Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/HzqCkEqGcoJPkvreZESrP_uQYCQ.roa
File:                     HzqCkEqGcoJPkvreZESrP_uQYCQ.roa (raw, json)
Hash identifier:          dSrwxszgQIptJRkunGi0TtKejBcTdn9tCWl/Fvmj0+A=
Subject key identifier:   1F:3A:82:90:4A:86:72:82:4F:92:FA:DE:64:44:AB:3F:FB:90:60:24
Certificate issuer:       /CN=ffbcae2b290c801d57d09d025a9348e16706f182
Certificate serial:       01856E01F66709FD4F1F16EB434D9CB29E7A
Authority key identifier: FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/HzqCkEqGcoJPkvreZESrP_uQYCQ.roa
Signing time:             Sun 01 Jan 2023 15:45:00 +0000
ROA not before:           Sun 01 Jan 2023 15:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12985
IP address blocks:        194.53.61.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Feb 2023 09:09:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:01:f6:67:09:fd:4f:1f:16:eb:43:4d:9c:b2:9e:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffbcae2b290c801d57d09d025a9348e16706f182
        Validity
            Not Before: Jan  1 15:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f3a82904a8672824f92fade6444ab3ffb906024
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:7d:b2:e7:02:a7:dc:42:d8:3f:47:3d:20:79:
                    9d:ca:8d:0c:bb:4a:3e:0b:0d:80:cf:eb:c7:59:58:
                    43:b3:2e:dc:23:6f:74:9a:fc:23:83:53:4f:63:97:
                    57:0c:10:49:be:c7:3c:ac:b9:09:a8:cf:9a:dc:64:
                    ce:21:1a:82:99:00:30:53:0a:64:f4:ba:41:1c:8f:
                    c4:74:83:be:5a:24:c1:88:4f:62:c1:2b:ea:95:28:
                    8f:af:28:16:6a:c1:ea:96:ac:4d:32:e8:c0:e1:4f:
                    db:ac:8f:60:38:03:ef:61:92:d2:2c:c5:81:bb:03:
                    bd:2c:65:da:f7:46:32:80:30:c4:f9:49:9d:f3:35:
                    f5:fe:cf:a9:fc:58:24:7b:ec:51:20:06:eb:84:68:
                    5e:13:cb:50:7c:90:85:56:96:3e:44:6c:c8:94:d4:
                    b5:b8:5a:6c:2a:7f:79:f8:8b:86:18:c8:32:87:9c:
                    e0:4e:cf:c3:c0:f9:8b:53:00:5b:75:12:a1:64:61:
                    00:cf:cb:24:f1:91:3a:12:ee:85:15:cf:20:46:99:
                    4f:38:ce:02:a1:32:44:3e:4c:c1:eb:3a:f9:86:38:
                    d8:e2:e1:e8:b6:7b:ed:7d:dc:02:b8:c7:81:1f:6c:
                    3a:1b:92:bd:65:bd:25:b3:33:de:ce:4e:32:ea:2b:
                    0b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:3A:82:90:4A:86:72:82:4F:92:FA:DE:64:44:AB:3F:FB:90:60:24
            X509v3 Authority Key Identifier:
                keyid:FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/HzqCkEqGcoJPkvreZESrP_uQYCQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/_7yuKykMgB1X0J0CWpNI4WcG8YI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.53.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:42:39:53:3b:87:9b:a8:4e:e1:dd:21:a8:2a:76:03:bb:d3:
