Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/28e113-3931-4d3d-b793-ecb80702a117/1/HsnpO8YCjLF5UP32h27sSR9lGMM.roa
File:                     HsnpO8YCjLF5UP32h27sSR9lGMM.roa (raw, json)
Hash identifier:          ZUHgnDhMM/AfPkQ37/nSmEdZydD2stEXYtS+7Z+5Pl4=
Subject key identifier:   1E:C9:E9:3B:C6:02:8C:B1:79:50:FD:F6:87:6E:EC:49:1F:65:18:C3
Certificate issuer:       /CN=8e90bd2870050c84477a161eb090f05eb962016c
Certificate serial:       01856CB834B030AB0DDB800AE2C21AEF061D
Authority key identifier: 8E:90:BD:28:70:05:0C:84:47:7A:16:1E:B0:90:F0:5E:B9:62:01:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jpC9KHAFDIRHehYesJDwXrliAWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/28e113-3931-4d3d-b793-ecb80702a117/1/HsnpO8YCjLF5UP32h27sSR9lGMM.roa
Signing time:             Sun 01 Jan 2023 09:44:49 +0000
ROA not before:           Sun 01 Jan 2023 09:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     786
IP address blocks:        136.201.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:34:b0:30:ab:0d:db:80:0a:e2:c2:1a:ef:06:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e90bd2870050c84477a161eb090f05eb962016c
        Validity
            Not Before: Jan  1 09:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ec9e93bc6028cb17950fdf6876eec491f6518c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:0c:e1:13:9f:81:b8:dd:91:1c:23:00:22:46:
                    ae:74:1e:ef:d4:f4:4d:57:bc:8b:c4:f8:4f:25:ea:
                    69:60:9d:5b:fc:be:72:d9:bd:bf:ce:58:6a:d2:09:
                    05:c0:2e:76:cf:08:0e:14:db:0c:2b:84:9c:a0:58:
                    ed:26:0f:44:24:e5:b6:9b:fc:ff:fa:7d:94:51:c5:
                    00:a5:ff:ee:70:2e:79:f2:2f:45:3e:9b:ad:bc:5c:
                    d0:de:28:6b:6a:11:9b:c4:d4:05:9e:40:96:4f:82:
                    a0:25:29:83:51:c4:97:b6:fb:a9:9d:63:a7:98:c3:
                    0f:c9:3c:c7:c7:c1:c0:ce:16:98:13:f0:2c:6a:d4:
                    f1:11:15:69:b1:02:a9:58:ac:f9:2d:95:0f:51:e5:
                    f8:74:23:ec:60:99:3b:d9:22:f4:1d:d8:5b:ff:1d:
                    3d:d6:e6:8d:dc:36:93:0b:50:42:2d:3f:d6:fa:07:
                    8a:81:b6:31:c4:05:da:00:d6:7c:40:bf:92:f2:61:
                    1e:58:08:af:e4:47:5b:70:c5:15:2f:04:e0:1f:8e:
                    a8:79:66:78:78:70:d7:ae:9b:63:0c:f3:b4:bf:7e:
                    19:b7:66:7e:1e:ee:36:52:ce:d9:a2:61:08:09:5b:
                    9c:ed:e7:e9:b9:28:6a:b7:80:53:ad:b0:b3:28:09:
                    8a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C9:E9:3B:C6:02:8C:B1:79:50:FD:F6:87:6E:EC:49:1F:65:18:C3
            X509v3 Authority Key Identifier:
