Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/RH6v79hshz0x0Poyx10JdvWCt-s.roa
File:                     RH6v79hshz0x0Poyx10JdvWCt-s.roa (raw, json)
Hash identifier:          yaXevu42+oU1zYtMHBniqkQpLfTv0GspwPVY8DxX1R4=
Subject key identifier:   44:7E:AF:EF:D8:6C:87:3D:31:D0:FA:32:C7:5D:09:76:F5:82:B7:EB
Certificate issuer:       /CN=26bab8c6915851f4efd40274f742509b7ac7e22e
Certificate serial:       01856DC1E01BAF2E5AE4B5CB4DC9CC74DEEF
Authority key identifier: 26:BA:B8:C6:91:58:51:F4:EF:D4:02:74:F7:42:50:9B:7A:C7:E2:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jrq4xpFYUfTv1AJ090JQm3rH4i4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/RH6v79hshz0x0Poyx10JdvWCt-s.roa
Signing time:             Sun 01 Jan 2023 14:35:00 +0000
ROA not before:           Sun 01 Jan 2023 14:35:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     786
IP address blocks:        157.190.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:c1:e0:1b:af:2e:5a:e4:b5:cb:4d:c9:cc:74:de:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26bab8c6915851f4efd40274f742509b7ac7e22e
        Validity
            Not Before: Jan  1 14:35:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=447eafefd86c873d31d0fa32c75d0976f582b7eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:46:fa:69:a1:00:79:29:09:f1:60:f7:6d:78:
                    59:2a:4d:54:61:c7:44:35:fe:2f:4c:2e:fe:25:97:
                    a4:f4:49:17:96:72:b2:eb:9b:81:cf:3b:06:5f:0a:
                    65:37:63:5a:23:af:62:a5:a9:eb:67:61:75:b2:8c:
                    bf:c5:7a:ca:fd:84:37:d2:de:5a:1f:c3:3c:0f:b9:
                    ba:84:05:1c:bb:40:26:c5:86:de:dc:ba:29:3d:3b:
                    08:65:d0:d8:45:a3:ef:b7:9f:c3:e0:b6:4b:b8:65:
                    14:81:74:aa:e6:fd:ab:93:7f:f6:ff:49:94:c9:14:
                    2a:f8:2d:d6:e2:94:e0:58:77:00:7f:81:69:9a:5e:
                    f6:7b:e2:50:19:df:00:07:30:47:90:9c:58:bc:dd:
                    24:22:d2:1d:69:95:55:a7:72:04:76:e0:26:cd:e3:
                    be:6f:25:a0:cd:15:e8:f8:9a:85:cb:09:03:4e:c0:
                    a0:4f:14:2b:4c:9d:49:b6:f4:75:ea:dc:28:5c:5c:
                    e7:27:42:5c:c5:64:ae:4b:2e:86:c4:0a:d5:cb:33:
                    f7:7d:2a:ca:20:aa:d6:17:f7:b2:58:c3:e4:db:aa:
                    3a:73:d7:ba:8e:d3:ba:72:dc:fc:da:5b:60:fc:a3:
                    0a:30:a1:c1:63:77:c4:46:0a:5a:4b:98:44:49:fb:
                    50:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:7E:AF:EF:D8:6C:87:3D:31:D0:FA:32:C7:5D:09:76:F5:82:B7:EB
            X509v3 Authority Key Identifier:
                keyid:26:BA:B8:C6:91:58:51:F4:EF:D4:02:74:F7:42:50:9B:7A:C7:E2:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jrq4xpFYUfTv1AJ090JQm3rH4i4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/RH6v79hshz0x0Poyx10JdvWCt-s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/Jrq4xpFYUfTv1AJ090JQm3rH4i4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.190.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         03:d7:aa:95:0f:c0:8b:ea:1c:8e:80:5d:ce:aa:17:3c:98:10:
