Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/hYmGfIWJab3qJh1sNtW5DWVMrnE.roa
File:                     hYmGfIWJab3qJh1sNtW5DWVMrnE.roa (raw, json)
Hash identifier:          cRJuRxW6T3SajgGaY+0ONKHCF+RZRN6wdtK6TMYzYqk=
Subject key identifier:   85:89:86:7C:85:89:69:BD:EA:26:1D:6C:36:D5:B9:0D:65:4C:AE:71
Certificate issuer:       /CN=f1a06c6c108e9419b2cdb21d48b49a6bbd6c16df
Certificate serial:       01856E01E4E7FE2DE92501B9EFCBD51042E2
Authority key identifier: F1:A0:6C:6C:10:8E:94:19:B2:CD:B2:1D:48:B4:9A:6B:BD:6C:16:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8aBsbBCOlBmyzbIdSLSaa71sFt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/hYmGfIWJab3qJh1sNtW5DWVMrnE.roa
Signing time:             Sun 01 Jan 2023 15:44:55 +0000
ROA not before:           Sun 01 Jan 2023 15:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20570
IP address blocks:        194.127.208.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:01:e4:e7:fe:2d:e9:25:01:b9:ef:cb:d5:10:42:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1a06c6c108e9419b2cdb21d48b49a6bbd6c16df
        Validity
            Not Before: Jan  1 15:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8589867c858969bdea261d6c36d5b90d654cae71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c3:b1:3d:00:dd:fd:ee:18:60:6f:90:e9:69:
                    60:a3:3c:69:6c:81:a8:63:99:49:c1:3a:9c:52:18:
                    bb:3d:6d:a7:a3:01:1c:2e:53:63:81:78:9d:9d:91:
                    56:0e:32:07:9b:98:9d:37:ea:89:42:66:25:b9:22:
                    b2:f5:9b:3e:a0:6a:9c:6e:e6:7d:cf:00:1b:69:40:
                    ba:17:7a:7e:b2:4b:2a:3e:2e:4a:c7:1b:65:8f:79:
                    6f:65:03:fa:df:5c:58:15:ea:01:0e:37:9b:83:ee:
                    a9:7e:75:89:3c:15:fa:16:2c:27:33:24:10:fe:34:
                    82:48:9d:2a:de:fc:a1:60:dc:bd:3b:96:65:48:fe:
                    11:4b:f4:04:ec:94:5b:5b:8c:19:e9:4a:b9:15:52:
                    71:2d:2b:e2:b0:d3:1d:de:9e:76:12:df:f9:86:bb:
                    0c:a3:03:13:d9:d4:e6:4c:dd:22:1c:78:7e:2f:fa:
                    9f:24:ce:1b:8a:d9:e1:d5:70:f3:e8:d5:43:20:46:
                    95:e5:45:5d:97:ab:a5:12:74:f6:23:56:86:92:7f:
                    6f:af:b0:ed:9e:b8:61:ea:94:ce:c3:e8:38:2b:f8:
                    e6:91:45:ad:6a:a9:13:63:6c:4c:af:75:05:44:fd:
                    33:72:95:29:ff:30:32:ba:53:c5:0c:5a:60:4f:e9:
                    00:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:89:86:7C:85:89:69:BD:EA:26:1D:6C:36:D5:B9:0D:65:4C:AE:71
            X509v3 Authority Key Identifier:
                keyid:F1:A0:6C:6C:10:8E:94:19:B2:CD:B2:1D:48:B4:9A:6B:BD:6C:16:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8aBsbBCOlBmyzbIdSLSaa71sFt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/hYmGfIWJab3qJh1sNtW5DWVMrnE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/def647-9186-4729-bb99-142ebe869316/1/8aBsbBCOlBmyzbIdSLSaa71sFt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.127.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         89:cf:e8:0a:66:13:4f:77:57:35:85:dc:fa:a7:bc:7a:97:98:
