Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H35aPzq5S-Zhd4kQoffTlQDzjyU.roa
File:                     H35aPzq5S-Zhd4kQoffTlQDzjyU.roa (raw, json)
Hash identifier:          t5f4oB0FlqBPUry7UW9NKFN/ZJUNrZ9UULWYqIduzS4=
Subject key identifier:   1F:7E:5A:3F:3A:B9:4B:E6:61:77:89:10:A1:F7:D3:95:00:F3:8F:25
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0188424038D627409359C01331D9DC2B27DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H35aPzq5S-Zhd4kQoffTlQDzjyU.roa
Signing time:             Mon 22 May 2023 06:58:05 +0000
ROA not before:           Mon 22 May 2023 06:58:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34800
IP address blocks:        194.50.99.0/24 maxlen: 24
                          2a04:ccc2::/32 maxlen: 48
                          2001:7f8:e7::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:42:40:38:d6:27:40:93:59:c0:13:31:d9:dc:2b:27:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: May 22 06:58:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f7e5a3f3ab94be661778910a1f7d39500f38f25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:0e:8f:07:b1:26:dc:38:54:1c:ee:ae:fc:31:
                    c2:a3:31:fe:9a:17:c6:26:4b:34:0b:4e:fb:ba:5a:
                    2c:04:6a:59:a0:c9:9b:8e:00:97:ed:b2:0f:cd:bc:
                    0d:5f:14:4c:20:56:86:7f:02:97:22:07:8c:19:ec:
                    c9:1e:8e:5e:15:57:77:41:ae:85:37:87:a4:f1:55:
                    f0:d6:43:27:87:3f:d5:85:48:70:fd:87:7c:bc:ab:
                    70:ec:a5:d6:68:ac:e2:a6:8a:89:a4:71:dc:c7:f3:
                    64:f4:91:ae:2b:74:fc:99:4b:be:50:b7:f5:fd:8a:
                    c6:0a:1e:83:52:41:db:51:0e:06:fe:f9:d5:60:cf:
                    de:0a:70:12:e6:5d:45:2d:5b:47:c5:e9:9e:37:3f:
                    05:fc:a6:6d:09:cf:e0:df:ea:16:9c:9b:7f:ca:d6:
                    8c:4d:2a:49:0b:58:ab:ae:54:93:78:1f:21:36:1b:
                    31:eb:92:e7:4b:65:ee:ac:e7:68:d1:eb:ec:94:4b:
                    91:5a:dd:af:62:68:e9:43:d0:f3:ae:3b:72:3c:c7:
                    33:0f:7e:17:6d:92:96:ac:a6:e2:dd:b8:d0:28:e9:
                    70:51:b2:1c:37:80:c7:c5:4c:ae:73:ad:5c:3e:77:
                    df:72:4c:76:c5:6b:a9:6d:1c:88:fd:13:ba:52:72:
                    5c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:7E:5A:3F:3A:B9:4B:E6:61:77:89:10:A1:F7:D3:95:00:F3:8F:25
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H35aPzq5S-Zhd4kQoffTlQDzjyU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.99.0/24
                IPv6:
                  2001:7f8:e7::/48
                  2a04:ccc2::/32

    Signature Algorithm: sha256WithRSAEncryption
         c0:75:91:2c:dc:d7:9f:0e:de:05:f7:b2:c3:82:d9:c7:0c:6d:
         3e:7f:d5:31:54:1c:bf:13:90:7e:4e:1d:86:82:d8:f0:84:4b:
         d2:41:12:6a:33:ce:2a:32:41:14:e4:fc:a8:b2:d2:ec:2c:6b:
         11:6b:92:1d:f6:fb:18:de:8e:2d:6c:ce:d7:77:f8:24:ab:4c:
         28:0d:d9:3b:7f:0b:04:91:ad:f0:d4:c7:4d:1b:6f:bf:ed:8a:
         39:ae:58:b3:07:6f:67:08:bd:58:30:ed:8f:15:90:85:a1:cc:
         17:d1:c8:59:6e:61:50:f2:5a:c3:72:fe:a0:de:d0:ca:8c:f4:
         2e:ef:f6:82:0c:fe:cc:ee:24:6f:b7:60:bb:bf:4a:0a:d0:ef:
         d2:b6:ce:47:15:d3:0b:6c:a7:4c:64:75:4d:f4:00:bc:25:d9:
         43:8e:f3:1c:33:62:d4:05:be:b1:ba:83:67:4b:68:1f:2a:91:
         38:21:0f:cc:f2:62:5b:d5:28:66:d1:a6:66:ed:bc:c3:17:65:
         3c:4e:ef:e4:a4:e6:2b:be:34:91:9d:9f:2c:ea:26:7c:74:16:
         2c:c9:6d:49:70:3b:d6:0e:b0:0d:04:67:6c:a2:30:35:f1:b6:
         01:40:48:e2:7c:bc:da:3c:68:55:14:b1:53:1f:4c:fa:cc:05:
         c8:5d:29:db
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhCQDjWJ0CTWcATMdncKyfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTIyMDY1ODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjdlNWEzZjNhYjk0YmU2NjE3Nzg5MTBhMWY3ZDM5NTAwZjM4ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng6PB7Em3DhUHO6u/DHCozH+mhfG
Jks0C077ulosBGpZoMmbjgCX7bIPzbwNXxRMIFaGfwKXIgeMGezJHo5eFVd3Qa6F
N4ek8VXw1kMnhz/VhUhw/Yd8vKtw7KXWaKzipoqJpHHcx/Nk9JGuK3T8mUu+ULf1
/YrGCh6DUkHbUQ4G/vnVYM/eCnAS5l1FLVtHxemeNz8F/KZtCc/g3+oWnJt/ytaM
TSpJC1irrlSTeB8hNhsx65LnS2XurOdo0evslEuRWt2vYmjpQ9DzrjtyPMczD34X
bZKWrKbi3bjQKOlwUbIcN4DHxUyuc61cPnffckx2xWupbRyI/RO6UnJcUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB9+Wj86uUvmYXeJEKH305UA848lMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSDM1YVB6cTVTLVpoZDRrUW9mZlRsUUR6anlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAwjJjMBYE
AgACMBADBwAgAQf4AOcDBQAqBMzCMA0GCSqGSIb3DQEBCwUAA4IBAQDAdZEs3Nef
Dt4F97LDgtnHDG0+f9UxVBy/E5B+Th2GgtjwhEvSQRJqM84qMkEU5PyostLsLGsR
a5Id9vsY3o4tbM7Xd/gkq0woDdk7fwsEka3w1MdNG2+/7Yo5rlizB29nCL1YMO2P
FZCFocwX0chZbmFQ8lrDcv6g3tDKjPQu7/aCDP7M7iRvt2C7v0oK0O/Sts5HFdML
bKdMZHVN9AC8JdlDjvMcM2LUBb6xuoNnS2gfKpE4IQ/M8mJb1Shm0aZm7bzDF2U8
Tu/kpOYrvjSRnZ8s6iZ8dBYsyW1JcDvWDrANBGdsojA18bYBQEjifLzaPGhVFLFT
H0z6zAXIXSnb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:28 2024 by rpki-client on console-fra.rpki-client.org