Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/OHIS_ESTXV4EYP7EuT4rw6_0Sj0.roa
File:                     OHIS_ESTXV4EYP7EuT4rw6_0Sj0.roa (raw, json)
Hash identifier:          ixlWi+5zNfulgElGPYYfw3nG4ayrL/BzytfpL0d5if0=
Subject key identifier:   38:72:12:FC:44:93:5D:5E:04:60:FE:C4:B9:3E:2B:C3:AF:F4:4A:3D
Certificate issuer:       /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial:       01869122FD72E1361891702A054B6A76B6EB
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/OHIS_ESTXV4EYP7EuT4rw6_0Sj0.roa
Signing time:             Mon 27 Feb 2023 04:30:34 +0000
ROA not before:           Mon 27 Feb 2023 04:30:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20879
IP address blocks:        176.223.0.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:91:22:fd:72:e1:36:18:91:70:2a:05:4b:6a:76:b6:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
        Validity
            Not Before: Feb 27 04:30:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=387212fc44935d5e0460fec4b93e2bc3aff44a3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f8:91:d4:61:27:6b:0e:6b:ca:f3:9a:f8:fa:
                    f9:5c:22:f7:43:7d:7a:da:62:d5:67:07:21:63:b1:
                    f9:07:ec:c1:5f:02:62:6d:9e:4b:c4:76:15:10:37:
                    3d:72:0c:61:e8:7e:ea:39:68:17:cd:56:0f:13:ea:
                    4b:7f:0f:d0:e7:ef:f8:83:2f:b9:f1:9c:de:bd:0d:
                    69:a0:99:bf:21:85:fd:85:56:e3:47:f4:27:64:02:
                    fd:5a:d5:50:70:3e:7f:6c:e4:84:52:b4:ad:53:e3:
                    2e:6e:7a:d9:23:7f:6b:1b:9f:a1:39:81:f2:dd:12:
                    c1:dd:fc:f5:30:5f:78:b0:28:a0:a8:fd:44:19:42:
                    c7:40:f5:17:69:11:1b:74:32:42:7a:c1:f0:f2:63:
                    57:74:13:dd:46:00:74:d6:38:f3:64:e7:b2:ee:e5:
                    1c:cf:93:7c:d3:29:38:27:ea:03:27:1b:12:8a:ee:
                    ec:08:7f:a9:3c:56:0c:e8:76:5e:b2:a1:21:32:59:
                    af:22:de:87:e7:9c:8d:f0:8c:0f:a1:8c:af:2a:57:
                    b8:e1:cf:6e:e4:f2:c0:ce:2b:91:e8:23:a2:92:86:
                    09:eb:bb:51:44:4d:a3:d3:48:d5:25:28:f5:dc:cc:
                    1f:95:ef:02:4a:42:08:50:db:a7:68:70:1d:3e:f3:
                    34:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:72:12:FC:44:93:5D:5E:04:60:FE:C4:B9:3E:2B:C3:AF:F4:4A:3D
            X509v3 Authority Key Identifier:
                keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/OHIS_ESTXV4EYP7EuT4rw6_0Sj0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.223.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         8d:c5:71:a9:7b:3f:f7:6f:1d:25:0b:73:37:d6:a8:03:87:fc:
         b8:1e:b1:ec:ef:e6:23:8f:a1:23:e5:70:60:47:57:e9:6b:3a:
         8b:fc:37:13:89:44:6c:61:50:53:62:64:22:cb:98:7b:5d:7c:
         84:92:02:11:6c:44:c3:84:b3:3d:67:c0:29:53:c5:e5:ae:cc:
         83:c7:10:d6:3a:85:72:04:8b:3b:9a:78:08:fb:e1:88:22:60:
         fe:5f:41:86:4f:73:70:03:3b:a5:4f:32:fe:c1:cb:c0:2b:8b:
         60:fc:fa:8e:3e:22:d9:15:2c:8f:1a:25:ec:b4:b0:b5:0b:07:
         f9:98:a3:ed:8d:f5:9d:47:e7:3c:9f:45:e5:05:9b:d3:74:b9:
         42:b2:fd:20:84:b9:19:38:b9:13:cd:61:0a:47:da:71:44:b6:
         c4:75:29:d4:ce:21:1b:55:06:18:66:2f:8c:a1:27:b6:44:c0:
         fd:55:27:1d:38:ad:9f:84:7f:a4:ea:2a:c3:8c:cb:6a:b2:58:
         c3:6b:b5:37:23:e4:75:55:fc:e9:10:34:e1:ed:5d:a3:90:50:
         89:ce:16:65:1a:2d:eb:7d:87:9e:ff:67:28:9e:42:dd:9a:65:
         0a:00:33:60:c1:64:38:70:b3:22:af:65:bd:c1:17:09:0b:0c:
         17:e6:88:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaRIv1y4TYYkXAqBUtqdrbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjMwMjI3MDQzMDM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODcyMTJmYzQ0OTM1ZDVlMDQ2MGZlYzRiOTNlMmJjM2FmZjQ0YTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/iR1GEnaw5ryvOa+Pr5XCL3Q316
2mLVZwchY7H5B+zBXwJibZ5LxHYVEDc9cgxh6H7qOWgXzVYPE+pLfw/Q5+/4gy+5
8ZzevQ1poJm/IYX9hVbjR/QnZAL9WtVQcD5/bOSEUrStU+MubnrZI39rG5+hOYHy
3RLB3fz1MF94sCigqP1EGULHQPUXaREbdDJCesHw8mNXdBPdRgB01jjzZOey7uUc
z5N80yk4J+oDJxsSiu7sCH+pPFYM6HZesqEhMlmvIt6H55yN8IwPoYyvKle44c9u
5PLAziuR6COikoYJ67tRRE2j00jVJSj13Mwfle8CSkIIUNunaHAdPvM0jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDhyEvxEk11eBGD+xLk+K8Ov9Eo9MB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvT0hJU19FU1RYVjRFWVA3RXVUNHJ3Nl8wU2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGsN8AMA0G
CSqGSIb3DQEBCwUAA4IBAQCNxXGpez/3bx0lC3M31qgDh/y4HrHs7+Yjj6Ej5XBg
R1fpazqL/DcTiURsYVBTYmQiy5h7XXyEkgIRbETDhLM9Z8ApU8XlrsyDxxDWOoVy
BIs7mngI++GIImD+X0GGT3NwAzulTzL+wcvAK4tg/PqOPiLZFSyPGiXstLC1Cwf5
mKPtjfWdR+c8n0XlBZvTdLlCsv0ghLkZOLkTzWEKR9pxRLbEdSnUziEbVQYYZi+M
oSe2RMD9VScdOK2fhH+k6irDjMtqsljDa7U3I+R1VfzpEDTh7V2jkFCJzhZlGi3r
fYee/2conkLdmmUKADNgwWQ4cLMir2W9wRcJCwwX5ojt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:13 2024 by rpki-client on console-fra.rpki-client.org