Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/mHb85ROUkFQkOQCvIrTWUcCJOUc.roa
File:                     mHb85ROUkFQkOQCvIrTWUcCJOUc.roa (raw, json)
Hash identifier:          g10aq6dg3GIS3aVvM3Oumezj2D9UKi/KRvhfigTrBwU=
Subject key identifier:   98:76:FC:E5:13:94:90:54:24:39:00:AF:22:B4:D6:51:C0:89:39:47
Certificate issuer:       /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial:       018A50F1964CFF7B0730B4DB1D4421D0B86C
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/mHb85ROUkFQkOQCvIrTWUcCJOUc.roa
Signing time:             Fri 01 Sep 2023 13:32:04 +0000
ROA not before:           Fri 01 Sep 2023 13:32:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29119
IP address blocks:        217.197.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:50:f1:96:4c:ff:7b:07:30:b4:db:1d:44:21:d0:b8:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
        Validity
            Not Before: Sep  1 13:32:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9876fce513949054243900af22b4d651c0893947
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:40:28:f6:8e:bf:d5:ff:a4:65:11:ca:ef:4f:
                    8e:a6:51:a5:73:0c:4f:2c:3f:8a:be:29:1f:f6:0d:
                    fc:f6:1f:3a:20:09:40:f6:1f:f1:64:4d:b7:f9:c7:
                    c8:03:cf:e1:7b:47:a1:ff:ab:03:74:d5:01:d8:a5:
                    0c:7f:3a:53:bf:d3:37:fa:ee:99:72:81:52:32:5e:
                    0d:17:0d:87:70:3e:cf:2e:54:64:f0:64:fc:67:f1:
                    e2:ab:24:69:cd:d9:6a:a6:0d:c2:83:d4:06:84:74:
                    a1:be:7c:b8:9d:f9:90:57:cc:15:72:ab:b1:a1:be:
                    26:9a:bc:e7:6f:17:20:86:d9:6e:d9:64:e8:13:37:
                    0a:fc:79:b7:0e:de:5a:2d:3b:8a:35:99:1b:e9:78:
                    aa:22:d7:2b:43:e7:21:a1:8f:bb:3a:7a:ab:a9:f8:
                    dc:29:06:f9:5b:00:cd:64:9d:fe:59:3f:27:4d:4a:
                    28:13:3a:aa:19:d5:ee:4b:ae:a2:0f:b2:78:37:56:
                    2b:65:d0:34:23:bc:12:ab:9c:17:1e:03:ea:39:08:
                    3d:2a:2c:a3:76:dd:f0:fb:f3:32:88:14:16:93:66:
                    1c:0b:24:68:b1:ca:bc:4c:ab:c6:78:77:c5:98:9b:
                    0e:e6:f1:d3:1c:2a:47:c5:dd:81:32:95:5a:a3:f6:
                    20:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:76:FC:E5:13:94:90:54:24:39:00:AF:22:B4:D6:51:C0:89:39:47
            X509v3 Authority Key Identifier:
                keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/mHb85ROUkFQkOQCvIrTWUcCJOUc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.197.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:fd:56:e3:3d:3a:01:4e:60:7a:73:c3:99:34:90:11:0e:64:
         db:db:cd:93:5e:31:46:49:5e:86:da:ee:fe:aa:ff:c6:01:21:
         e1:d7:ca:73:13:a0:dc:32:7c:7f:0d:e7:24:11:a5:68:73:f7:
         f8:2f:c0:bc:c1:5a:41:d8:a2:c8:79:3f:79:53:00:14:ea:e2:
         8e:71:58:f3:8d:1d:83:06:8e:cb:a0:da:e9:cf:2b:b0:c6:5f:
         63:db:c5:9d:1b:80:66:4a:8f:64:df:99:86:44:1b:36:45:a7:
         ff:06:2c:87:2c:e4:c3:a2:ee:4e:52:95:b3:48:90:27:18:e5:
         83:05:79:7f:58:f4:8b:3f:03:2d:bb:8c:d8:b9:09:b1:c2:09:
         b7:61:96:ba:c2:02:cc:19:03:37:4e:84:ab:e2:c2:0a:e1:33:
         e2:77:0c:e0:5c:2c:b9:90:20:44:3d:21:56:b8:23:25:60:90:
         6b:17:57:e1:9c:f2:26:61:04:aa:56:35:cd:e5:2c:cd:55:74:
         9a:64:a4:ff:09:36:f2:a6:30:04:dc:5b:db:55:e2:ed:66:6b:
         9e:5e:3c:36:90:67:49:73:9c:44:ea:6a:ac:1c:7f:dc:08:52:
         d4:43:9f:9c:88:02:6c:6f:35:56:50:81:a2:ee:72:5b:81:54:
         d1:91:36:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpQ8ZZM/3sHMLTbHUQh0LhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjMwOTAxMTMzMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc2ZmNlNTEzOTQ5MDU0MjQzOTAwYWYyMmI0ZDY1MWMwODkzOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEAo9o6/1f+kZRHK70+OplGlcwxP
LD+Kvikf9g389h86IAlA9h/xZE23+cfIA8/he0eh/6sDdNUB2KUMfzpTv9M3+u6Z
coFSMl4NFw2HcD7PLlRk8GT8Z/HiqyRpzdlqpg3Cg9QGhHShvny4nfmQV8wVcqux
ob4mmrznbxcghtlu2WToEzcK/Hm3Dt5aLTuKNZkb6XiqItcrQ+choY+7Onqrqfjc
KQb5WwDNZJ3+WT8nTUooEzqqGdXuS66iD7J4N1YrZdA0I7wSq5wXHgPqOQg9Kiyj
dt3w+/MyiBQWk2YcCyRoscq8TKvGeHfFmJsO5vHTHCpHxd2BMpVao/Yg+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJh2/OUTlJBUJDkAryK01lHAiTlHMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvbUhiODVST1VrRlFrT1FDdklyVFdVY0NKT1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cVvMA0G
CSqGSIb3DQEBCwUAA4IBAQBl/VbjPToBTmB6c8OZNJARDmTb282TXjFGSV6G2u7+
qv/GASHh18pzE6DcMnx/DeckEaVoc/f4L8C8wVpB2KLIeT95UwAU6uKOcVjzjR2D
Bo7LoNrpzyuwxl9j28WdG4BmSo9k35mGRBs2Raf/BiyHLOTDou5OUpWzSJAnGOWD
BXl/WPSLPwMtu4zYuQmxwgm3YZa6wgLMGQM3ToSr4sIK4TPidwzgXCy5kCBEPSFW
uCMlYJBrF1fhnPImYQSqVjXN5SzNVXSaZKT/CTbypjAE3FvbVeLtZmueXjw2kGdJ
c5xE6mqsHH/cCFLUQ5+ciAJsbzVWUIGi7nJbgVTRkTY7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:34 2024 by rpki-client on console-ams.rpki-client.org