Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/8a4285-157e-4c76-bed4-e076f8ccb8b9/1/HifLMlWejdFBjmzzwZfxUOETu0o.roa
File:                     HifLMlWejdFBjmzzwZfxUOETu0o.roa (raw, json)
Hash identifier:          uzAZ8HKGd9vhhrWTjar9UWmzrMniiz/9kFmLtM5/UvQ=
Subject key identifier:   1E:27:CB:32:55:9E:8D:D1:41:8E:6C:F3:C1:97:F1:50:E1:13:BB:4A
Certificate issuer:       /CN=ecc45fcadc4c933ac8ff4e0b434a5bfb567b65a1
Certificate serial:       0185711E593E66385FE8533210233D84C787
Authority key identifier: EC:C4:5F:CA:DC:4C:93:3A:C8:FF:4E:0B:43:4A:5B:FB:56:7B:65:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7MRfytxMkzrI_04LQ0pb-1Z7ZaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/8a4285-157e-4c76-bed4-e076f8ccb8b9/1/HifLMlWejdFBjmzzwZfxUOETu0o.roa
Signing time:             Mon 02 Jan 2023 06:14:52 +0000
ROA not before:           Mon 02 Jan 2023 06:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15902
IP address blocks:        194.42.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:59:3e:66:38:5f:e8:53:32:10:23:3d:84:c7:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecc45fcadc4c933ac8ff4e0b434a5bfb567b65a1
        Validity
            Not Before: Jan  2 06:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e27cb32559e8dd1418e6cf3c197f150e113bb4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:8d:ce:31:bf:51:d1:ce:21:23:2d:6a:b2:3a:
                    31:f5:a0:7e:82:9f:2d:95:ec:4c:2c:b0:f6:ee:18:
                    a3:79:7a:89:d0:e8:65:55:15:30:7c:5b:69:e0:5f:
                    9c:e1:90:03:d2:64:28:42:73:bb:8f:66:1f:7a:f9:
                    ce:8f:3c:43:fc:08:aa:27:f4:a6:35:69:ad:84:d0:
                    0f:9e:9b:ee:a6:03:75:fd:36:20:a9:a2:e0:9e:bf:
                    b2:be:3c:b4:dc:8e:84:ad:d0:ca:86:6c:84:99:17:
                    f1:ac:ba:5d:b4:48:f8:19:66:c9:76:24:45:8c:54:
                    8a:13:08:e6:96:2c:74:78:bb:fd:b7:c6:1e:60:76:
                    07:e1:7f:3c:5c:26:02:65:ad:8a:78:71:bc:fa:80:
                    ab:98:2a:f9:91:2d:e2:39:7d:1b:20:16:43:0e:28:
                    39:c4:0c:9a:60:0a:ec:8d:a1:87:b3:cc:74:3a:dd:
                    4e:da:d4:96:8d:e8:7c:50:47:8f:9c:09:d8:c6:a1:
                    dc:db:ba:a3:7d:f2:23:9f:2a:2c:28:0c:0b:16:95:
                    a4:fc:80:5d:4f:c1:a3:88:89:c3:81:16:88:cd:ea:
                    0d:97:3c:42:b0:1d:d7:b5:d2:dd:7b:82:11:cd:b0:
                    d6:b9:8d:11:b0:3c:b8:d0:9e:0b:3a:01:37:5e:cd:
                    fa:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:27:CB:32:55:9E:8D:D1:41:8E:6C:F3:C1:97:F1:50:E1:13:BB:4A
            X509v3 Authority Key Identifier:
