Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HU_IV1C9ywMwglYeX0fO_oKCA5w.roa
File:                     HU_IV1C9ywMwglYeX0fO_oKCA5w.roa (raw, json)
Hash identifier:          DMYYsIViYh+fGA+FXuwIyBQ4IphmtVnnblxmJZna7Z4=
Subject key identifier:   1D:4F:C8:57:50:BD:CB:03:30:82:56:1E:5F:47:CE:FE:82:82:03:9C
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       01877F14CB0CAA43B5DF30D54B87F1F41AD4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HU_IV1C9ywMwglYeX0fO_oKCA5w.roa
Signing time:             Fri 14 Apr 2023 09:24:41 +0000
ROA not before:           Fri 14 Apr 2023 09:24:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.225.170.0/24 maxlen: 24
                          185.225.171.0/24 maxlen: 24
                          185.250.26.0/24 maxlen: 24
                          185.226.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 15 Apr 2023 11:14:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7f:14:cb:0c:aa:43:b5:df:30:d5:4b:87:f1:f4:1a:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Apr 14 09:24:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d4fc85750bdcb033082561e5f47cefe8282039c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:08:6a:af:ee:42:aa:54:78:a5:70:ca:72:68:
                    c1:41:8e:c4:2f:2f:fe:7a:93:78:8b:ac:9b:7f:9a:
                    4c:ae:52:0e:7b:d3:4c:37:61:5f:95:8c:6e:8f:9b:
                    17:c3:32:49:eb:41:db:72:dc:7a:3c:2d:7d:75:79:
                    22:2e:7a:9c:50:96:98:89:05:98:7d:6c:a6:69:88:
                    23:ba:21:a7:d4:15:9f:52:a4:b8:84:85:49:3e:14:
                    d4:08:2b:2d:4b:2c:ce:83:42:7e:04:55:b0:db:6b:
                    2d:27:e2:b7:99:bd:8a:30:34:a4:aa:8b:59:7f:59:
                    87:4e:8b:20:06:15:43:51:c5:8b:e5:37:a7:3b:55:
                    e2:76:7c:2b:5f:c4:44:8b:4e:77:75:32:be:8d:59:
                    34:97:83:f1:14:2e:f1:81:7f:b5:95:35:e1:a5:b9:
                    9b:ef:e4:6f:bd:82:7a:1b:50:cf:59:5b:8e:74:c5:
                    c6:23:1f:72:68:d4:02:ca:35:16:50:ef:59:7f:f5:
                    22:6c:e5:e1:82:38:3e:b7:9b:8d:dd:55:d3:43:5f:
                    10:8e:c3:3f:e3:ec:be:5a:71:39:e0:bc:4b:54:bf:
                    ee:db:c1:f0:e0:86:79:1e:1f:63:9c:77:ad:95:d7:
                    55:6c:4d:22:20:8a:aa:b0:d3:0c:fe:d0:14:f0:53:
                    f0:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:4F:C8:57:50:BD:CB:03:30:82:56:1E:5F:47:CE:FE:82:82:03:9C
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/HU_IV1C9ywMwglYeX0fO_oKCA5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.170.0/23
                  185.226.181.0/24
                  185.250.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:11:ac:d6:69:7e:9b:5e:40:32:cf:57:2b:7e:8f:c8:41:47:
         0c:80:d7:06:a1:e5:1f:33:6c:b3:73:6f:61:8f:c2:4b:ce:a8:
         fb:cf:33:e1:1a:f9:22:c6:ea:c5:f0:25:51:49:c1:34:44:07:
         5d:f0:69:fa:26:4d:9a:cd:ac:ee:9a:40:f2:03:0b:51:0f:08:
         43:bf:25:a0:06:d0:ce:83:7c:8e:72:24:05:3d:5b:36:97:54:
         dc:b1:41:df:36:ab:a5:5e:12:f9:9f:63:8e:85:6e:2e:9e:c1:
         dc:7f:59:e1:d4:66:2b:ab:06:ec:41:ee:a6:db:a4:83:fb:12:
         c0:4f:d0:32:a0:02:78:61:5b:c7:4d:1d:ab:81:85:0e:7e:e5:
         34:7f:ad:e4:ee:65:92:f9:ab:13:fb:90:60:ae:98:72:21:5d:
         97:3a:b1:8f:c3:f3:f9:46:18:69:86:99:bb:71:bc:b2:bd:36:
         52:1b:b7:87:c6:55:d7:57:83:73:09:1d:ae:8f:c8:a1:18:1e:
         60:d2:3c:4e:08:db:fa:cc:cd:0d:98:5a:29:92:0d:cf:61:80:
         95:9c:d0:c6:eb:89:0a:95:39:17:cb:1e:97:8d:e2:bc:87:fe:
         7c:98:05:f9:7a:ac:fb:38:92:6a:30:8e:5e:89:89:49:4d:5b:
         db:e6:fb:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd/FMsMqkO13zDVS4fx9BrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDE0MDkyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDRmYzg1NzUwYmRjYjAzMzA4MjU2MWU1ZjQ3Y2VmZTgyODIwMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwhqr+5CqlR4pXDKcmjBQY7ELy/+
epN4i6ybf5pMrlIOe9NMN2FflYxuj5sXwzJJ60Hbctx6PC19dXkiLnqcUJaYiQWY
fWymaYgjuiGn1BWfUqS4hIVJPhTUCCstSyzOg0J+BFWw22stJ+K3mb2KMDSkqotZ
f1mHTosgBhVDUcWL5TenO1XidnwrX8REi053dTK+jVk0l4PxFC7xgX+1lTXhpbmb
7+RvvYJ6G1DPWVuOdMXGIx9yaNQCyjUWUO9Zf/UibOXhgjg+t5uN3VXTQ18QjsM/
4+y+WnE54LxLVL/u28Hw4IZ5Hh9jnHetlddVbE0iIIqqsNMM/tAU8FPwCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB1PyFdQvcsDMIJWHl9Hzv6CggOcMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvSFVfSVYxQzl5d013Z2xZZVgwZk9fb0tDQTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBueGqAwQA
ueK1AwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQB8EazWaX6bXkAyz1crfo/IQUcM
gNcGoeUfM2yzc29hj8JLzqj7zzPhGvkixurF8CVRScE0RAdd8Gn6Jk2azazumkDy
AwtRDwhDvyWgBtDOg3yOciQFPVs2l1TcsUHfNqulXhL5n2OOhW4unsHcf1nh1GYr
qwbsQe6m26SD+xLAT9AyoAJ4YVvHTR2rgYUOfuU0f63k7mWS+asT+5BgrphyIV2X
OrGPw/P5Rhhphpm7cbyyvTZSG7eHxlXXV4NzCR2uj8ihGB5g0jxOCNv6zM0NmFop
kg3PYYCVnNDG64kKlTkXyx6XjeK8h/58mAX5eqz7OJJqMI5eiYlJTVvb5vtZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org