         e9:c5:96:36:2c:c8:c8:3a:12:c5:20:4a:f7:da:6b:a4:3d:c8:
         40:5d:2d:51:5b:56:f9:6b:c8:21:16:2f:7c:aa:00:9e:1f:35:
         b9:0a:22:56:c9:a3:08:0d:d9:02:ec:c5:26:6b:76:4e:c9:c3:
         a8:10:3c:24:f6:c2:06:08:6c:be:44:60:87:87:c2:95:73:32:
         e6:e3:57:30:17:d2:07:a7:5b:1c:49:99:6e:0e:38:45:04:62:
         5e:30:fb:fa:0c:ed:34:ba:5d:25:eb:f5:32:50:f3:ff:62:3d:
         a9:36:4b:37:1e:2c:ca:69:5c:f9:8f:77:26:e8:cb:8f:c4:b7:
         b7:cc:06:45:16:39:e7:93:4c:8a:53:03:10:d0:a1:00:bb:de:
         2e:de:54:e3:13:0a:c5:b5:09:e2:46:c2:80:8c:bd:a1:8d:60:
         58:08:73:c7:09:84:fa:d3:4d:07:a0:c5:d4:4c:b8:1f:83:75:
         69:1f:ea:d8:fc:cd:9f:03:e3:a1:41:fe:48:fe:8c:7e:16:7a:
         96:84:a0:f9:6c:99:4e:8a:b9:c2:d3:65:e1:f5:be:05:82:e6:
         b4:f8:d6:6d:07:a3:71:60:81:b7:1c:72:e8:5d:9e:a2:13:eb:
         48:ff:2e:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAeTn/i3pJQG578vVEELiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYTA2YzZjMTA4ZTk0MTliMmNkYjIxZDQ4YjQ5YTZiYmQ2
YzE2ZGYwHhcNMjMwMTAxMTU0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTg5ODY3Yzg1ODk2OWJkZWEyNjFkNmMzNmQ1YjkwZDY1NGNhZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMOxPQDd/e4YYG+Q6WlgozxpbIGo
Y5lJwTqcUhi7PW2nowEcLlNjgXidnZFWDjIHm5idN+qJQmYluSKy9Zs+oGqcbuZ9
zwAbaUC6F3p+sksqPi5Kxxtlj3lvZQP631xYFeoBDjebg+6pfnWJPBX6FiwnMyQQ
/jSCSJ0q3vyhYNy9O5ZlSP4RS/QE7JRbW4wZ6Uq5FVJxLSvisNMd3p52Et/5hrsM
owMT2dTmTN0iHHh+L/qfJM4bitnh1XDz6NVDIEaV5UVdl6ulEnT2I1aGkn9vr7Dt
nrhh6pTOw+g4K/jmkUWtaqkTY2xMr3UFRP0zcpUp/zAyulPFDFpgT+kAUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWJhnyFiWm96iYdbDbVuQ1lTK5xMB8GA1UdIwQY
MBaAFPGgbGwQjpQZss2yHUi0mmu9bBbfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGFCc2JCQ09sQm15emJJZFNMU2FhNzFzRnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kZWY2NDctOTE4Ni00NzI5LWJiOTkt
MTQyZWJlODY5MzE2LzEvaFltR2ZJV0phYjNxSmgxc050VzVEV1ZNcm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9kZWY2NDctOTE4Ni00NzI5LWJiOTktMTQyZWJlODY5MzE2
LzEvOGFCc2JCQ09sQm15emJJZFNMU2FhNzFzRnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwn/QMA0G
CSqGSIb3DQEBCwUAA4IBAQCJz+gKZhNPd1c1hdz6p7x6l5jpxZY2LMjIOhLFIEr3
2mukPchAXS1RW1b5a8ghFi98qgCeHzW5CiJWyaMIDdkC7MUma3ZOycOoEDwk9sIG
CGy+RGCHh8KVczLm41cwF9IHp1scSZluDjhFBGJeMPv6DO00ul0l6/UyUPP/Yj2p
Nks3HizKaVz5j3cm6MuPxLe3zAZFFjnnk0yKUwMQ0KEAu94u3lTjEwrFtQniRsKA
jL2hjWBYCHPHCYT6000HoMXUTLgfg3VpH+rY/M2fA+OhQf5I/ox+FnqWhKD5bJlO
irnC02Xh9b4Fgua0+NZtB6NxYIG3HHLoXZ6iE+tI/y7o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:42 2024 by rpki-client on console-fra.rpki-client.org