Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e0925e-47bf-4907-bcbc-fd9f36a8ba6e/1/hmcp-xoxNP1cTQN3eHhyW0Z6WxM.roa
File:                     hmcp-xoxNP1cTQN3eHhyW0Z6WxM.roa (raw, json)
Hash identifier:          e34nHSRPdphrJAyR9ev891Sx7qlJ2XxbEPyNSHI0hos=
Subject key identifier:   86:67:29:FB:1A:31:34:FD:5C:4D:03:77:78:78:72:5B:46:7A:5B:13
Certificate issuer:       /CN=331e7784f60ac8d969b81cf5231cd9dc087ced32
Certificate serial:       0187232D7D4DF5FA8A816DF900CBC4702562
Authority key identifier: 33:1E:77:84:F6:0A:C8:D9:69:B8:1C:F5:23:1C:D9:DC:08:7C:ED:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mx53hPYKyNlpuBz1IxzZ3Ah87TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/e0925e-47bf-4907-bcbc-fd9f36a8ba6e/1/hmcp-xoxNP1cTQN3eHhyW0Z6WxM.roa
Signing time:             Mon 27 Mar 2023 13:06:36 +0000
ROA not before:           Mon 27 Mar 2023 13:06:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39545
IP address blocks:        46.247.104.0/21 maxlen: 21
                          77.89.128.0/18 maxlen: 18
                          46.247.0.0/18 maxlen: 18
                          77.89.145.0/24 maxlen: 24
                          46.247.112.0/20 maxlen: 20
                          89.105.96.0/19 maxlen: 19
                          2a00:f18::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:23:2d:7d:4d:f5:fa:8a:81:6d:f9:00:cb:c4:70:25:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=331e7784f60ac8d969b81cf5231cd9dc087ced32
        Validity
            Not Before: Mar 27 13:06:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=866729fb1a3134fd5c4d03777878725b467a5b13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ce:81:3b:ad:a1:02:fb:80:90:71:b2:ae:f6:
                    6e:aa:e2:84:1d:c2:a6:4b:7f:50:01:5b:9c:aa:9f:
                    eb:ca:ee:1c:67:2e:8e:c3:bc:0e:39:89:a6:bb:fc:
                    c6:f4:5d:d2:5b:00:ee:d9:2a:58:2c:7c:ae:b0:33:
                    c1:81:f7:e2:c0:4a:23:63:2b:5a:14:25:97:83:fb:
                    a1:5b:09:d3:39:a7:ed:58:67:aa:f2:f9:f9:03:38:
                    5c:e5:fa:f2:73:33:cb:2a:96:5a:07:a7:65:51:25:
                    c2:d7:eb:8e:4b:ac:0e:4a:0c:ad:a6:fb:6f:a3:e4:
                    52:2a:bb:ea:49:b3:bb:fe:8b:d5:6f:ca:1f:f9:6d:
                    78:f4:80:ab:96:d7:b3:bb:7d:12:18:fe:bd:25:81:
                    30:8d:02:36:81:00:e8:d3:b0:18:fc:05:60:35:4e:
                    09:7f:01:bb:f6:24:d8:2b:56:78:ed:c2:fd:76:ce:
                    ea:7a:32:f2:dd:03:a5:a7:7b:97:cb:01:a1:d7:b0:
                    e3:62:39:d7:7b:3a:36:fa:b0:9f:5b:02:72:9c:99:
                    6b:7c:cb:10:c5:58:8a:81:ca:a6:c4:55:f6:09:cf:
                    5d:b6:fa:94:b9:d9:50:1e:6e:4e:07:00:f7:7d:44:
                    6b:56:dc:b6:d4:8c:51:7f:39:40:11:0d:07:37:07:
                    b4:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:67:29:FB:1A:31:34:FD:5C:4D:03:77:78:78:72:5B:46:7A:5B:13
            X509v3 Authority Key Identifier:
