Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/HiX-Gb6iQvEE8L976N2xjn4HM6U.roa
File:                     HiX-Gb6iQvEE8L976N2xjn4HM6U.roa (raw, json)
Hash identifier:          kc3FJ96gwcfetP9sUsZ7xq6AB2/B3klNfDF0fiGEcQc=
Subject key identifier:   1E:25:FE:19:BE:A2:42:F1:04:F0:BF:7B:E8:DD:B1:8E:7E:07:33:A5
Certificate issuer:       /CN=a823fe6dad8ad4fdaee6dd6983c1e55cde8482a2
Certificate serial:       0185704BA2FEA58E00B3DBE8A086AAA392A6
Authority key identifier: A8:23:FE:6D:AD:8A:D4:FD:AE:E6:DD:69:83:C1:E5:5C:DE:84:82:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCP-ba2K1P2u5t1pg8HlXN6EgqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/HiX-Gb6iQvEE8L976N2xjn4HM6U.roa
Signing time:             Mon 02 Jan 2023 02:24:43 +0000
ROA not before:           Mon 02 Jan 2023 02:24:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209620
IP address blocks:        193.58.88.0/22 maxlen: 24
                          193.58.91.0/24 maxlen: 24
                          194.55.240.0/22 maxlen: 24
                          2a0c:94c0::/29 maxlen: 48
                          2a0c:cbc0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:4b:a2:fe:a5:8e:00:b3:db:e8:a0:86:aa:a3:92:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a823fe6dad8ad4fdaee6dd6983c1e55cde8482a2
        Validity
            Not Before: Jan  2 02:24:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e25fe19bea242f104f0bf7be8ddb18e7e0733a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3f:91:e5:d7:14:85:06:fc:18:91:06:28:28:
                    aa:71:c2:4d:c6:49:54:e5:2d:70:00:67:aa:b8:26:
                    cb:77:e9:2d:b8:e8:ce:3e:cf:30:2e:24:2b:90:e6:
                    b2:85:02:53:57:46:32:e5:63:90:96:8e:c0:85:73:
                    7c:9d:16:79:01:53:ad:e1:b9:4d:68:02:7e:72:28:
                    18:c6:22:eb:96:53:be:d4:b1:21:98:f0:16:c1:55:
                    f8:d2:c1:25:46:f8:1e:48:5b:a1:42:76:cb:7c:57:
                    2a:bf:92:b2:e5:0e:df:61:90:ef:a6:2c:ab:31:1b:
                    25:0f:ba:28:40:ff:a2:1f:dd:91:f7:52:a7:a1:9f:
                    6d:45:fd:a5:8a:c3:8a:5b:1b:3e:85:95:38:2c:b5:
                    95:e6:bc:26:22:97:ec:d8:74:9e:47:96:c6:68:07:
                    a6:af:04:85:f6:91:c0:04:f9:44:e3:33:43:dd:3a:
                    4f:b0:ec:31:11:70:09:bf:cb:24:b5:0c:af:2c:96:
                    32:d2:5f:0e:b1:3f:a7:42:ee:a9:17:26:25:c8:14:
                    45:58:78:57:83:fd:b3:95:ea:58:cc:03:6f:d3:e4:
                    dc:0a:ee:26:97:19:fa:f4:62:cf:11:6f:fa:7f:6d:
                    9b:8d:59:2f:7f:ea:08:3f:e4:fa:87:21:9a:e4:d4:
                    91:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:25:FE:19:BE:A2:42:F1:04:F0:BF:7B:E8:DD:B1:8E:7E:07:33:A5
            X509v3 Authority Key Identifier:
                keyid:A8:23:FE:6D:AD:8A:D4:FD:AE:E6:DD:69:83:C1:E5:5C:DE:84:82:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCP-ba2K1P2u5t1pg8HlXN6EgqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/HiX-Gb6iQvEE8L976N2xjn4HM6U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/qCP-ba2K1P2u5t1pg8HlXN6EgqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.58.88.0/22
