Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/HPWXgucSv-Gq8ZaoLZi_muAPjv4.roa
File:                     HPWXgucSv-Gq8ZaoLZi_muAPjv4.roa (raw, json)
Hash identifier:          XIWLMIXFvP1CYRAoNbtnJDkQte7TTVA/np8Li0hlqjo=
Subject key identifier:   1C:F5:97:82:E7:12:BF:E1:AA:F1:96:A8:2D:98:BF:9A:E0:0F:8E:FE
Certificate issuer:       /CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Certificate serial:       018CC871378479E63F94303DE31243082F1B
Authority key identifier: B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/HPWXgucSv-Gq8ZaoLZi_muAPjv4.roa
Signing time:             Tue 02 Jan 2024 04:31:52 +0000
ROA not before:           Tue 02 Jan 2024 04:31:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31204
IP address blocks:        89.149.84.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 05 Jan 2024 15:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:37:84:79:e6:3f:94:30:3d:e3:12:43:08:2f:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
        Validity
            Not Before: Jan  2 04:31:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1cf59782e712bfe1aaf196a82d98bf9ae00f8efe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:46:b5:80:03:1c:8c:30:a9:9d:a7:d5:ea:55:
                    51:90:3a:4a:32:00:6c:66:3b:71:91:33:d0:f7:a8:
                    2d:aa:ea:79:fc:95:83:fa:78:49:81:c9:dc:ef:d6:
                    40:56:b7:a5:a5:75:eb:42:b1:6f:78:de:90:0f:e0:
                    82:16:86:48:a3:9f:4f:92:0c:ae:86:7e:a8:a3:ce:
                    9b:33:e4:b2:86:c5:db:1a:5d:40:db:47:46:a5:37:
                    d4:66:41:75:c2:0a:94:63:6d:fa:2b:24:05:65:21:
                    94:26:da:80:68:f7:55:3e:2f:8a:d7:e2:2a:fe:a6:
                    38:c5:0d:ea:02:b1:96:73:12:8b:09:c6:d5:e4:1e:
                    ec:7c:c8:b8:dc:10:42:a7:7d:2f:8d:3e:b5:49:ba:
                    cd:86:09:e4:45:f0:ea:13:8d:19:90:b8:f3:b8:27:
                    7e:62:83:52:b2:e9:51:a2:47:41:ae:18:bd:a6:b2:
                    a4:8d:2c:af:8f:0a:cb:4c:8c:9f:98:93:f9:74:72:
                    74:7b:5b:43:7a:77:40:08:4c:38:92:4f:0a:6d:6b:
                    73:bc:f8:4d:c9:46:18:0b:d4:49:1b:6a:78:32:d3:
                    12:22:7f:cd:d9:20:33:9a:bd:25:04:46:80:12:28:
                    46:1e:10:09:e4:2a:11:68:58:e8:e0:e2:be:d8:32:
                    ce:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:F5:97:82:E7:12:BF:E1:AA:F1:96:A8:2D:98:BF:9A:E0:0F:8E:FE
            X509v3 Authority Key Identifier:
                keyid:B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/HPWXgucSv-Gq8ZaoLZi_muAPjv4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.149.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:9d:10:e1:47:2d:d7:a5:b1:ad:aa:2a:85:e0:67:3d:0c:66:
         aa:40:c6:d6:d1:c3:27:fc:b3:f9:a4:75:38:fc:46:89:8a:f2:
         30:21:1c:61:9a:43:82:44:2c:de:4b:ea:84:7f:b8:1f:05:83:
         dd:15:49:38:2b:1b:fd:48:bb:c4:c7:1d:0d:95:62:d2:62:ba:
         02:12:a1:ff:16:77:af:6d:f1:ec:51:dd:17:66:6d:ec:d2:1f:
         4d:06:52:74:e7:42:19:5a:55:d8:95:0c:0c:b6:76:7d:bc:67:
         47:c6:3c:4e:02:5c:c1:a8:da:77:49:3f:9f:98:f7:72:cb:de:
         99:a9:7d:f8:fd:da:5e:22:72:aa:3d:42:60:89:d7:02:2a:51:
         58:73:b8:5a:2f:72:32:8d:6c:48:c8:e5:3f:b1:6f:01:4a:7a:
         09:76:6a:ba:7c:2b:ea:b3:b2:c8:ca:61:ba:77:c4:d8:cd:7c:
         25:03:89:e7:e6:fe:28:0c:81:f0:3d:e8:90:c5:db:80:c7:e8:
         b2:ca:b8:59:e4:53:f1:12:98:be:31:da:fe:16:6b:12:bc:a7:
         69:e5:9d:07:ec:e9:84:7a:5a:3d:ef:95:02:4a:84:6a:3e:c1:
         4d:d4:26:6c:4a:d7:8c:00:56:c3:4b:1f:b6:b1:58:19:34:13:
         08:92:bd:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcTeEeeY/lDA94xJDCC8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwM2MzMDJjMmY1MjI3N2UzZDBhYjY4NDJmNjhhYTVmOGQw
ZDc3ODcwHhcNMjQwMTAyMDQzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Y1OTc4MmU3MTJiZmUxYWFmMTk2YTgyZDk4YmY5YWUwMGY4ZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0a1gAMcjDCpnafV6lVRkDpKMgBs
ZjtxkTPQ96gtqup5/JWD+nhJgcnc79ZAVrelpXXrQrFveN6QD+CCFoZIo59Pkgyu
hn6oo86bM+SyhsXbGl1A20dGpTfUZkF1wgqUY236KyQFZSGUJtqAaPdVPi+K1+Iq
/qY4xQ3qArGWcxKLCcbV5B7sfMi43BBCp30vjT61SbrNhgnkRfDqE40ZkLjzuCd+
YoNSsulRokdBrhi9prKkjSyvjwrLTIyfmJP5dHJ0e1tDendACEw4kk8KbWtzvPhN
yUYYC9RJG2p4MtMSIn/N2SAzmr0lBEaAEihGHhAJ5CoRaFjo4OK+2DLOZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBz1l4LnEr/hqvGWqC2Yv5rgD47+MB8GA1UdIwQY
MBaAFLA8MCwvUid+PQq2hC9oql+NDXeHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2Et
NmY3MDI0YzNhYWQ3LzEvSFBXWGd1Y1N2LUdxOFphb0xaaV9tdUFQanY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3
LzEvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWZVUMA0G
CSqGSIb3DQEBCwUAA4IBAQAfnRDhRy3XpbGtqiqF4Gc9DGaqQMbW0cMn/LP5pHU4
/EaJivIwIRxhmkOCRCzeS+qEf7gfBYPdFUk4Kxv9SLvExx0NlWLSYroCEqH/Fnev
bfHsUd0XZm3s0h9NBlJ050IZWlXYlQwMtnZ9vGdHxjxOAlzBqNp3ST+fmPdyy96Z
qX34/dpeInKqPUJgidcCKlFYc7haL3IyjWxIyOU/sW8BSnoJdmq6fCvqs7LIymG6
d8TYzXwlA4nn5v4oDIHwPeiQxduAx+iyyrhZ5FPxEpi+Mdr+FmsSvKdp5Z0H7OmE
elo975UCSoRqPsFN1CZsSteMAFbDSx+2sVgZNBMIkr0U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:41 2024 by rpki-client on console-fra.rpki-client.org