         f4:3f:68:26:af:a5:50:8a:4d:58:9e:21:8a:d1:d7:e4:cd:8f:
         3b:a1:2f:9b:43:b9:15:a7:9d:58:8f:9a:cf:42:2a:75:5d:93:
         7a:2f:25:c0:52:1b:ba:33:35:0f:d5:36:f6:66:75:02:ee:32:
         43:cc:82:a7:b2:11:65:a1:09:c7:5a:2d:18:f2:b0:f3:16:70:
         ee:45:e9:a9:bc:7a:83:91:37:19:b6:5b:8e:21:5f:8c:62:fc:
         a4:a3:30:69:41:6e:d9:b1:40:02:7a:2c:93:b7:b2:6e:3b:32:
         91:3c:30:21:23:33:d3:21:36:bc:b2:a8:21:bc:ba:12:b2:cd:
         5f:88:1f:30:3f:cd:1d:04:86:f8:06:c3:90:9c:2a:a1:b6:1b:
         80:e2:c0:4a:fe:0f:c4:c2:41:fd:ce:e2:79:d6:b6:6c:d0:88:
         e8:0b:49:eb:d7:d5:a1:0b:1c:a5:3a:94:36:a5:6b:da:39:f4:
         6c:a6:c0:4a:81:17:9f:30:38:5b:91:a3:a0:68:8b:ce:2d:e7:
         c8:72:82:6e:c7:8b:a7:34:e2:3f:be:af:1f:37:e1:5e:ee:16:
         1d:1d:f1:13:ed:da:7e:61:c4:98:39:a0:00:e1:8b:77:34:66:
         5e:0c:df:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAfZnCf1PHxbrQ02csp56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYmNhZTJiMjkwYzgwMWQ1N2QwOWQwMjVhOTM0OGUxNjcw
NmYxODIwHhcNMjMwMTAxMTU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNhODI5MDRhODY3MjgyNGY5MmZhZGU2NDQ0YWIzZmZiOTA2MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH2y5wKn3ELYP0c9IHmdyo0Mu0o+
Cw2Az+vHWVhDsy7cI290mvwjg1NPY5dXDBBJvsc8rLkJqM+a3GTOIRqCmQAwUwpk
9LpBHI/EdIO+WiTBiE9iwSvqlSiPrygWasHqlqxNMujA4U/brI9gOAPvYZLSLMWB
uwO9LGXa90YygDDE+Umd8zX1/s+p/Fgke+xRIAbrhGheE8tQfJCFVpY+RGzIlNS1
uFpsKn95+IuGGMgyh5zgTs/DwPmLUwBbdRKhZGEAz8sk8ZE6Eu6FFc8gRplPOM4C
oTJEPkzB6zr5hjjY4uHotnvtfdwCuMeBH2w6G5K9Zb0lszPezk4y6isLvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB86gpBKhnKCT5L63mREqz/7kGAkMB8GA1UdIwQY
MBaAFP+8rispDIAdV9CdAlqTSOFnBvGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzd5dUt5a01nQjFYMEowQ1dwTkk0V2NHOFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81OWJjZDEtMWUwYi00ODVkLTk1MTAt
MDk2YWY0NzhmMDRiLzEvSHpxQ2tFcUdjb0pQa3ZyZVpFU3JQX3VRWUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81OWJjZDEtMWUwYi00ODVkLTk1MTAtMDk2YWY0NzhmMDRi
LzEvXzd5dUt5a01nQjFYMEowQ1dwTkk0V2NHOFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjU9MA0G
CSqGSIb3DQEBCwUAA4IBAQBZQjlTO4ebqE7h3SGoKnYDu9P0P2gmr6VQik1YniGK
0dfkzY87oS+bQ7kVp51Yj5rPQip1XZN6LyXAUhu6MzUP1Tb2ZnUC7jJDzIKnshFl
oQnHWi0Y8rDzFnDuRempvHqDkTcZtluOIV+MYvykozBpQW7ZsUACeiyTt7JuOzKR
PDAhIzPTITa8sqghvLoSss1fiB8wP80dBIb4BsOQnCqhthuA4sBK/g/EwkH9zuJ5
1rZs0IjoC0nr19WhCxylOpQ2pWvaOfRspsBKgRefMDhbkaOgaIvOLefIcoJux4un
NOI/vq8fN+Fe7hYdHfET7dp+YcSYOaAA4Yt3NGZeDN8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:43 2024 by rpki-client on console-fra.rpki-client.org