Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/HxBRKvmkbbcbcF0BJgViSgEt9gQ.roa
File:                     HxBRKvmkbbcbcF0BJgViSgEt9gQ.roa (raw, json)
Hash identifier:          zKM+MXCa5+BkIBA0INw4T5A+iaR+1aUv5YJOBrgQRAw=
Subject key identifier:   1F:10:51:2A:F9:A4:6D:B7:1B:70:5D:01:26:05:62:4A:01:2D:F6:04
Certificate issuer:       /CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
Certificate serial:       01856BC11E6C12353985697F36117734BE53
Authority key identifier: 55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/HxBRKvmkbbcbcF0BJgViSgEt9gQ.roa
Signing time:             Sun 01 Jan 2023 05:14:56 +0000
ROA not before:           Sun 01 Jan 2023 05:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16297
IP address blocks:        217.118.0.0/20 maxlen: 20
                          217.118.6.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c1:1e:6c:12:35:39:85:69:7f:36:11:77:34:be:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
        Validity
            Not Before: Jan  1 05:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f10512af9a46db71b705d012605624a012df604
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:8c:7f:9c:5d:4d:cd:51:3c:a5:27:ab:d2:2e:
                    d0:d3:ad:a4:6a:d0:b0:71:a8:71:1b:73:74:00:99:
                    87:ed:6f:59:ee:fa:c9:58:3f:28:56:de:85:60:de:
                    e4:32:92:95:00:a3:5a:b7:ba:5f:82:42:d6:fa:1e:
                    99:05:7e:f0:32:24:1c:6d:8c:d5:3c:35:51:86:5d:
                    48:d4:1d:7b:75:39:41:7b:e5:8d:3b:99:dc:a6:42:
                    ac:a5:8e:cf:d4:19:96:dd:0f:3c:05:9e:cb:c8:d4:
                    24:4a:7e:60:78:6e:aa:18:43:3a:c0:14:c7:3c:52:
                    d8:9b:f6:29:c9:b9:da:56:2e:f6:66:95:4c:85:32:
                    cb:10:e9:fa:e7:6e:10:a5:7c:c8:2b:fd:c2:cd:78:
                    39:9d:d8:27:d6:ab:6b:55:73:35:90:5c:b7:58:38:
                    8f:2e:4e:a1:e8:b0:4e:d1:29:35:02:4c:7a:64:3b:
                    1e:ac:fa:be:c6:25:4c:50:4c:c8:52:26:1f:53:2d:
                    40:c6:a2:6d:38:c5:79:9e:a0:01:dd:19:57:cb:ec:
                    fc:36:a8:20:d2:6f:c2:b0:a4:9d:30:0b:31:04:24:
                    82:7a:8a:e7:17:da:8a:95:dd:d9:4c:77:38:17:fb:
                    29:92:91:c4:f5:76:a7:06:5a:ed:f4:b6:af:39:65:
                    93:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:10:51:2A:F9:A4:6D:B7:1B:70:5D:01:26:05:62:4A:01:2D:F6:04
            X509v3 Authority Key Identifier:
                keyid:55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/HxBRKvmkbbcbcF0BJgViSgEt9gQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/VUrbcrguz6_FcF4l_ryrXILXbuY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.118.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         af:25:dd:2e:12:66:c4:b5:91:a5:b9:75:00:de:b6:2a:63:22:
         35:4c:9d:82:e7:da:10:ab:53:02:9d:80:25:9d:5e:d5:87:1c:
         2e:d7:81:80:ad:ea:ac:8b:27:35:40:8b:96:01:4b:af:13:20:
         bc:12:0b:69:e3:03:e0:c6:6f:7a:c5:f6:7c:31:df:b9:ef:30:
         c7:5d:07:7e:40:2a:c4:a1:3d:c9:dc:80:5b:d9:7e:ce:ba:df:
         f1:ec:35:fb:bd:ed:93:8e:1f:1a:ac:8d:5e:ad:ae:02:a8:fd:
         10:d6:7e:85:8f:20:86:3e:90:e7:1a:4c:5e:88:56:cf:a0:d2:
         e3:b7:37:27:bc:62:89:62:de:20:0d:70:ea:ab:44:53:b3:da:
         d2:d6:c8:a2:e7:b9:87:79:3a:2f:9a:b6:50:32:2c:de:1b:aa:
         57:49:b8:10:e3:1c:d2:f3:bf:1e:62:e9:9f:81:b5:3f:67:d0:
         90:59:81:54:b5:ba:50:cb:f3:a1:ea:76:14:78:ac:53:6c:30:
         c8:09:ce:85:b9:17:6c:21:5f:87:dd:da:b7:ac:85:40:dc:3b:
         7c:72:7d:5a:28:b8:66:24:06:a5:b6:a7:70:02:57:14:9c:b3:
         8a:c5:d2:81:90:56:10:65:a7:1f:76:3e:2a:90:85:dc:02:5c:
         48:05:d7:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwR5sEjU5hWl/NhF3NL5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NGFkYjcyYjgyZWNmYWZjNTcwNWUyNWZlYmNhYjVjODJk
NzZlZTYwHhcNMjMwMTAxMDUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjEwNTEyYWY5YTQ2ZGI3MWI3MDVkMDEyNjA1NjI0YTAxMmRmNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIx/nF1NzVE8pSer0i7Q062katCw
cahxG3N0AJmH7W9Z7vrJWD8oVt6FYN7kMpKVAKNat7pfgkLW+h6ZBX7wMiQcbYzV
PDVRhl1I1B17dTlBe+WNO5ncpkKspY7P1BmW3Q88BZ7LyNQkSn5geG6qGEM6wBTH
PFLYm/YpybnaVi72ZpVMhTLLEOn6524QpXzIK/3CzXg5ndgn1qtrVXM1kFy3WDiP
Lk6h6LBO0Sk1Akx6ZDserPq+xiVMUEzIUiYfUy1AxqJtOMV5nqAB3RlXy+z8Nqgg
0m/CsKSdMAsxBCSCeornF9qKld3ZTHc4F/spkpHE9XanBlrt9LavOWWTLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8QUSr5pG23G3BdASYFYkoBLfYEMB8GA1UdIwQY
MBaAFFVK23K4Ls+vxXBeJf68q1yC127mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEt
NzU4NjNmNDM0NzZhLzEvSHhCUkt2bWtiYmNiY0YwQkpnVmlTZ0V0OWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEtNzU4NjNmNDM0NzZh
LzEvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2XYAMA0G
CSqGSIb3DQEBCwUAA4IBAQCvJd0uEmbEtZGluXUA3rYqYyI1TJ2C59oQq1MCnYAl
nV7Vhxwu14GAreqsiyc1QIuWAUuvEyC8Egtp4wPgxm96xfZ8Md+57zDHXQd+QCrE
oT3J3IBb2X7Out/x7DX7ve2Tjh8arI1era4CqP0Q1n6FjyCGPpDnGkxeiFbPoNLj
tzcnvGKJYt4gDXDqq0RTs9rS1sii57mHeTovmrZQMizeG6pXSbgQ4xzS878eYumf
gbU/Z9CQWYFUtbpQy/Oh6nYUeKxTbDDICc6FuRdsIV+H3dq3rIVA3Dt8cn1aKLhm
JAaltqdwAlcUnLOKxdKBkFYQZacfdj4qkIXcAlxIBdcT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:39 2024 by rpki-client on console-ams.rpki-client.org