Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/HXNYGuo_3tvpijkkjydwVr_07yo.roa
File:                     HXNYGuo_3tvpijkkjydwVr_07yo.roa (raw, json)
Hash identifier:          35svyXicweHbcxy+seV1VOD4QyHXmjY0md/o6M/x6hk=
Subject key identifier:   1D:73:58:1A:EA:3F:DE:DB:E9:8A:39:24:8F:27:70:56:BF:F4:EF:2A
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018AE26C420541DE349E255DB1CC32216DB4
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/HXNYGuo_3tvpijkkjydwVr_07yo.roa
Signing time:             Fri 29 Sep 2023 19:30:59 +0000
ROA not before:           Fri 29 Sep 2023 19:30:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        176.57.55.0/24 maxlen: 24
                          81.21.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Oct 2023 13:08:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:e2:6c:42:05:41:de:34:9e:25:5d:b1:cc:32:21:6d:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Sep 29 19:30:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d73581aea3fdedbe98a39248f277056bff4ef2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:bf:9f:48:89:06:90:07:b6:ae:30:c0:e2:b6:
                    22:6f:f1:b8:1b:34:cb:22:65:41:21:ad:a9:45:21:
                    e7:4b:c0:7b:cf:10:b7:3e:38:e8:53:8a:1a:2c:c4:
                    0d:0c:be:4a:c8:68:d9:c6:1b:8d:d2:bc:67:33:8e:
                    49:69:11:a6:17:3d:2d:d8:dc:3f:25:24:49:79:9a:
                    2b:6e:a9:05:9a:18:3d:be:ef:63:06:73:b9:75:95:
                    2e:62:6f:63:15:d8:a9:69:95:ea:90:88:75:06:45:
                    99:1d:d9:0f:1f:de:2f:47:b2:e8:ae:8d:34:3a:e0:
                    b8:49:89:39:b0:93:16:9f:a7:6a:6d:5e:7b:cc:4e:
                    f8:4c:45:b6:88:3d:db:fd:0d:ab:ca:23:a0:d8:84:
                    e6:60:28:6b:a6:8a:b3:ab:43:fc:48:07:fc:37:3c:
                    da:d2:5d:1e:5a:17:9d:09:f0:f5:97:35:15:eb:1f:
                    17:f6:fc:81:01:b4:17:af:11:6c:c4:c6:7b:8c:46:
                    8d:5b:16:e0:0b:1c:e8:88:cd:06:ca:57:65:51:de:
                    6d:f7:4c:cc:bf:f7:01:37:89:42:24:04:fc:72:fd:
                    23:cb:c8:a0:38:35:0e:23:9d:4c:33:db:44:31:72:
                    91:c5:bf:30:67:f9:48:e2:9b:fa:df:61:71:b9:f9:
                    e3:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:73:58:1A:EA:3F:DE:DB:E9:8A:39:24:8F:27:70:56:BF:F4:EF:2A
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/HXNYGuo_3tvpijkkjydwVr_07yo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.21.10.0/24
                  176.57.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:dc:eb:f8:fb:61:da:13:fc:90:da:6f:97:43:f2:93:e1:99:
         62:58:c8:0c:95:37:ea:e1:ca:ad:5a:03:47:cb:e0:d9:d8:1a:
         ea:39:7c:06:c6:07:bc:1e:70:bf:4a:56:71:95:c1:07:ec:5b:
         e7:5c:22:5a:de:d2:09:9b:8b:ba:12:af:6f:97:21:07:16:9d:
         82:7d:d2:9a:e3:e4:99:28:6f:71:eb:61:cd:e7:57:63:89:d8:
         2a:9b:a8:75:1e:16:48:f6:a7:e1:ef:3d:4c:75:e1:60:23:13:
         cb:fe:79:a0:48:57:0e:f5:a7:65:eb:92:f9:6f:d9:d8:23:9d:
         79:d2:fa:c7:e2:9b:cf:5e:b3:17:e6:b5:3e:4e:34:b6:c0:3d:
         2b:8b:e9:2f:cc:48:8b:07:e4:c9:ed:93:20:1c:f4:73:d9:a7:
         37:9a:8b:07:b0:10:e6:e5:23:b5:77:73:a3:de:7c:48:94:44:
         77:29:25:8f:87:52:32:12:6e:1f:dc:f3:97:cc:16:98:7d:a9:
         59:74:40:05:2b:13:88:07:cb:6e:00:02:9c:04:46:6a:04:fd:
         e2:33:c8:a8:b3:bb:dc:cb:48:22:50:ac:74:45:27:ef:75:ac:
         4d:26:bd:ef:51:56:bb:ab:87:a1:70:f8:31:a5:b6:71:00:e1:
         51:0b:b3:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYribEIFQd40niVdscwyIW20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwOTI5MTkzMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDczNTgxYWVhM2ZkZWRiZTk4YTM5MjQ4ZjI3NzA1NmJmZjRlZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb+fSIkGkAe2rjDA4rYib/G4GzTL
ImVBIa2pRSHnS8B7zxC3PjjoU4oaLMQNDL5KyGjZxhuN0rxnM45JaRGmFz0t2Nw/
JSRJeZorbqkFmhg9vu9jBnO5dZUuYm9jFdipaZXqkIh1BkWZHdkPH94vR7Loro00
OuC4SYk5sJMWn6dqbV57zE74TEW2iD3b/Q2ryiOg2ITmYChrpoqzq0P8SAf8Nzza
0l0eWhedCfD1lzUV6x8X9vyBAbQXrxFsxMZ7jEaNWxbgCxzoiM0GyldlUd5t90zM
v/cBN4lCJAT8cv0jy8igODUOI51MM9tEMXKRxb8wZ/lI4pv632FxufnjLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB1zWBrqP97b6Yo5JI8ncFa/9O8qMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSFhOWUd1b18zdHZwaWpra2p5ZHdWcl8wN3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURUKAwQA
sDk3MA0GCSqGSIb3DQEBCwUAA4IBAQB13Ov4+2HaE/yQ2m+XQ/KT4ZliWMgMlTfq
4cqtWgNHy+DZ2BrqOXwGxge8HnC/SlZxlcEH7FvnXCJa3tIJm4u6Eq9vlyEHFp2C
fdKa4+SZKG9x62HN51djidgqm6h1HhZI9qfh7z1MdeFgIxPL/nmgSFcO9adl65L5
b9nYI5150vrH4pvPXrMX5rU+TjS2wD0ri+kvzEiLB+TJ7ZMgHPRz2ac3mosHsBDm
5SO1d3Oj3nxIlER3KSWPh1IyEm4f3POXzBaYfalZdEAFKxOIB8tuAAKcBEZqBP3i
M8ios7vcy0giUKx0RSfvdaxNJr3vUVa7q4ehcPgxpbZxAOFRC7NA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org