Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Hmhp4qN1k_A0cpJ0WDFHzCBVTaM.roa
File:                     Hmhp4qN1k_A0cpJ0WDFHzCBVTaM.roa (raw, json)
Hash identifier:          V77MvoudQPVpdmyFToN9BHgyV/5bKdWcLHxjHsLpzPs=
Subject key identifier:   1E:68:69:E2:A3:75:93:F0:34:72:92:74:58:31:47:CC:20:55:4D:A3
Certificate issuer:       /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial:       0187B7B195C682A3B0379DFE98F89E1EB232
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Hmhp4qN1k_A0cpJ0WDFHzCBVTaM.roa
Signing time:             Tue 25 Apr 2023 09:14:41 +0000
ROA not before:           Tue 25 Apr 2023 09:14:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61319
IP address blocks:        185.10.252.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b7:b1:95:c6:82:a3:b0:37:9d:fe:98:f8:9e:1e:b2:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
        Validity
            Not Before: Apr 25 09:14:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e6869e2a37593f034729274583147cc20554da3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:32:e8:55:5c:45:a1:8e:83:ee:20:70:3e:d4:
                    0a:98:9f:7a:40:70:07:bd:04:12:67:7a:2b:29:e4:
                    55:ca:ad:b9:e7:54:14:87:d2:9d:8f:da:84:2e:71:
                    b6:24:2e:b4:af:49:68:a5:d7:b3:9d:d4:bc:97:be:
                    28:0e:e2:0f:73:b7:db:ce:42:8b:bc:cf:c5:e5:63:
                    9c:e3:75:9d:96:b3:e4:cb:9c:a7:9a:e7:cd:6c:d3:
                    81:a9:67:20:3c:96:10:46:0d:36:d9:2e:25:bb:f9:
                    77:ba:c8:59:0d:d4:b0:ae:ff:e1:d8:68:fd:80:08:
                    67:5f:8d:57:6b:af:a0:13:9d:92:2e:a1:1a:5e:d6:
                    90:05:c1:c4:1c:18:f5:d5:e6:03:27:4a:e8:ba:5a:
                    81:c9:82:46:97:ed:c3:51:51:c2:0e:52:02:95:78:
                    2a:24:db:93:f6:7b:c2:76:f0:2d:d9:2e:f2:df:b1:
                    06:b8:07:f3:1b:06:7e:9c:19:1e:f8:b9:87:58:2a:
                    78:18:29:4b:82:47:c2:77:6e:69:b3:79:98:e3:66:
                    7e:4b:11:14:a9:e5:ff:70:be:a1:da:26:24:a6:f2:
                    4f:d3:c0:34:28:a1:bf:79:47:32:e4:7d:0f:1b:48:
                    44:a1:92:9a:d1:b4:05:cf:6f:2c:7f:94:a8:5a:a2:
                    56:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:68:69:E2:A3:75:93:F0:34:72:92:74:58:31:47:CC:20:55:4D:A3
            X509v3 Authority Key Identifier:
                keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Hmhp4qN1k_A0cpJ0WDFHzCBVTaM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.10.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:97:c8:24:de:4a:0a:94:c3:b2:60:94:e5:28:7f:37:97:c9:
         d6:9d:79:8f:53:5f:a0:3a:01:f8:08:d6:98:30:6c:7f:a6:91:
         75:7c:21:61:5a:e6:3e:ab:00:31:b1:d9:bd:37:01:d9:dc:d2:
         fd:83:02:87:af:f4:73:72:10:99:cf:c7:8b:a7:ff:d5:2d:72:
         c8:a2:64:0d:21:dd:ad:ad:b2:8d:8d:9c:22:a8:a8:31:34:86:
         03:64:23:bf:4f:89:90:42:fa:e9:6a:9b:d4:7d:c5:bd:0a:16:
         a9:58:b6:f5:e8:26:af:b7:93:6f:b6:7e:04:2f:ff:91:f4:da:
         b0:67:c1:00:9d:85:d3:dd:bf:cd:66:13:f9:37:98:38:b4:69:
         e4:a6:76:f7:b9:d4:d0:89:52:ac:d8:15:48:51:a8:14:39:db:
         93:ce:73:0c:86:10:c2:02:bb:07:04:32:27:cc:79:c5:c4:14:
         32:5d:ff:4a:85:a2:23:f3:36:16:df:fe:c1:a0:64:ee:98:f2:
         1a:08:fe:74:35:94:89:95:6a:0c:0f:5d:b0:fa:a5:fb:52:11:
         63:d3:fc:02:bd:83:23:95:55:d9:02:e3:29:53:ca:16:fc:21:
         6d:0b:14:70:33:d0:9b:a9:67:91:83:47:9d:1c:3e:1c:2e:a1:
         e1:16:49:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe3sZXGgqOwN53+mPieHrIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjMwNDI1MDkxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTY4NjllMmEzNzU5M2YwMzQ3MjkyNzQ1ODMxNDdjYzIwNTU0ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDLoVVxFoY6D7iBwPtQKmJ96QHAH
vQQSZ3orKeRVyq2551QUh9Kdj9qELnG2JC60r0lopdezndS8l74oDuIPc7fbzkKL
vM/F5WOc43WdlrPky5ynmufNbNOBqWcgPJYQRg022S4lu/l3ushZDdSwrv/h2Gj9
gAhnX41Xa6+gE52SLqEaXtaQBcHEHBj11eYDJ0roulqByYJGl+3DUVHCDlIClXgq
JNuT9nvCdvAt2S7y37EGuAfzGwZ+nBke+LmHWCp4GClLgkfCd25ps3mY42Z+SxEU
qeX/cL6h2iYkpvJP08A0KKG/eUcy5H0PG0hEoZKa0bQFz28sf5SoWqJWNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5oaeKjdZPwNHKSdFgxR8wgVU2jMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvSG1ocDRxTjFrX0EwY3BKMFdERkh6Q0JWVGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQr8MA0G
CSqGSIb3DQEBCwUAA4IBAQBYl8gk3koKlMOyYJTlKH83l8nWnXmPU1+gOgH4CNaY
MGx/ppF1fCFhWuY+qwAxsdm9NwHZ3NL9gwKHr/RzchCZz8eLp//VLXLIomQNId2t
rbKNjZwiqKgxNIYDZCO/T4mQQvrpapvUfcW9ChapWLb16Cavt5Nvtn4EL/+R9Nqw
Z8EAnYXT3b/NZhP5N5g4tGnkpnb3udTQiVKs2BVIUagUOduTznMMhhDCArsHBDIn
zHnFxBQyXf9KhaIj8zYW3/7BoGTumPIaCP50NZSJlWoMD12w+qX7UhFj0/wCvYMj
lVXZAuMpU8oW/CFtCxRwM9CbqWeRg0edHD4cLqHhFkn3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:47 2024 by rpki-client on console-ams.rpki-client.org