Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hygtEluyax9mon_jVH7XDM1YFsM.roa
File:                     hygtEluyax9mon_jVH7XDM1YFsM.roa (raw, json)
Hash identifier:          /06+RrIn+7XGv/IJmvEsl7+3U7NF9KeICrdXO4d3bRc=
Subject key identifier:   87:28:2D:12:5B:B2:6B:1F:66:A2:7F:E3:54:7E:D7:0C:CD:58:16:C3
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       018CC86FBB07CB32A7656642D43BCD43576C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hygtEluyax9mon_jVH7XDM1YFsM.roa
Signing time:             Tue 02 Jan 2024 04:30:14 +0000
ROA not before:           Tue 02 Jan 2024 04:30:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2856
IP address blocks:        81.161.52.0/22 maxlen: 24
                          94.232.100.0/22 maxlen: 24
                          37.97.112.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Jul 2024 15:40:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:bb:07:cb:32:a7:65:66:42:d4:3b:cd:43:57:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Jan  2 04:30:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=87282d125bb26b1f66a27fe3547ed70ccd5816c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:6d:dc:b4:77:68:fc:6f:49:8c:5c:22:0d:18:
                    bd:bb:ac:0b:a0:66:db:fa:61:89:ba:78:cc:32:83:
                    f2:dc:ff:3d:72:bc:ed:5a:20:d8:46:8f:fe:73:95:
                    7c:15:16:a9:04:da:41:da:7d:4c:79:35:52:a5:64:
                    bd:bc:9a:75:af:e0:02:89:5c:0f:19:c4:64:cb:1a:
                    ce:9b:e1:ab:c8:7d:57:24:cf:c4:34:d0:40:59:02:
                    da:07:64:cc:b4:91:f8:ec:b1:3b:3a:3f:ea:26:a9:
                    58:b8:42:fd:b8:a6:7a:ed:b8:c5:26:fe:ca:89:73:
                    d8:84:5f:06:cb:fe:c2:71:4a:3e:13:9a:44:e8:ce:
                    c2:00:45:55:9a:58:6b:58:92:60:41:58:8b:2c:65:
                    07:6c:f2:6b:18:12:96:f6:42:3e:a9:20:01:a0:0d:
                    e0:0b:58:4c:6e:08:33:6e:df:3f:67:e0:24:d5:c0:
                    a6:35:21:2f:bc:5f:4c:9b:c6:f1:70:12:e5:c9:9c:
                    3d:cd:c2:09:a5:2c:70:f0:58:dd:07:83:2a:e7:95:
                    be:75:9a:43:7a:fa:de:08:1e:6c:ed:bd:8d:2d:88:
                    c5:0e:ef:1c:6e:3d:cd:ae:78:05:21:67:d3:1d:2a:
                    2a:d9:b7:9d:fb:5f:55:29:06:62:97:0f:da:c6:be:
                    54:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:28:2D:12:5B:B2:6B:1F:66:A2:7F:E3:54:7E:D7:0C:CD:58:16:C3
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hygtEluyax9mon_jVH7XDM1YFsM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.97.112.0/22
                  81.161.52.0/22
                  94.232.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:0a:87:4b:cc:49:a6:44:10:23:10:dd:ef:7e:73:94:71:ae:
         a9:23:fb:6a:54:4c:a4:0f:5c:95:37:2b:18:ca:54:39:bb:de:
         c9:02:4b:7c:13:f2:23:ed:87:dc:f3:2d:6a:7d:39:db:9b:00:
         67:bd:e8:ce:57:a2:6f:ac:63:93:3e:25:cb:4c:bb:fc:20:85:
         8f:55:57:be:89:e6:2b:3d:20:63:5b:ca:6c:aa:63:de:5c:76:
         5a:0e:b4:33:2e:f7:50:07:84:fc:45:75:54:27:d7:e7:d2:ae:
         3d:b4:ac:9c:0b:63:11:a7:8d:22:86:23:94:54:05:0c:68:64:
         ca:e9:b2:b6:06:a3:b8:92:03:dd:b1:e8:e3:8a:e6:f8:10:99:
         18:78:42:95:15:06:cb:16:b9:fe:c8:08:d1:7d:b5:fd:14:9a:
         f9:64:1f:c1:45:d8:a9:79:12:a9:bf:da:8f:d0:5e:e8:fb:0d:
         5a:67:29:f7:df:b4:40:e4:6c:39:9b:bf:04:e2:c9:87:49:6c:
         3f:cc:52:19:4a:99:8e:c3:df:7b:87:1b:1d:f2:44:49:b7:4b:
         79:74:1f:52:14:ba:64:5c:88:26:43:96:73:9b:07:85:00:9d:
         7f:3c:a1:dc:ff:aa:46:0f:98:f8:2c:2c:30:ed:fa:fc:92:3a:
         e0:af:32:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb7sHyzKnZWZC1DvNQ1dsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI4MmQxMjViYjI2YjFmNjZhMjdmZTM1NDdlZDcwY2NkNTgxNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm3ctHdo/G9JjFwiDRi9u6wLoGbb
+mGJunjMMoPy3P89crztWiDYRo/+c5V8FRapBNpB2n1MeTVSpWS9vJp1r+ACiVwP
GcRkyxrOm+GryH1XJM/ENNBAWQLaB2TMtJH47LE7Oj/qJqlYuEL9uKZ67bjFJv7K
iXPYhF8Gy/7CcUo+E5pE6M7CAEVVmlhrWJJgQViLLGUHbPJrGBKW9kI+qSABoA3g
C1hMbggzbt8/Z+Ak1cCmNSEvvF9Mm8bxcBLlyZw9zcIJpSxw8FjdB4Mq55W+dZpD
evreCB5s7b2NLYjFDu8cbj3NrngFIWfTHSoq2bed+19VKQZilw/axr5UfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIcoLRJbsmsfZqJ/41R+1wzNWBbDMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvaHlndEVsdXlheDltb25falZIN1hETTFZRnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJWFwAwQC
UaE0AwQCXuhkMA0GCSqGSIb3DQEBCwUAA4IBAQBYCodLzEmmRBAjEN3vfnOUca6p
I/tqVEykD1yVNysYylQ5u97JAkt8E/Ij7Yfc8y1qfTnbmwBnvejOV6JvrGOTPiXL
TLv8IIWPVVe+ieYrPSBjW8psqmPeXHZaDrQzLvdQB4T8RXVUJ9fn0q49tKycC2MR
p40ihiOUVAUMaGTK6bK2BqO4kgPdsejjiub4EJkYeEKVFQbLFrn+yAjRfbX9FJr5
ZB/BRdipeRKpv9qP0F7o+w1aZyn337RA5Gw5m78E4smHSWw/zFIZSpmOw997hxsd
8kRJt0t5dB9SFLpkXIgmQ5ZzmweFAJ1/PKHc/6pGD5j4LCww7fr8kjrgrzKG
-----END CERTIFICATE-----
Generated at Mon Jul 29 17:58:36 2024 by rpki-client on console-fra.rpki-client.org