Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HFfV5xFOTHCrvNOJcL3ns85fsSs.roa
File:                     HFfV5xFOTHCrvNOJcL3ns85fsSs.roa (raw, json)
Hash identifier:          qemjiZ0D9cTZvb5n/OymMQgfwvthlYMapc465J4+r64=
Subject key identifier:   1C:57:D5:E7:11:4E:4C:70:AB:BC:D3:89:70:BD:E7:B3:CE:5F:B1:2B
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       01877179014D2A0F5F5FB2E8B1D313527171
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HFfV5xFOTHCrvNOJcL3ns85fsSs.roa
Signing time:             Tue 11 Apr 2023 17:59:28 +0000
ROA not before:           Tue 11 Apr 2023 17:59:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.225.170.0/23 maxlen: 24
                          185.250.25.0/24 maxlen: 24
                          176.125.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Apr 2023 21:35:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:71:79:01:4d:2a:0f:5f:5f:b2:e8:b1:d3:13:52:71:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Apr 11 17:59:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c57d5e7114e4c70abbcd38970bde7b3ce5fb12b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7c:50:15:18:53:19:a6:09:3c:6c:4c:67:13:
                    66:2f:76:7d:d2:98:7b:e2:49:14:d8:3a:12:2f:d9:
                    8e:e5:b1:10:33:a6:d3:66:9e:c4:6a:3a:49:6b:e0:
                    3c:b7:fa:60:0b:61:69:a8:c3:6c:61:90:da:88:c9:
                    2e:d1:e6:73:6c:a5:64:e1:75:ce:a8:08:14:dc:7f:
                    e2:86:f2:41:4b:73:ec:4d:e0:b9:d7:08:5c:a0:b5:
                    90:dc:08:5d:23:71:85:80:c2:a8:6a:cc:86:9b:72:
                    15:bc:63:89:e5:99:d5:a1:af:9a:93:9b:3b:14:27:
                    64:18:72:7c:6c:a3:b1:02:88:ee:95:83:e4:9f:cd:
                    48:0f:7b:ef:0d:e0:02:ed:26:95:af:47:a0:ac:02:
                    94:42:59:cc:71:4b:b5:08:b8:5e:ca:03:85:01:e6:
                    af:54:3c:a9:99:3e:25:db:b9:20:53:3c:81:b7:d5:
                    ac:99:06:80:a4:91:72:85:e6:77:13:04:a4:f7:99:
                    65:8c:72:37:eb:b6:b0:ff:b4:50:89:35:03:6a:1a:
                    22:d4:f1:7f:46:68:64:ea:ff:8d:ce:96:17:4a:4c:
                    8d:b6:0c:26:cf:9f:49:9e:3c:18:17:99:17:7e:30:
                    58:a5:c1:c3:81:e2:18:08:56:a5:e4:0a:01:05:d6:
                    77:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:57:D5:E7:11:4E:4C:70:AB:BC:D3:89:70:BD:E7:B3:CE:5F:B1:2B
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HFfV5xFOTHCrvNOJcL3ns85fsSs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.125.250.0/24
                  185.225.170.0/23
                  185.250.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:36:c1:c2:c5:6e:52:7a:6a:44:77:1f:68:82:ae:a6:05:32:
         7a:50:64:cb:da:fc:7c:4d:8d:71:32:2c:25:29:cc:6e:1a:0a:
         42:e2:11:ad:6e:6b:d2:8e:c7:bb:19:8b:2f:1a:66:25:06:c3:
         2a:66:53:d6:13:e2:06:b8:51:81:57:62:a8:2c:f7:17:76:e1:
         ba:53:fb:f1:77:97:45:8f:62:af:6f:12:0c:f2:ba:94:59:b6:
         a3:3f:f1:6b:fe:41:68:a8:91:1a:47:8a:37:2a:c3:ff:a6:5c:
         2b:32:d3:c8:7d:94:ec:d5:7f:cd:96:6e:24:5e:3e:62:f3:ec:
         2a:5e:a5:9f:a8:a1:20:57:37:19:53:41:d7:6f:4c:c0:ff:c6:
         e5:87:c8:98:a3:04:84:e6:10:f5:b2:f9:dd:d8:eb:f9:0f:5e:
         a8:65:a5:f8:78:08:9d:65:58:8c:47:50:02:99:f3:44:35:3e:
         5e:26:ea:bf:a9:67:2d:e8:0d:d3:71:e6:72:0c:e5:74:4c:ba:
         75:8d:bc:13:9d:6c:02:66:b6:cd:cc:3d:49:07:7c:35:86:8c:
         68:2e:31:8b:21:59:74:2d:03:a9:16:3e:e1:46:b4:e0:e9:27:
         5e:42:3d:0e:b2:ce:6c:01:f4:ab:9d:71:a2:9d:e7:95:ff:15:
         57:09:4f:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdxeQFNKg9fX7LosdMTUnFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDExMTc1OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzU3ZDVlNzExNGU0YzcwYWJiY2QzODk3MGJkZTdiM2NlNWZiMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXxQFRhTGaYJPGxMZxNmL3Z90ph7
4kkU2DoSL9mO5bEQM6bTZp7EajpJa+A8t/pgC2FpqMNsYZDaiMku0eZzbKVk4XXO
qAgU3H/ihvJBS3PsTeC51whcoLWQ3AhdI3GFgMKoasyGm3IVvGOJ5ZnVoa+ak5s7
FCdkGHJ8bKOxAojulYPkn81ID3vvDeAC7SaVr0egrAKUQlnMcUu1CLheygOFAeav
VDypmT4l27kgUzyBt9WsmQaApJFyheZ3EwSk95lljHI367aw/7RQiTUDahoi1PF/
Rmhk6v+NzpYXSkyNtgwmz59JnjwYF5kXfjBYpcHDgeIYCFal5AoBBdZ3HQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBxX1ecRTkxwq7zTiXC957POX7ErMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvSEZmVjV4Rk9USENydk5PSmNMM25zODVmc1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH36AwQB
ueGqAwQAufoZMA0GCSqGSIb3DQEBCwUAA4IBAQA4NsHCxW5SempEdx9ogq6mBTJ6
UGTL2vx8TY1xMiwlKcxuGgpC4hGtbmvSjse7GYsvGmYlBsMqZlPWE+IGuFGBV2Ko
LPcXduG6U/vxd5dFj2KvbxIM8rqUWbajP/Fr/kFoqJEaR4o3KsP/plwrMtPIfZTs
1X/Nlm4kXj5i8+wqXqWfqKEgVzcZU0HXb0zA/8blh8iYowSE5hD1svnd2Ov5D16o
ZaX4eAidZViMR1ACmfNENT5eJuq/qWct6A3TceZyDOV0TLp1jbwTnWwCZrbNzD1J
B3w1hoxoLjGLIVl0LQOpFj7hRrTg6SdeQj0Oss5sAfSrnXGineeV/xVXCU+M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org