                keyid:8E:90:BD:28:70:05:0C:84:47:7A:16:1E:B0:90:F0:5E:B9:62:01:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jpC9KHAFDIRHehYesJDwXrliAWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/28e113-3931-4d3d-b793-ecb80702a117/1/HsnpO8YCjLF5UP32h27sSR9lGMM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/28e113-3931-4d3d-b793-ecb80702a117/1/jpC9KHAFDIRHehYesJDwXrliAWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.201.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0f:11:0d:46:12:e3:0b:4c:ba:28:b6:70:9a:fa:69:95:c1:c1:
         b2:31:ad:b7:0b:4a:e4:a2:73:19:b3:b3:7d:58:34:ec:16:e6:
         48:74:5b:a6:f2:4d:86:07:e5:8c:70:80:10:8c:56:7a:d1:1f:
         1b:75:7d:1b:de:93:99:c6:52:1b:fc:1e:11:b9:5e:d9:c9:c4:
         b0:b8:8c:0e:6d:90:91:51:c8:87:76:93:a4:d2:14:69:19:6f:
         8c:71:21:cd:ed:a2:1b:99:b7:d6:51:cb:4e:d6:43:9c:39:cc:
         d2:df:2e:d9:b7:f1:6a:10:fc:f5:db:e6:4e:bb:6c:2a:13:34:
         cd:58:f0:41:c4:bf:85:8c:8e:1a:18:97:04:cc:58:c5:00:b7:
         14:7a:a5:c4:1f:26:d4:ca:00:b5:f2:86:35:97:e5:33:d9:62:
         01:17:63:d8:93:e3:72:fd:2a:89:e0:49:7f:95:c1:77:54:75:
         78:15:22:12:41:a6:c6:4f:af:09:25:76:70:2e:51:da:b3:67:
         eb:af:79:be:d4:23:c2:8c:fc:9f:46:84:16:3c:27:73:e6:b1:
         ff:7d:1c:e1:6e:8c:5e:ec:3a:f5:06:ec:0c:fd:e2:bc:f6:4b:
         c9:73:1b:e8:42:be:7d:51:2f:07:73:b1:9a:19:43:50:61:c4:
         52:ac:06:e1
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVsuDSwMKsN24AK4sIa7wYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlOTBiZDI4NzAwNTBjODQ0NzdhMTYxZWIwOTBmMDVlYjk2
MjAxNmMwHhcNMjMwMTAxMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWM5ZTkzYmM2MDI4Y2IxNzk1MGZkZjY4NzZlZWM0OTFmNjUxOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AzhE5+BuN2RHCMAIkaudB7v1PRN
V7yLxPhPJeppYJ1b/L5y2b2/zlhq0gkFwC52zwgOFNsMK4ScoFjtJg9EJOW2m/z/
+n2UUcUApf/ucC558i9FPputvFzQ3ihrahGbxNQFnkCWT4KgJSmDUcSXtvupnWOn
mMMPyTzHx8HAzhaYE/AsatTxERVpsQKpWKz5LZUPUeX4dCPsYJk72SL0Hdhb/x09
1uaN3DaTC1BCLT/W+geKgbYxxAXaANZ8QL+S8mEeWAiv5EdbcMUVLwTgH46oeWZ4
eHDXrptjDPO0v34Zt2Z+Hu42Us7ZomEICVuc7efpuShqt4BTrbCzKAmKnwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFB7J6TvGAoyxeVD99odu7EkfZRjDMB8GA1UdIwQY
MBaAFI6QvShwBQyER3oWHrCQ8F65YgFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanBDOUtIQUZESVJIZWhZZXNKRHdYcmxpQVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yOGUxMTMtMzkzMS00ZDNkLWI3OTMt
ZWNiODA3MDJhMTE3LzEvSHNucE84WUNqTEY1VVAzMmgyN3NTUjlsR01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yOGUxMTMtMzkzMS00ZDNkLWI3OTMtZWNiODA3MDJhMTE3
LzEvanBDOUtIQUZESVJIZWhZZXNKRHdYcmxpQVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAiMkwDQYJ
KoZIhvcNAQELBQADggEBAA8RDUYS4wtMuii2cJr6aZXBwbIxrbcLSuSicxmzs31Y
NOwW5kh0W6byTYYH5YxwgBCMVnrRHxt1fRvek5nGUhv8HhG5XtnJxLC4jA5tkJFR
yId2k6TSFGkZb4xxIc3tohuZt9ZRy07WQ5w5zNLfLtm38WoQ/PXb5k67bCoTNM1Y
8EHEv4WMjhoYlwTMWMUAtxR6pcQfJtTKALXyhjWX5TPZYgEXY9iT43L9KongSX+V
wXdUdXgVIhJBpsZPrwkldnAuUdqzZ+uveb7UI8KM/J9GhBY8J3Pmsf99HOFujF7s
OvUG7Az94rz2S8lzG+hCvn1RLwdzsZoZQ1BhxFKsBuE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:49 2024 by rpki-client on console-fra.rpki-client.org