                  194.55.240.0/22
                IPv6:
                  2a0c:94c0::/29
                  2a0c:cbc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         ab:c7:03:5a:d0:96:e5:27:9a:e9:b2:d7:d7:c5:e6:a3:1d:f0:
         a4:65:aa:f1:69:b1:7a:3f:80:6a:44:74:2a:e4:b4:bc:d2:03:
         37:0b:46:04:d3:1c:d3:7a:ec:b9:51:09:b6:b0:27:e6:39:26:
         06:c5:d0:f0:04:ef:44:96:87:a2:c2:f4:66:e6:e7:be:ff:af:
         2a:33:a4:ab:cd:ba:7c:5e:c8:c8:52:cf:8c:db:1e:ff:29:f4:
         29:80:a9:88:52:39:89:ad:3f:46:e6:0d:41:a9:67:be:4c:1f:
         c2:a3:44:70:8d:e5:8f:25:79:5e:39:5f:fb:ff:04:56:12:94:
         d1:39:25:66:c9:b9:e4:ef:be:62:3d:24:7d:a9:bd:ca:b1:f9:
         ba:1b:49:77:3f:87:60:87:b2:48:f4:f7:75:3b:e6:a2:d0:8c:
         e0:2a:ea:d3:01:81:cd:21:4f:a3:1e:be:e2:50:a0:03:16:56:
         e9:41:9d:ef:69:45:14:45:ad:10:1a:ea:ad:7d:ef:8d:5d:76:
         19:99:fe:a0:4b:b3:0e:b4:11:35:67:3e:57:11:41:14:1c:5b:
         f2:f6:c3:c4:5f:73:66:a4:e8:a3:ca:78:a0:e4:5e:8d:d4:86:
         9e:ff:eb:bd:da:cd:0a:17:28:70:f8:7f:78:d2:5b:49:cc:e8:
         6b:e5:f9:05
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVwS6L+pY4As9vooIaqo5KmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjNmZTZkYWQ4YWQ0ZmRhZWU2ZGQ2OTgzYzFlNTVjZGU4
NDgyYTIwHhcNMjMwMTAyMDIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI1ZmUxOWJlYTI0MmYxMDRmMGJmN2JlOGRkYjE4ZTdlMDczM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD+R5dcUhQb8GJEGKCiqccJNxklU
5S1wAGequCbLd+ktuOjOPs8wLiQrkOayhQJTV0Yy5WOQlo7AhXN8nRZ5AVOt4blN
aAJ+cigYxiLrllO+1LEhmPAWwVX40sElRvgeSFuhQnbLfFcqv5Ky5Q7fYZDvpiyr
MRslD7ooQP+iH92R91KnoZ9tRf2lisOKWxs+hZU4LLWV5rwmIpfs2HSeR5bGaAem
rwSF9pHABPlE4zND3TpPsOwxEXAJv8sktQyvLJYy0l8OsT+nQu6pFyYlyBRFWHhX
g/2zlepYzANv0+TcCu4mlxn69GLPEW/6f22bjVkvf+oIP+T6hyGa5NSRCwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFB4l/hm+okLxBPC/e+jdsY5+BzOlMB8GA1UdIwQY
MBaAFKgj/m2titT9rubdaYPB5VzehIKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNQLWJhMksxUDJ1NXQxcGc4SGxYTjZFZ3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wMzg1NjAtMjZkNi00NTVkLWE4ZjQt
OWJmZGYyMjUxMjY3LzEvSGlYLUdiNmlRdkVFOEw5NzZOMnhqbjRITTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wMzg1NjAtMjZkNi00NTVkLWE4ZjQtOWJmZGYyMjUxMjY3
LzEvcUNQLWJhMksxUDJ1NXQxcGc4SGxYTjZFZ3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCwTpYAwQC
wjfwMBQEAgACMA4DBQMqDJTAAwUDKgzLwDANBgkqhkiG9w0BAQsFAAOCAQEAq8cD
WtCW5Sea6bLX18Xmox3wpGWq8Wmxej+AakR0KuS0vNIDNwtGBNMc03rsuVEJtrAn
5jkmBsXQ8ATvRJaHosL0Zubnvv+vKjOkq826fF7IyFLPjNse/yn0KYCpiFI5ia0/
RuYNQalnvkwfwqNEcI3ljyV5Xjlf+/8EVhKU0TklZsm55O++Yj0kfam9yrH5uhtJ
dz+HYIeySPT3dTvmotCM4Crq0wGBzSFPox6+4lCgAxZW6UGd72lFFEWtEBrqrX3v
jV12GZn+oEuzDrQRNWc+VxFBFBxb8vbDxF9zZqToo8p4oORejdSGnv/rvdrNChco
cPh/eNJbSczoa+X5BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:41 2024 by rpki-client on console-ams.rpki-client.org