:46:7c:7a:29:1b:d9:7a:5c:be:4d:
                    f9:55:bc:91:93:6b:b0:47:bb:d9:bb:fb:a2:28:cb:
                    8e:54:76:c3:e2:c5:08:32:db:11:49:74:05:f1:96:
                    9a:29:15:8a:f2:a3:46:c4:71:d4:92:d3:99:c3:e6:
                    0b:a3:71:b5:69:b0:f2:2b:3a:fd:cd:2e:25:c6:4a:
                    80:f0:ad:21:36:b8:8b:69:c5:00:97:8f:b6:73:11:
                    9f:2e:99:a6:14:c1:9c:66:26:03:74:7b:4a:2d:9f:
                    1a:34:f6:33:50:8a:60:bc:88:59:f1:c0:e9:bf:94:
                    2d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:19:10:96:3E:DE:63:7A:DB:9D:B3:F3:DB:B8:AA:09:2C:18:CD:40
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hxkQlj7eY3rbnbPz27iqCSwYzUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.118.0/23
                  185.181.40.0/22
                  185.181.48.0/22
                  194.213.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:20:4d:5b:60:44:bc:ec:0d:d5:69:88:1b:32:01:c3:37:e8:
         11:87:96:db:93:32:42:54:69:07:9b:86:37:00:2a:b4:54:e9:
         da:97:c6:9f:e9:da:47:0b:0e:13:3a:38:92:b5:d1:08:4d:71:
         bf:42:85:7d:60:52:75:e2:1e:16:47:27:12:9b:82:b9:46:97:
         f9:06:c9:d2:9d:70:a4:df:f4:4b:b8:2c:01:6e:f8:09:d7:fe:
         35:e1:94:2e:bf:09:92:2b:e4:d1:61:be:f1:ad:07:24:07:8f:
         a6:67:01:e6:e8:73:15:49:51:99:94:58:03:ae:0a:d9:08:42:
         95:0f:3f:6f:a7:66:69:6d:5d:f2:df:c9:45:5e:25:8c:40:dd:
         28:85:06:d1:fe:9b:1d:5b:08:49:71:51:5b:88:fe:b8:84:fe:
         ba:c8:05:48:99:32:a3:61:e6:69:5c:0a:ee:e3:9b:2a:a7:01:
         8e:07:03:ab:b1:84:db:bc:6e:e9:32:77:e2:bb:0f:d7:e1:3a:
         da:cd:64:52:c0:48:a9:c1:c1:f2:02:98:05:38:ac:ba:12:9d:
         07:f8:53:bf:33:6f:20:9f:28:6c:09:d0:2e:78:0e:af:02:84:
         b5:38:ca:00:1e:99:80:15:5e:96:3c:a3:14:ce:6b:3f:97:9f:
         12:73:a4:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxp6e+dXaZfy4OAVmJavfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzE5MTA5NjNlZGU2MzdhZGI5ZGIzZjNkYmI4YWEwOTJjMThjZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jsTfjHBh/BkTQ3SngyY5RI7wpqH
DUPxN+JhXnrQHCPBsnBF1bo96NqZiB5Sc/xY11OMcCseq7PfscE7tpJLgCUCThBo
d/qT2DBIjPZ/M1m01vxKCK6g2voTOWzd76N/rnZr8+fb7OOzgxsyJWhLqQn04Lcu
NLt8yokFjXA+G+EPicEwV2DOmetHykZ8eikb2Xpcvk35VbyRk2uwR7vZu/uiKMuO
VHbD4sUIMtsRSXQF8ZaaKRWK8qNGxHHUktOZw+YLo3G1abDyKzr9zS4lxkqA8K0h
NriLacUAl4+2cxGfLpmmFMGcZiYDdHtKLZ8aNPYzUIpgvIhZ8cDpv5QtBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIcZEJY+3mN6252z89u4qgksGM1AMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaHhrUWxqN2VZM3JibmJQejI3aXFDU3dZelVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLUN2AwQC
ubUoAwQCubUwAwQAwtUIMA0GCSqGSIb3DQEBCwUAA4IBAQBdIE1bYES87A3VaYgb
MgHDN+gRh5bbkzJCVGkHm4Y3ACq0VOnal8af6dpHCw4TOjiStdEITXG/QoV9YFJ1
4h4WRycSm4K5Rpf5BsnSnXCk3/RLuCwBbvgJ1/414ZQuvwmSK+TRYb7xrQckB4+m
ZwHm6HMVSVGZlFgDrgrZCEKVDz9vp2ZpbV3y38lFXiWMQN0ohQbR/psdWwhJcVFb
iP64hP66yAVImTKjYeZpXAru45sqpwGOBwOrsYTbvG7pMnfiuw/X4TrazWRSwEip
wcHyApgFOKy6Ep0H+FO/M28gnyhsCdAueA6vAoS1OMoAHpmAFV6WPKMUzms/l58S
c6Te
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org