Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/HGX_zAFgSKVP8heuct-QMXwNfP0.roa
File:                     HGX_zAFgSKVP8heuct-QMXwNfP0.roa (raw, json)
Hash identifier:          0nFhIqMd8Z6aXk2ms656b1ixAo2ft97V+yMvGzXTS0w=
Subject key identifier:   1C:65:FF:CC:01:60:48:A5:4F:F2:17:AE:72:DF:90:31:7C:0D:7C:FD
Certificate issuer:       /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial:       018C5A4D06154FBA303F8CA7F2BCEB3B448F
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/HGX_zAFgSKVP8heuct-QMXwNfP0.roa
Signing time:             Mon 11 Dec 2023 19:14:06 +0000
ROA not before:           Mon 11 Dec 2023 19:14:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59940
IP address blocks:        103.112.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5a:4d:06:15:4f:ba:30:3f:8c:a7:f2:bc:eb:3b:44:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
        Validity
            Not Before: Dec 11 19:14:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c65ffcc016048a54ff217ae72df90317c0d7cfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:ba:fd:70:b2:98:b5:4a:40:3e:ff:36:1d:4e:
                    be:b9:27:16:47:c9:81:3d:f4:a2:d6:55:0a:74:76:
                    d3:9f:a9:92:ed:9d:81:92:32:83:5f:4c:02:21:1d:
                    f8:de:d0:db:2a:d5:f7:dc:61:47:2f:92:3b:3d:cb:
                    af:93:1a:f3:13:bb:94:7b:33:a6:47:6f:44:57:a1:
                    e9:f5:b6:a4:27:14:a3:13:d8:a9:24:a7:0d:87:fe:
                    1b:b5:5f:58:0d:8b:4e:84:c6:ad:44:1e:23:ba:40:
                    02:4b:f0:dc:5f:9f:e1:3e:16:a8:62:80:1c:2c:b5:
                    9b:9f:ab:52:40:a2:bf:b0:1e:0a:1f:dc:4e:a3:31:
                    41:69:a1:35:f7:c0:dc:f9:17:48:b0:e8:ee:69:9b:
                    f4:68:1c:14:1f:7e:eb:94:64:03:b1:ba:af:27:26:
                    87:cf:83:65:4e:d8:e6:99:6b:04:65:86:41:05:c7:
                    e4:53:e2:eb:bf:25:dd:33:eb:97:ac:18:7f:8b:1a:
                    de:d4:f6:ed:a1:1a:f6:96:be:45:b2:58:5a:4e:98:
                    7e:04:99:74:7d:5c:bc:25:46:6c:26:7a:a8:74:e4:
                    94:f8:e9:70:5a:4b:80:03:e1:5b:7a:30:b0:5d:42:
                    d5:f5:8d:e6:d0:0e:53:ca:0c:59:f8:9a:0a:85:17:
                    40:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:65:FF:CC:01:60:48:A5:4F:F2:17:AE:72:DF:90:31:7C:0D:7C:FD
            X509v3 Authority Key Identifier:
                keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/HGX_zAFgSKVP8heuct-QMXwNfP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.112.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:9c:55:61:76:03:6b:4f:92:d3:c7:51:66:c5:b9:78:0d:c2:
         87:8b:cd:3a:8a:a0:ed:0e:2e:37:f4:2a:7b:f4:6c:50:e4:fd:
         6f:17:85:49:6b:13:23:39:db:2a:e9:43:4b:9e:65:a3:f6:d0:
         59:8a:9d:40:71:05:69:40:a3:d4:15:3a:6c:a6:7e:28:20:6d:
         41:29:76:92:9e:8e:d2:02:f1:aa:80:a2:a1:3b:bd:4f:f8:96:
         58:b0:fd:31:73:ea:04:52:e3:a7:26:da:80:72:8a:e9:34:82:
         51:56:b9:30:f9:8c:b5:45:bb:86:25:18:77:48:e7:3b:93:a6:
         2c:82:36:bb:30:eb:7a:18:ae:9e:b4:5b:84:19:98:3b:00:97:
         58:0c:b7:bf:8d:ce:fa:aa:f2:9f:48:54:c8:a4:1b:05:af:4f:
         a8:d0:06:54:67:6c:01:0e:78:e6:e4:56:3a:27:a5:71:75:c6:
         0c:83:58:7f:47:82:e6:6b:51:06:39:be:d7:a2:fe:d8:a0:5f:
         b0:1f:57:bb:dc:b8:02:6c:46:ab:85:8c:16:77:e7:43:6d:72:
         12:20:b3:3a:7a:49:e9:c2:cc:92:1a:d5:d3:f4:97:e0:08:ff:
         1e:fb:cd:c5:85:10:23:cd:ff:c8:ae:2d:fc:54:59:0d:c6:fb:
         71:2e:c8:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxaTQYVT7owP4yn8rzrO0SPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjMxMjExMTkxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY1ZmZjYzAxNjA0OGE1NGZmMjE3YWU3MmRmOTAzMTdjMGQ3Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrr9cLKYtUpAPv82HU6+uScWR8mB
PfSi1lUKdHbTn6mS7Z2BkjKDX0wCIR343tDbKtX33GFHL5I7PcuvkxrzE7uUezOm
R29EV6Hp9bakJxSjE9ipJKcNh/4btV9YDYtOhMatRB4jukACS/DcX5/hPhaoYoAc
LLWbn6tSQKK/sB4KH9xOozFBaaE198Dc+RdIsOjuaZv0aBwUH37rlGQDsbqvJyaH
z4NlTtjmmWsEZYZBBcfkU+LrvyXdM+uXrBh/ixre1PbtoRr2lr5FslhaTph+BJl0
fVy8JUZsJnqodOSU+OlwWkuAA+FbejCwXULV9Y3m0A5TygxZ+JoKhRdAUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxl/8wBYEilT/IXrnLfkDF8DXz9MB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvSEdYX3pBRmdTS1ZQOGhldWN0LVFNWHdOZlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3CqMA0G
CSqGSIb3DQEBCwUAA4IBAQB9nFVhdgNrT5LTx1Fmxbl4DcKHi806iqDtDi439Cp7
9GxQ5P1vF4VJaxMjOdsq6UNLnmWj9tBZip1AcQVpQKPUFTpspn4oIG1BKXaSno7S
AvGqgKKhO71P+JZYsP0xc+oEUuOnJtqAcorpNIJRVrkw+Yy1RbuGJRh3SOc7k6Ys
gja7MOt6GK6etFuEGZg7AJdYDLe/jc76qvKfSFTIpBsFr0+o0AZUZ2wBDnjm5FY6
J6VxdcYMg1h/R4Lma1EGOb7Xov7YoF+wH1e73LgCbEarhYwWd+dDbXISILM6eknp
wsySGtXT9JfgCP8e+83FhRAjzf/Iri38VFkNxvtxLshk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:19 2024 by rpki-client on console-fra.rpki-client.org