Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/hUWTQfvN669dYEWiTaUTEAkRVLU.roa
File:                     hUWTQfvN669dYEWiTaUTEAkRVLU.roa (raw, json)
Hash identifier:          yzHnZJypgthDNAbRLT1TurmBhAgvIRm4fpcBZPVWl9g=
Subject key identifier:   85:45:93:41:FB:CD:EB:AF:5D:60:45:A2:4D:A5:13:10:09:11:54:B5
Certificate issuer:       /CN=238857660dc7fa60846f765b94cb69576255adb6
Certificate serial:       01856FA6D530F503D30936DA059800F75A55
Authority key identifier: 23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/hUWTQfvN669dYEWiTaUTEAkRVLU.roa
Signing time:             Sun 01 Jan 2023 23:24:42 +0000
ROA not before:           Sun 01 Jan 2023 23:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57118
IP address blocks:        185.104.19.0/24 maxlen: 24
                          2a00:f740:400::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a6:d5:30:f5:03:d3:09:36:da:05:98:00:f7:5a:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=238857660dc7fa60846f765b94cb69576255adb6
        Validity
            Not Before: Jan  1 23:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85459341fbcdebaf5d6045a24da51310091154b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:9e:7b:36:7d:f0:ff:76:12:22:47:e8:db:88:
                    00:f1:6b:23:0b:af:11:06:29:a5:9a:ba:10:9c:02:
                    c4:ec:37:f1:7b:33:6c:53:78:f1:42:81:ea:51:81:
                    d6:6b:12:36:89:c7:1b:89:b9:2d:4c:67:40:3c:ef:
                    ae:d2:22:96:12:b0:46:1e:3f:23:ab:6a:bc:44:d7:
                    36:91:d9:67:61:55:62:31:07:9a:82:bd:57:65:ea:
                    cd:4e:d2:47:e0:d7:9d:5b:42:4d:c3:4f:eb:06:d8:
                    47:08:c3:57:4b:83:19:e3:81:2c:4b:fc:09:e3:6a:
                    28:ad:93:db:4c:e0:7d:02:8c:8a:26:93:6c:22:b1:
                    8e:af:e4:8c:46:56:8e:f1:8f:0f:c8:65:ab:14:41:
                    dd:ef:b7:73:17:06:82:eb:13:e2:52:e4:87:16:6e:
                    cb:f7:63:31:3d:00:af:86:39:0a:7d:05:12:2c:b7:
                    a3:b0:ae:01:a2:22:82:22:25:75:4c:f6:ff:b0:95:
                    07:9f:3b:b4:e1:bc:c1:9e:2f:3d:34:e6:77:9a:cf:
                    3a:0b:0a:20:a5:11:a8:26:55:4d:a5:33:0d:95:c5:
                    3b:92:02:84:09:6d:8c:d5:a3:95:4c:bc:25:e1:eb:
                    41:bb:bc:bc:9b:d3:97:21:da:b1:77:aa:52:2a:9c:
                    45:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:45:93:41:FB:CD:EB:AF:5D:60:45:A2:4D:A5:13:10:09:11:54:B5
            X509v3 Authority Key Identifier:
                keyid:23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/hUWTQfvN669dYEWiTaUTEAkRVLU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/I4hXZg3H-mCEb3ZblMtpV2JVrbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.19.0/24
                IPv6:
