Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/HpqjEXoLWvwuiHzZH-jJLJEE3eY.roa
File:                     HpqjEXoLWvwuiHzZH-jJLJEE3eY.roa (raw, json)
Hash identifier:          4nQA1RSG2wZcbq7SaetRgJKyeXQeAfCgDti9nKtKTWs=
Subject key identifier:   1E:9A:A3:11:7A:0B:5A:FC:2E:88:7C:D9:1F:E8:C9:2C:91:04:DD:E6
Certificate issuer:       /CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Certificate serial:       01856F30047226516BA8E01ACA84487FBB05
Authority key identifier: 87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/HpqjEXoLWvwuiHzZH-jJLJEE3eY.roa
Signing time:             Sun 01 Jan 2023 21:14:55 +0000
ROA not before:           Sun 01 Jan 2023 21:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208599
IP address blocks:        185.151.76.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:30:04:72:26:51:6b:a8:e0:1a:ca:84:48:7f:bb:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
        Validity
            Not Before: Jan  1 21:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e9aa3117a0b5afc2e887cd91fe8c92c9104dde6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:52:6b:1f:3e:a7:2e:c1:57:97:2c:1f:de:d6:
                    e6:c4:0f:a7:62:6e:99:8a:93:16:26:5b:ad:a1:06:
                    07:19:7d:88:77:66:2b:12:8b:1a:c3:8d:be:3f:49:
                    34:6f:3e:b7:9c:db:12:6c:43:c2:4b:1e:e4:61:8b:
                    a2:c2:6a:1b:ab:e1:cb:7c:e3:4e:fc:59:fc:7e:0a:
                    13:7c:c5:33:25:8b:b7:02:6f:fe:33:a1:ec:e0:ea:
                    bf:11:5d:f6:39:08:21:88:94:58:f7:d5:72:58:8a:
                    06:5d:bc:5b:9f:49:66:88:8b:50:09:07:06:7d:87:
                    e8:af:d6:75:1c:16:24:b5:3a:32:1c:27:8b:08:61:
                    e7:b8:89:56:0f:dd:57:a7:e5:69:7a:97:69:66:34:
                    a8:1a:36:ed:26:ca:7d:d8:dd:9d:39:fe:e6:7b:05:
                    4d:52:df:4e:f4:2d:ae:55:d5:3c:39:a2:ec:27:e2:
                    1e:8f:2c:1b:1b:13:59:c4:c3:b2:d4:ab:a1:aa:b6:
                    2f:81:40:f5:a7:a8:ef:db:ba:c6:8e:aa:95:2f:93:
                    53:54:73:83:e2:05:20:f0:39:40:d8:51:77:f0:19:
                    fe:8d:fc:2f:e2:9c:63:2f:0d:7a:b4:20:7e:43:ac:
                    92:df:5e:78:e0:0c:5e:18:c4:d2:4d:17:04:4c:6d:
                    45:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:9A:A3:11:7A:0B:5A:FC:2E:88:7C:D9:1F:E8:C9:2C:91:04:DD:E6
            X509v3 Authority Key Identifier:
                keyid:87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/HpqjEXoLWvwuiHzZH-jJLJEE3eY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/h_Qa4HeeN978abKlsPerj9QM0-c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8c:6a:a3:23:3c:0a:29:31:fd:3b:d0:70:71:08:fa:c1:04:92:
         7d:80:d6:35:ae:c3:d1:5a:5b:e3:2b:ad:81:c4:06:fc:2f:9c:
         0e:6e:05:ba:48:a1:ec:9d:45:65:46:11:d4:0e:a1:2f:89:1a:
         21:0b:3f:74:3d:6a:05:56:34:88:bc:97:8a:8d:e6:e4:16:72:
         18:0c:bc:2e:b1:f4:d2:31:b1:73:6a:af:9c:4c:9e:de:7d:da:
         16:98:b7:0f:68:3c:37:49:20:b5:81:21:74:31:6b:7c:aa:05:
         7c:bf:31:9f:29:07:09:f3:a0:69:cf:1e:e6:76:2e:44:24:b4:
         e9:92:8b:bd:d9:0c:21:7e:06:df:13:d0:b7:65:b2:4b:57:1b:
         8d:f0:c9:b7:86:6f:39:ce:1c:94:8b:88:c6:eb:ed:30:8e:65:
         65:66:27:ce:65:ca:0a:bd:d4:36:49:6a:d3:0b:1a:33:e2:db:
         49:ed:ad:cb:3f:dc:b8:bf:ca:19:0f:8f:13:fd:d2:d8:f5:59:
         f7:5e:36:96:d7:b8:47:5f:5d:76:ce:0a:ec:99:33:00:52:79:
         10:b9:43:fa:63:94:8c:00:44:08:8d:60:01:11:4a:ae:5d:aa:
         92:85:6d:bb:f6:21:ea:94:6a:04:0e:a8:9d:ac:99:3b:6b:f4:
         ea:48:2a:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMARyJlFrqOAayoRIf7sFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjQxYWUwNzc5ZTM3ZGVmYzY5YjJhNWIwZjdhYjhmZDQw
Y2QzZTcwHhcNMjMwMTAxMjExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTlhYTMxMTdhMGI1YWZjMmU4ODdjZDkxZmU4YzkyYzkxMDRkZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1JrHz6nLsFXlywf3tbmxA+nYm6Z
ipMWJlutoQYHGX2Id2YrEosaw42+P0k0bz63nNsSbEPCSx7kYYuiwmobq+HLfONO
/Fn8fgoTfMUzJYu3Am/+M6Hs4Oq/EV32OQghiJRY99VyWIoGXbxbn0lmiItQCQcG
fYfor9Z1HBYktToyHCeLCGHnuIlWD91Xp+VpepdpZjSoGjbtJsp92N2dOf7mewVN
Ut9O9C2uVdU8OaLsJ+IejywbGxNZxMOy1KuhqrYvgUD1p6jv27rGjqqVL5NTVHOD
4gUg8DlA2FF38Bn+jfwv4pxjLw16tCB+Q6yS31544AxeGMTSTRcETG1FPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6aoxF6C1r8Loh82R/oySyRBN3mMB8GA1UdIwQY
MBaAFIf0GuB3njfe/GmypbD3q4/UDNPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYt
YzQzYWIyYTEyZDU1LzEvSHBxakVYb0xXdnd1aUh6WkgtakpMSkVFM2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYtYzQzYWIyYTEyZDU1
LzEvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZdMMA0G
CSqGSIb3DQEBCwUAA4IBAQCMaqMjPAopMf070HBxCPrBBJJ9gNY1rsPRWlvjK62B
xAb8L5wObgW6SKHsnUVlRhHUDqEviRohCz90PWoFVjSIvJeKjebkFnIYDLwusfTS
MbFzaq+cTJ7efdoWmLcPaDw3SSC1gSF0MWt8qgV8vzGfKQcJ86Bpzx7mdi5EJLTp
kou92QwhfgbfE9C3ZbJLVxuN8Mm3hm85zhyUi4jG6+0wjmVlZifOZcoKvdQ2SWrT
Cxoz4ttJ7a3LP9y4v8oZD48T/dLY9Vn3XjaW17hHX112zgrsmTMAUnkQuUP6Y5SM
AEQIjWABEUquXaqShW279iHqlGoEDqidrJk7a/TqSCot
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org