                keyid:33:1E:77:84:F6:0A:C8:D9:69:B8:1C:F5:23:1C:D9:DC:08:7C:ED:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mx53hPYKyNlpuBz1IxzZ3Ah87TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e0925e-47bf-4907-bcbc-fd9f36a8ba6e/1/hmcp-xoxNP1cTQN3eHhyW0Z6WxM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e0925e-47bf-4907-bcbc-fd9f36a8ba6e/1/Mx53hPYKyNlpuBz1IxzZ3Ah87TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.247.0.0/18
                  46.247.104.0-46.247.127.255
                  77.89.128.0/18
                  89.105.96.0/19
                IPv6:
                  2a00:f18::/32

    Signature Algorithm: sha256WithRSAEncryption
         28:bf:47:9c:4f:c9:aa:6e:3a:79:de:88:29:c5:b7:92:83:6f:
         4a:ae:af:4f:b7:e2:3a:a9:9c:6e:39:f8:a7:a9:d1:62:33:e4:
         6b:c1:74:a9:dd:f5:1e:e4:00:9f:af:88:5a:87:2f:09:ef:43:
         d0:fe:86:89:2b:8f:83:35:e4:97:e1:95:e7:33:72:63:6b:ce:
         5b:eb:bb:4f:7e:df:69:fa:4a:88:d2:a6:ae:c4:de:a2:4b:c3:
         d2:48:58:06:d8:09:45:1e:16:e1:44:3d:db:31:9a:5f:c6:e7:
         c2:f8:72:c0:6a:39:f7:af:cd:4d:2b:f9:27:a2:07:e7:0d:71:
         e4:21:70:41:d8:82:2d:18:bd:73:55:77:38:51:b2:9c:d4:a8:
         6a:ac:ed:6a:4b:64:19:38:ea:9c:37:33:6b:94:a1:2b:70:c5:
         8f:af:72:70:ee:df:df:d5:a8:1b:6e:8d:fb:91:ad:52:64:b9:
         cb:81:99:a0:26:a5:ae:da:d3:8c:0d:74:13:11:06:24:b3:0a:
         fa:37:d8:13:b4:48:7f:7f:e6:b6:28:89:4a:fb:2d:e5:dd:b1:
         07:a3:9e:94:44:ab:72:cc:3f:4a:0e:89:27:f6:ff:e2:8b:d6:
         0c:1b:ef:b5:0b:f6:75:15:d8:f2:49:ac:74:7b:41:64:b3:03:
         07:d9:dd:7d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYcjLX1N9fqKgW35AMvEcCViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWU3Nzg0ZjYwYWM4ZDk2OWI4MWNmNTIzMWNkOWRjMDg3
Y2VkMzIwHhcNMjMwMzI3MTMwNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY3MjlmYjFhMzEzNGZkNWM0ZDAzNzc3ODc4NzI1YjQ2N2E1YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM6BO62hAvuAkHGyrvZuquKEHcKm
S39QAVucqp/ryu4cZy6Ow7wOOYmmu/zG9F3SWwDu2SpYLHyusDPBgffiwEojYyta
FCWXg/uhWwnTOaftWGeq8vn5Azhc5fryczPLKpZaB6dlUSXC1+uOS6wOSgytpvtv
o+RSKrvqSbO7/ovVb8of+W149ICrltezu30SGP69JYEwjQI2gQDo07AY/AVgNU4J
fwG79iTYK1Z47cL9ds7qejLy3QOlp3uXywGh17DjYjnXezo2+rCfWwJynJlrfMsQ
xViKgcqmxFX2Cc9dtvqUudlQHm5OBwD3fURrVty21IxRfzlAEQ0HNwe0XQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIZnKfsaMTT9XE0Dd3h4cltGelsTMB8GA1UdIwQY
MBaAFDMed4T2CsjZabgc9SMc2dwIfO0yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXg1M2hQWUt5TmxwdUJ6MUl4elozQWg4N1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lMDkyNWUtNDdiZi00OTA3LWJjYmMt
ZmQ5ZjM2YThiYTZlLzEvaG1jcC14b3hOUDFjVFFOM2VIaHlXMFo2V3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lMDkyNWUtNDdiZi00OTA3LWJjYmMtZmQ5ZjM2YThiYTZl
LzEvTXg1M2hQWUt5TmxwdUJ6MUl4elozQWg4N1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQGLvcAMAwD
BAMu92gDBAcu9wADBAZNWYADBAVZaWAwDQQCAAIwBwMFACoADxgwDQYJKoZIhvcN
AQELBQADggEBACi/R5xPyapuOnneiCnFt5KDb0qur0+34jqpnG45+Kep0WIz5GvB
dKnd9R7kAJ+viFqHLwnvQ9D+hokrj4M15JfhleczcmNrzlvru09+32n6SojSpq7E
3qJLw9JIWAbYCUUeFuFEPdsxml/G58L4csBqOfevzU0r+SeiB+cNceQhcEHYgi0Y
vXNVdzhRspzUqGqs7WpLZBk46pw3M2uUoStwxY+vcnDu39/VqBtujfuRrVJkucuB
maAmpa7a04wNdBMRBiSzCvo32BO0SH9/5rYoiUr7LeXdsQejnpREq3LMP0oOiSf2
/+KL1gwb77UL9nUV2PJJrHR7QWSzAwfZ3X0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org