                  2a00:f740:400::/48

    Signature Algorithm: sha256WithRSAEncryption
         73:11:12:4a:73:4c:b1:93:f9:3a:34:7f:a0:b0:a8:ca:9c:b6:
         74:13:2e:78:69:2c:be:99:ae:eb:81:20:45:6a:4e:c1:a0:7e:
         d0:11:01:55:a7:fe:78:41:42:90:b4:a5:37:09:72:41:41:d9:
         f0:c1:74:56:93:ea:b1:ec:9f:3b:ea:77:24:67:a3:28:0d:6a:
         45:d3:70:62:2e:fb:55:80:fd:0b:49:8d:9e:ab:2f:90:8c:04:
         68:10:5a:aa:5b:aa:69:71:5d:22:e7:77:8d:a2:69:2f:6c:70:
         ae:43:29:e4:ea:fa:89:6b:1c:29:d4:04:94:05:f6:b0:1f:74:
         1b:af:b9:4f:14:f5:07:c8:6b:19:03:e3:cd:c3:c5:75:a3:dc:
         0e:aa:7e:20:b8:65:24:08:6c:9b:3b:72:66:af:4b:93:c4:52:
         d1:cc:8f:a6:58:7d:a9:c7:20:4f:ce:98:9c:cd:1d:c4:f6:d2:
         dd:58:0e:bf:c7:aa:e5:0b:a2:27:e3:f1:db:dd:60:1e:83:91:
         0a:a0:e4:fc:b8:7f:97:fd:d3:b7:dd:f2:39:d0:6c:69:74:66:
         03:61:ee:c6:c0:29:22:aa:fc:da:65:aa:c2:55:e8:ae:2c:5e:
         10:6d:76:a0:18:19:4e:b0:28:cb:87:82:10:75:d0:2b:2d:ec:
         f8:06:98:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvptUw9QPTCTbaBZgA91pVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzODg1NzY2MGRjN2ZhNjA4NDZmNzY1Yjk0Y2I2OTU3NjI1
NWFkYjYwHhcNMjMwMTAxMjMyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ1OTM0MWZiY2RlYmFmNWQ2MDQ1YTI0ZGE1MTMxMDA5MTE1NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh557Nn3w/3YSIkfo24gA8WsjC68R
BimlmroQnALE7DfxezNsU3jxQoHqUYHWaxI2iccbibktTGdAPO+u0iKWErBGHj8j
q2q8RNc2kdlnYVViMQeagr1XZerNTtJH4NedW0JNw0/rBthHCMNXS4MZ44EsS/wJ
42oorZPbTOB9AoyKJpNsIrGOr+SMRlaO8Y8PyGWrFEHd77dzFwaC6xPiUuSHFm7L
92MxPQCvhjkKfQUSLLejsK4BoiKCIiV1TPb/sJUHnzu04bzBni89NOZ3ms86Cwog
pRGoJlVNpTMNlcU7kgKECW2M1aOVTLwl4etBu7y8m9OXIdqxd6pSKpxFQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIVFk0H7zeuvXWBFok2lExAJEVS1MB8GA1UdIwQY
MBaAFCOIV2YNx/pghG92W5TLaVdiVa22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTRoWFpnM0gtbUNFYjNaYmxNdHBWMkpWcmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85NDkyN2YtN2UwOC00ZjIxLTliYmEt
MGY4NzZhYmQxZTMwLzEvaFVXVFFmdk42NjlkWUVXaVRhVVRFQWtSVkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85NDkyN2YtN2UwOC00ZjIxLTliYmEtMGY4NzZhYmQxZTMw
LzEvSTRoWFpnM0gtbUNFYjNaYmxNdHBWMkpWcmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWgTMA8E
AgACMAkDBwAqAPdABAAwDQYJKoZIhvcNAQELBQADggEBAHMREkpzTLGT+To0f6Cw
qMqctnQTLnhpLL6ZruuBIEVqTsGgftARAVWn/nhBQpC0pTcJckFB2fDBdFaT6rHs
nzvqdyRnoygNakXTcGIu+1WA/QtJjZ6rL5CMBGgQWqpbqmlxXSLnd42iaS9scK5D
KeTq+olrHCnUBJQF9rAfdBuvuU8U9QfIaxkD483DxXWj3A6qfiC4ZSQIbJs7cmav
S5PEUtHMj6ZYfanHIE/OmJzNHcT20t1YDr/HquULoifj8dvdYB6DkQqg5Py4f5f9
07fd8jnQbGl0ZgNh7sbAKSKq/NplqsJV6K4sXhBtdqAYGU6wKMuHghB10Cst7PgG
mFI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:43 2024 by rpki-client on console-fra.rpki-client.org