                keyid:EC:C4:5F:CA:DC:4C:93:3A:C8:FF:4E:0B:43:4A:5B:FB:56:7B:65:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MRfytxMkzrI_04LQ0pb-1Z7ZaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/8a4285-157e-4c76-bed4-e076f8ccb8b9/1/HifLMlWejdFBjmzzwZfxUOETu0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/8a4285-157e-4c76-bed4-e076f8ccb8b9/1/7MRfytxMkzrI_04LQ0pb-1Z7ZaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.42.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:62:12:d5:ab:32:28:4f:62:9f:7f:18:8e:8f:f2:69:96:4b:
         db:bd:dc:49:c6:03:a0:88:0c:70:58:8d:7a:03:51:3b:e2:a5:
         0f:e5:85:f6:59:ab:d4:6f:09:ec:5f:d3:74:f1:91:60:48:3c:
         45:d8:b3:bf:a8:db:85:cd:15:2c:0c:ff:de:2e:54:73:91:4b:
         d5:ef:92:cc:43:ce:c8:4b:94:1a:2f:57:c9:99:4e:f3:78:8a:
         1f:72:28:c5:bc:af:20:3c:e4:f4:dc:21:58:73:07:3a:12:62:
         05:bc:e5:90:7c:5c:ed:60:fa:03:2a:c7:d2:92:c1:02:48:36:
         e6:dc:d1:6e:3f:c6:d3:26:20:66:89:68:b4:45:2f:ab:9e:56:
         e7:56:35:02:5f:b9:e8:c2:1d:ae:fc:65:f9:0e:94:31:d9:ed:
         dc:7f:3d:2b:13:b7:98:1d:a9:0e:73:5a:d8:50:9a:ac:63:91:
         59:ac:2b:b8:06:70:37:26:c8:cb:44:11:ef:c5:bb:6b:02:c3:
         b3:ea:84:8c:d8:60:ca:79:58:0f:af:9a:8c:e7:69:f6:93:5e:
         ec:fb:ce:e9:3d:4a:19:2e:a0:1d:13:23:1f:d5:35:c4:a2:47:
         23:58:3b:f0:15:4c:ff:e1:1c:91:2c:41:a9:e6:34:20:13:2a:
         5e:a0:83:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHlk+Zjhf6FMyECM9hMeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYzQ1ZmNhZGM0YzkzM2FjOGZmNGUwYjQzNGE1YmZiNTY3
YjY1YTEwHhcNMjMwMTAyMDYxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI3Y2IzMjU1OWU4ZGQxNDE4ZTZjZjNjMTk3ZjE1MGUxMTNiYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI3OMb9R0c4hIy1qsjox9aB+gp8t
lexMLLD27hijeXqJ0OhlVRUwfFtp4F+c4ZAD0mQoQnO7j2YfevnOjzxD/AiqJ/Sm
NWmthNAPnpvupgN1/TYgqaLgnr+yvjy03I6ErdDKhmyEmRfxrLpdtEj4GWbJdiRF
jFSKEwjmlix0eLv9t8YeYHYH4X88XCYCZa2KeHG8+oCrmCr5kS3iOX0bIBZDDig5
xAyaYArsjaGHs8x0Ot1O2tSWjeh8UEePnAnYxqHc27qjffIjnyosKAwLFpWk/IBd
T8GjiInDgRaIzeoNlzxCsB3XtdLde4IRzbDWuY0RsDy40J4LOgE3Xs36RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB4nyzJVno3RQY5s88GX8VDhE7tKMB8GA1UdIwQY
MBaAFOzEX8rcTJM6yP9OC0NKW/tWe2WhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN01SZnl0eE1renJJXzA0TFEwcGItMVo3WmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84YTQyODUtMTU3ZS00Yzc2LWJlZDQt
ZTA3NmY4Y2NiOGI5LzEvSGlmTE1sV2VqZEZCam16endaZnhVT0VUdTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84YTQyODUtMTU3ZS00Yzc2LWJlZDQtZTA3NmY4Y2NiOGI5
LzEvN01SZnl0eE1renJJXzA0TFEwcGItMVo3WmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiooMA0G
CSqGSIb3DQEBCwUAA4IBAQBoYhLVqzIoT2KffxiOj/JplkvbvdxJxgOgiAxwWI16
A1E74qUP5YX2WavUbwnsX9N08ZFgSDxF2LO/qNuFzRUsDP/eLlRzkUvV75LMQ87I
S5QaL1fJmU7zeIofcijFvK8gPOT03CFYcwc6EmIFvOWQfFztYPoDKsfSksECSDbm
3NFuP8bTJiBmiWi0RS+rnlbnVjUCX7nowh2u/GX5DpQx2e3cfz0rE7eYHakOc1rY
UJqsY5FZrCu4BnA3JsjLRBHvxbtrAsOz6oSM2GDKeVgPr5qM52n2k17s+87pPUoZ
LqAdEyMf1TXEokcjWDvwFUz/4RyRLEGp5jQgEypeoIMF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:14 2024 by rpki-client on console-ams.rpki-client.org