         61:18:a0:a3:d2:8e:ed:da:0f:4f:48:f1:c5:ca:6b:6f:34:72:
         71:7c:92:c7:55:2b:c4:6d:bb:bf:81:5b:a5:a8:37:02:3e:69:
         d1:27:9c:e7:e0:76:29:d1:a9:26:3c:3f:a2:bb:85:aa:89:b1:
         d6:96:ba:56:74:e9:c4:a8:0d:a9:97:f5:41:95:fd:20:00:ec:
         2f:6a:30:25:02:52:37:96:9f:31:fc:1f:f8:e4:fc:a0:90:3b:
         d9:ae:09:40:cf:a3:f3:ab:16:6e:fa:a2:80:2e:b4:b1:58:c4:
         9a:78:48:6d:da:69:68:07:51:6b:c8:01:85:e0:43:eb:e2:f7:
         79:9a:7d:b0:31:09:cb:bb:0d:5d:33:b8:f2:31:14:7c:dc:ae:
         e8:7c:c0:6f:40:f6:06:3a:1a:a6:f1:ed:12:c3:d3:d3:15:a4:
         08:ea:13:17:73:9e:a3:2c:aa:7b:e5:1b:77:fa:d1:1a:6c:6e:
         65:07:d5:cb:47:3e:26:07:f2:2c:19:c4:ae:1c:b5:a9:e1:b7:
         51:67:aa:d3:cf:80:76:9e:93:43:35:14:6f:ee:e5:d2:43:d5:
         ea:d0:c1:37:25:1a:a4:9a:b7:41:8b:bd:75:49:97:73:22:b4:
         b8:88:c8:a1
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVtweAbry5a5LXLTcnMdN7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmFiOGM2OTE1ODUxZjRlZmQ0MDI3NGY3NDI1MDliN2Fj
N2UyMmUwHhcNMjMwMTAxMTQzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDdlYWZlZmQ4NmM4NzNkMzFkMGZhMzJjNzVkMDk3NmY1ODJiN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0b6aaEAeSkJ8WD3bXhZKk1UYcdE
Nf4vTC7+JZek9EkXlnKy65uBzzsGXwplN2NaI69ipanrZ2F1soy/xXrK/YQ30t5a
H8M8D7m6hAUcu0AmxYbe3LopPTsIZdDYRaPvt5/D4LZLuGUUgXSq5v2rk3/2/0mU
yRQq+C3W4pTgWHcAf4Fpml72e+JQGd8ABzBHkJxYvN0kItIdaZVVp3IEduAmzeO+
byWgzRXo+JqFywkDTsCgTxQrTJ1JtvR16twoXFznJ0JcxWSuSy6GxArVyzP3fSrK
IKrWF/eyWMPk26o6c9e6jtO6ctz82ltg/KMKMKHBY3fERgpaS5hESftQqwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFER+r+/YbIc9MdD6MsddCXb1grfrMB8GA1UdIwQY
MBaAFCa6uMaRWFH079QCdPdCUJt6x+IuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnJxNHhwRllVZlR2MUFKMDkwSlFtM3JINGk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hMTY2YTctN2QwNy00MDlhLWFlZDAt
NjM5MzE1ZGNhNTgwLzEvUkg2djc5aHNoejB4MFBveXgxMEpkdldDdC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hMTY2YTctN2QwNy00MDlhLWFlZDAtNjM5MzE1ZGNhNTgw
LzEvSnJxNHhwRllVZlR2MUFKMDkwSlFtM3JINGk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnb4wDQYJ
KoZIhvcNAQELBQADggEBAAPXqpUPwIvqHI6AXc6qFzyYEGEYoKPSju3aD09I8cXK
a280cnF8ksdVK8Rtu7+BW6WoNwI+adEnnOfgdinRqSY8P6K7haqJsdaWulZ06cSo
DamX9UGV/SAA7C9qMCUCUjeWnzH8H/jk/KCQO9muCUDPo/OrFm76ooAutLFYxJp4
SG3aaWgHUWvIAYXgQ+vi93mafbAxCcu7DV0zuPIxFHzcruh8wG9A9gY6Gqbx7RLD
09MVpAjqExdznqMsqnvlG3f60RpsbmUH1ctHPiYH8iwZxK4ctanht1FnqtPPgHae
k0M1FG/u5dJD1erQwTclGqSat0GLvXVJl3MitLiIyKE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:47 2024 by rpki-client on console-fra.rpki-client.org