Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/HlsUQzJnjl6Dh1CBWBPigf3zwCw.roa
File:                     HlsUQzJnjl6Dh1CBWBPigf3zwCw.roa (raw, json)
Hash identifier:          a6UP1V0Op6J3KPis6kUo38k0H+oPBph2cpQgE3PeZzI=
Subject key identifier:   1E:5B:14:43:32:67:8E:5E:83:87:50:81:58:13:E2:81:FD:F3:C0:2C
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       018AA2FD65833DEB73FE4D72EA924E4DE137
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/HlsUQzJnjl6Dh1CBWBPigf3zwCw.roa
Signing time:             Sun 17 Sep 2023 11:53:50 +0000
ROA not before:           Sun 17 Sep 2023 11:53:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49556
IP address blocks:        185.239.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 10 Dec 2023 06:45:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a2:fd:65:83:3d:eb:73:fe:4d:72:ea:92:4e:4d:e1:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Sep 17 11:53:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e5b144332678e5e838750815813e281fdf3c02c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e4:cd:b7:a8:0e:a0:88:a1:f4:fa:19:77:90:
                    67:51:03:3f:87:d6:78:90:f2:a4:00:77:10:3f:b3:
                    af:c6:dc:e4:d2:ed:a1:40:15:37:44:a1:ff:77:2e:
                    74:e6:e9:9f:44:67:08:38:03:2a:79:55:79:5b:eb:
                    ce:90:f2:ef:e5:26:52:33:b4:38:8d:f5:54:6c:99:
                    cd:50:82:56:33:1b:f5:da:13:59:09:62:f5:87:d7:
                    d8:3c:22:53:97:96:60:5b:c0:92:f9:d9:2e:c1:1f:
                    56:82:4e:39:30:b3:05:76:8b:6e:05:c2:13:55:fb:
                    34:ba:eb:09:4f:9e:65:3e:4f:9d:12:8b:46:8c:8e:
                    aa:66:d8:9d:ef:39:b3:c4:9c:bd:eb:e1:f5:08:61:
                    11:0f:0a:35:ce:15:cb:fb:dc:7d:d1:9c:55:02:b0:
                    e3:97:e5:94:dd:44:8a:f7:ff:2a:96:65:37:36:19:
                    0d:d9:ae:97:d5:2a:6d:5d:63:75:c0:c9:04:dd:a6:
                    6d:87:7c:23:b4:32:d2:a1:c9:df:bf:83:f0:56:56:
                    97:a9:d0:31:ad:4e:f2:a0:2d:26:48:01:7b:09:cf:
                    de:f7:1c:b8:33:ae:a2:7f:9e:fc:9c:ff:c5:a3:a9:
                    1e:25:ec:1f:00:fa:b0:82:90:63:c9:d0:b8:39:19:
                    1f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:5B:14:43:32:67:8E:5E:83:87:50:81:58:13:E2:81:FD:F3:C0:2C
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/HlsUQzJnjl6Dh1CBWBPigf3zwCw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.239.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:fb:c8:52:aa:16:ae:74:f1:4a:a2:ea:e1:8c:6c:7e:e5:ca:
         f2:bd:9d:f5:ae:24:4e:90:6d:db:10:0a:d1:bf:8a:da:3e:9f:
         d5:2d:04:7e:e9:b3:8c:0b:8b:3e:a6:43:eb:0a:d0:f2:52:7c:
         25:98:61:82:36:42:39:8d:f3:ce:52:49:01:38:63:e4:e7:25:
         7a:42:c4:f4:67:19:6f:b6:98:79:14:1a:44:24:e5:79:d1:2e:
         62:0c:62:6c:67:e3:50:f2:1c:78:c4:96:f5:bf:ba:00:af:50:
         19:c4:ff:56:eb:25:3c:b6:aa:50:5c:96:0f:fc:8d:ff:f0:5f:
         34:be:c2:ea:2d:16:e5:97:cc:f5:fe:a8:f1:d3:47:23:40:a6:
         c1:92:f0:eb:66:5b:a3:b0:05:dd:81:28:ee:9e:68:74:a2:c3:
         b3:1e:57:25:30:0f:19:58:0a:2e:ff:3d:8a:53:c1:71:ed:ac:
         6f:2b:57:46:7c:8e:00:09:36:00:ed:c0:b9:09:db:a8:0a:02:
         55:f3:54:6e:ce:d4:4d:1d:be:39:77:16:32:0b:59:c0:75:62:
         4d:3b:cb:a2:61:89:57:52:21:fd:e3:67:68:99:c1:cb:9f:1f:
         9a:85:80:2a:bd:95:c5:0c:0e:61:a2:c8:4e:97:6e:9a:ab:75:
         7b:c2:ff:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqi/WWDPetz/k1y6pJOTeE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwOTE3MTE1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTViMTQ0MzMyNjc4ZTVlODM4NzUwODE1ODEzZTI4MWZkZjNjMDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+TNt6gOoIih9PoZd5BnUQM/h9Z4
kPKkAHcQP7Ovxtzk0u2hQBU3RKH/dy505umfRGcIOAMqeVV5W+vOkPLv5SZSM7Q4
jfVUbJnNUIJWMxv12hNZCWL1h9fYPCJTl5ZgW8CS+dkuwR9Wgk45MLMFdotuBcIT
Vfs0uusJT55lPk+dEotGjI6qZtid7zmzxJy96+H1CGERDwo1zhXL+9x90ZxVArDj
l+WU3USK9/8qlmU3NhkN2a6X1SptXWN1wMkE3aZth3wjtDLSocnfv4PwVlaXqdAx
rU7yoC0mSAF7Cc/e9xy4M66if578nP/Fo6keJewfAPqwgpBjydC4ORkfAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5bFEMyZ45eg4dQgVgT4oH988AsMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvSGxzVVF6Sm5qbDZEaDFDQldCUGlnZjN6d0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue8AMA0G
CSqGSIb3DQEBCwUAA4IBAQA5+8hSqhaudPFKourhjGx+5cryvZ31riROkG3bEArR
v4raPp/VLQR+6bOMC4s+pkPrCtDyUnwlmGGCNkI5jfPOUkkBOGPk5yV6QsT0Zxlv
tph5FBpEJOV50S5iDGJsZ+NQ8hx4xJb1v7oAr1AZxP9W6yU8tqpQXJYP/I3/8F80
vsLqLRbll8z1/qjx00cjQKbBkvDrZlujsAXdgSjunmh0osOzHlclMA8ZWAou/z2K
U8Fx7axvK1dGfI4ACTYA7cC5CduoCgJV81RuztRNHb45dxYyC1nAdWJNO8uiYYlX
UiH942domcHLnx+ahYAqvZXFDA5hoshOl26aq3V7wv+6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org