Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/hpQM222-Z8RRqidOB3-OPqfmGE8.roa
File:                     hpQM222-Z8RRqidOB3-OPqfmGE8.roa (raw, json)
Hash identifier:          /y83Ip6uYsTXe7KcVv2RCNY4kvwn4GdTxEkHGF1LIPQ=
Subject key identifier:   86:94:0C:DB:6D:BE:67:C4:51:AA:27:4E:07:7F:8E:3E:A7:E6:18:4F
Certificate issuer:       /CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Certificate serial:       018BECA0C716EC5ADC67B2FC8A2296B04D9B
Authority key identifier: A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/hpQM222-Z8RRqidOB3-OPqfmGE8.roa
Signing time:             Mon 20 Nov 2023 12:07:21 +0000
ROA not before:           Mon 20 Nov 2023 12:07:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8972
IP address blocks:        188.138.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 08:48:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ec:a0:c7:16:ec:5a:dc:67:b2:fc:8a:22:96:b0:4d:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
        Validity
            Not Before: Nov 20 12:07:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86940cdb6dbe67c451aa274e077f8e3ea7e6184f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:80:fc:47:36:d1:dc:0f:3c:07:28:56:ed:7a:
                    3e:36:72:6e:88:d8:58:c6:ce:d3:59:aa:44:ba:30:
                    86:47:34:4b:19:6f:3d:31:af:12:99:ee:b6:d8:5c:
                    5d:4b:08:27:34:f6:b4:24:12:03:78:4b:2a:95:94:
                    f3:bd:d5:9d:15:a6:19:35:a5:1e:e7:ae:61:ab:96:
                    25:2c:7d:ac:55:c4:5d:1d:71:d4:95:2e:38:25:08:
                    83:b1:77:84:84:c2:ae:65:db:8a:f7:a6:43:06:c1:
                    47:20:17:2e:8a:64:64:47:bd:f7:fd:b3:63:8d:c7:
                    a2:76:0a:87:24:d9:4a:13:04:d1:04:cf:fd:cd:03:
                    ad:20:9d:6f:a6:3b:bf:ce:e2:f2:66:01:29:07:48:
                    6b:36:e7:ab:c1:e1:95:49:c5:43:ef:50:17:a3:2d:
                    b4:03:3d:e0:6f:64:96:fc:3f:6d:2c:c7:bf:cd:a2:
                    bd:3e:de:82:40:03:10:5e:be:4a:89:63:13:7b:06:
                    fe:a6:48:8d:c1:44:1c:be:90:8f:66:87:c0:d0:74:
                    64:7c:81:de:03:1c:eb:c1:1d:bc:60:7b:5e:cc:40:
                    64:2e:ef:fe:12:bb:0f:74:28:62:2e:40:dc:fb:89:
                    bc:76:2b:96:8b:6f:8d:a4:12:36:5b:08:df:81:bc:
                    56:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:94:0C:DB:6D:BE:67:C4:51:AA:27:4E:07:7F:8E:3E:A7:E6:18:4F
            X509v3 Authority Key Identifier:
                keyid:A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/hpQM222-Z8RRqidOB3-OPqfmGE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.138.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:42:5e:55:a9:54:c8:20:3f:1e:b2:bc:3d:b9:b7:fe:d2:24:
         42:4a:5e:61:71:81:0b:85:59:a3:6b:36:ac:92:5b:25:c6:4d:
         44:b1:f8:a4:75:96:69:c9:c0:4e:3d:bc:6f:91:51:c3:36:87:
         0f:82:26:0e:61:27:b7:c7:37:f5:65:a9:71:c5:4c:cc:07:ac:
         9d:23:04:87:71:be:08:26:02:71:d4:fc:e8:06:c3:66:1b:55:
         a0:cb:ba:f7:e5:50:7c:93:50:0e:07:52:10:e6:a3:bf:8f:90:
         aa:e3:5c:a5:9d:c3:fe:66:de:86:79:5d:1b:0e:0c:a3:b6:ca:
         ff:d3:20:8e:85:d6:6a:61:e5:00:78:9c:7f:d7:63:5f:08:49:
         a4:fd:3c:e3:27:36:78:c2:9d:ef:b3:f9:88:78:a2:13:7f:81:
         93:e4:59:71:d1:33:e4:c5:85:54:c2:aa:a9:5a:14:c5:f9:e5:
         c1:88:6b:02:87:da:a0:b2:10:13:1f:95:fe:a5:b7:d6:1a:71:
         52:9c:13:1c:e8:22:52:08:01:67:8c:39:68:d6:89:2d:45:51:
         96:45:ae:04:02:e4:32:ea:bf:d9:40:b4:f8:a7:7a:4d:f5:b6:
         fe:da:b2:bf:d5:1a:6f:63:c0:6a:07:e1:61:dc:a2:d9:38:82:
         5d:36:06:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvsoMcW7FrcZ7L8iiKWsE2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTQ5MThmYzdmZGZiNzNiYmE4Y2Y1OGQ0Y2I1ZmU0NDlj
ZjgzZjYwHhcNMjMxMTIwMTIwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njk0MGNkYjZkYmU2N2M0NTFhYTI3NGUwNzdmOGUzZWE3ZTYxODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmID8RzbR3A88ByhW7Xo+NnJuiNhY
xs7TWapEujCGRzRLGW89Ma8Sme622FxdSwgnNPa0JBIDeEsqlZTzvdWdFaYZNaUe
565hq5YlLH2sVcRdHXHUlS44JQiDsXeEhMKuZduK96ZDBsFHIBcuimRkR733/bNj
jceidgqHJNlKEwTRBM/9zQOtIJ1vpju/zuLyZgEpB0hrNuerweGVScVD71AXoy20
Az3gb2SW/D9tLMe/zaK9Pt6CQAMQXr5KiWMTewb+pkiNwUQcvpCPZofA0HRkfIHe
AxzrwR28YHtezEBkLu/+ErsPdChiLkDc+4m8diuWi2+NpBI2WwjfgbxWGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaUDNttvmfEUaonTgd/jj6n5hhPMB8GA1UdIwQY
MBaAFKjkkY/H/ftzu6jPWNTLX+RJz4P2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMt
MDE1ZWE1MDE5NTIwLzEvaHBRTTIyMi1aOFJScWlkT0IzLU9QcWZtR0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMtMDE1ZWE1MDE5NTIw
LzEvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvIpxMA0G
CSqGSIb3DQEBCwUAA4IBAQAkQl5VqVTIID8esrw9ubf+0iRCSl5hcYELhVmjazas
klslxk1EsfikdZZpycBOPbxvkVHDNocPgiYOYSe3xzf1ZalxxUzMB6ydIwSHcb4I
JgJx1PzoBsNmG1Wgy7r35VB8k1AOB1IQ5qO/j5Cq41ylncP+Zt6GeV0bDgyjtsr/
0yCOhdZqYeUAeJx/12NfCEmk/TzjJzZ4wp3vs/mIeKITf4GT5Flx0TPkxYVUwqqp
WhTF+eXBiGsCh9qgshATH5X+pbfWGnFSnBMc6CJSCAFnjDlo1oktRVGWRa4EAuQy
6r/ZQLT4p3pN9bb+2rK/1RpvY8BqB+Fh3KLZOIJdNgbc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:16 2024 by rpki-client on console-ams.rpki-client.org