Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/HoHFRO8RRiCXGZr3AlEIuO-4wvI.roa
File:                     HoHFRO8RRiCXGZr3AlEIuO-4wvI.roa (raw, json)
Hash identifier:          /6c6c9yzdAbsIyjxSnOPOrHrXfn5KZnOx4G5RpV0rPk=
Subject key identifier:   1E:81:C5:44:EF:11:46:20:97:19:9A:F7:02:51:08:B8:EF:B8:C2:F2
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       01856BEECBA6E3E014D1ABE52D951FFA6AFF
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/HoHFRO8RRiCXGZr3AlEIuO-4wvI.roa
Signing time:             Sun 01 Jan 2023 06:04:49 +0000
ROA not before:           Sun 01 Jan 2023 06:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200670
IP address blocks:        85.31.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:cb:a6:e3:e0:14:d1:ab:e5:2d:95:1f:fa:6a:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 06:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e81c544ef11462097199af7025108b8efb8c2f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:85:70:44:3a:17:66:e7:0d:d0:7c:4c:4a:c4:
                    45:87:11:f2:a5:79:1f:c4:91:3f:72:a9:68:13:9d:
                    70:90:3b:11:c0:39:c8:55:b6:6e:12:62:64:55:34:
                    d2:c8:ee:a7:6f:f4:4d:f6:c6:0d:ff:0b:3b:2b:11:
                    0b:99:7c:61:0d:85:4f:1b:19:88:68:51:c6:b7:23:
                    93:55:df:30:a7:b4:d0:26:c6:ea:ff:84:8c:c1:7b:
                    e5:0e:59:48:54:a6:45:6c:c1:e8:a5:09:02:01:f3:
                    9e:f9:1f:ee:40:e2:b7:07:30:80:2d:d4:99:d9:bd:
                    5c:59:a0:3f:d8:ed:0f:a5:de:e6:51:e2:fb:8a:a8:
                    18:55:48:64:62:bb:32:07:b9:24:b5:6c:58:6f:0c:
                    eb:5c:90:81:94:f2:ab:12:a7:fb:1f:6b:67:2e:de:
                    4a:d9:3a:98:33:77:bc:8b:73:bd:1c:92:e6:c8:91:
                    27:43:bf:e0:d3:b6:0e:6d:8f:68:82:b4:44:1c:6b:
                    ef:de:9b:1b:26:e7:8d:98:98:5e:99:3d:ab:d2:af:
                    0e:40:07:e1:64:b5:f9:6d:30:2b:42:fa:ec:ac:c1:
                    2a:f5:9c:20:73:e0:2e:64:bd:02:09:85:5d:80:b9:
                    e2:b7:9e:cb:6d:2e:16:3a:94:3f:f1:33:4a:b3:88:
                    db:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:81:C5:44:EF:11:46:20:97:19:9A:F7:02:51:08:B8:EF:B8:C2:F2
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/HoHFRO8RRiCXGZr3AlEIuO-4wvI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.31.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:f2:5b:d8:3d:10:8f:ea:08:d5:3f:ce:49:41:7b:6e:94:5b:
         15:46:3a:e7:14:5c:19:f1:86:70:64:65:ce:b8:fc:1f:57:63:
         50:6d:24:6b:02:81:70:0a:5a:4f:ae:87:36:b4:9b:2e:bb:de:
         23:ca:17:8f:ba:ae:46:c1:4d:9c:85:16:6e:7e:64:3b:f4:c1:
         f7:92:2f:a5:7a:69:91:62:1d:87:05:82:c6:90:49:5f:9f:30:
         df:e0:92:7d:d8:88:2b:bb:73:7d:db:f5:9e:20:38:36:99:31:
         db:f0:98:34:1a:3b:28:9e:a7:9a:d9:f3:44:84:9a:86:00:18:
         94:10:c2:1d:20:6a:14:30:cd:e4:1f:68:c2:ca:a5:b1:75:3c:
         dc:1d:96:d4:bd:38:aa:5e:56:4c:14:7e:60:1a:27:ea:c5:77:
         b0:7b:b8:56:bb:96:2e:d5:e6:80:88:80:da:60:ef:a1:e9:8f:
         f7:c2:30:b2:17:9c:09:22:42:33:9a:06:69:46:93:93:6c:a8:
         b1:fd:45:10:28:12:da:12:72:02:57:81:f8:51:01:b5:2c:21:
         b5:d9:c8:0c:4b:b4:4b:a1:ab:19:22:84:a7:41:37:43:2b:62:
         6d:2f:af:cb:cf:43:79:bb:44:28:12:0d:44:3c:a4:5e:40:77:
         24:b5:bc:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sum4+AU0avlLZUf+mr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTgxYzU0NGVmMTE0NjIwOTcxOTlhZjcwMjUxMDhiOGVmYjhjMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIVwRDoXZucN0HxMSsRFhxHypXkf
xJE/cqloE51wkDsRwDnIVbZuEmJkVTTSyO6nb/RN9sYN/ws7KxELmXxhDYVPGxmI
aFHGtyOTVd8wp7TQJsbq/4SMwXvlDllIVKZFbMHopQkCAfOe+R/uQOK3BzCALdSZ
2b1cWaA/2O0Ppd7mUeL7iqgYVUhkYrsyB7kktWxYbwzrXJCBlPKrEqf7H2tnLt5K
2TqYM3e8i3O9HJLmyJEnQ7/g07YObY9ogrREHGvv3psbJueNmJhemT2r0q8OQAfh
ZLX5bTArQvrsrMEq9Zwgc+AuZL0CCYVdgLnit57LbS4WOpQ/8TNKs4jbVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6BxUTvEUYglxma9wJRCLjvuMLyMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvSG9IRlJPOFJSaUNYR1pyM0FsRUl1Ty00d3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVR/zMA0G
CSqGSIb3DQEBCwUAA4IBAQAR8lvYPRCP6gjVP85JQXtulFsVRjrnFFwZ8YZwZGXO
uPwfV2NQbSRrAoFwClpProc2tJsuu94jyhePuq5GwU2chRZufmQ79MH3ki+lemmR
Yh2HBYLGkElfnzDf4JJ92Igru3N92/WeIDg2mTHb8Jg0Gjsonqea2fNEhJqGABiU
EMIdIGoUMM3kH2jCyqWxdTzcHZbUvTiqXlZMFH5gGifqxXewe7hWu5Yu1eaAiIDa
YO+h6Y/3wjCyF5wJIkIzmgZpRpOTbKix/UUQKBLaEnICV4H4UQG1LCG12cgMS7RL
oasZIoSnQTdDK2JtL6/Lz0N5u0QoEg1EPKReQHcktbwp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org