Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/2f339b-f19f-452f-88be-29ffc4443901/1/HpWmxxUpvQxikVnQ2QNEwMugmd0.roa
File:                     HpWmxxUpvQxikVnQ2QNEwMugmd0.roa (raw, json)
Hash identifier:          2O8zkkeDxQXFntV2deAnoXDntnT1llis+CyGI2Q6AQ0=
Subject key identifier:   1E:95:A6:C7:15:29:BD:0C:62:91:59:D0:D9:03:44:C0:CB:A0:99:DD
Certificate issuer:       /CN=75535bade37a3d6fc380442a285e157b984ca91d
Certificate serial:       018B4C8CC675E4269EF6832496421F9C7AC0
Authority key identifier: 75:53:5B:AD:E3:7A:3D:6F:C3:80:44:2A:28:5E:15:7B:98:4C:A9:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dVNbreN6PW_DgEQqKF4Ve5hMqR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/2f339b-f19f-452f-88be-29ffc4443901/1/HpWmxxUpvQxikVnQ2QNEwMugmd0.roa
Signing time:             Fri 20 Oct 2023 10:06:16 +0000
ROA not before:           Fri 20 Oct 2023 10:06:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41690
IP address blocks:        188.65.120.0/21 maxlen: 24
                          195.8.214.0/23 maxlen: 24
                          185.223.156.0/22 maxlen: 24
                          2a03:d1c0::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:4c:8c:c6:75:e4:26:9e:f6:83:24:96:42:1f:9c:7a:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75535bade37a3d6fc380442a285e157b984ca91d
        Validity
            Not Before: Oct 20 10:06:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e95a6c71529bd0c629159d0d90344c0cba099dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:7c:13:a7:ec:53:86:fd:64:0e:56:96:6e:25:
                    04:2b:9d:01:30:e3:65:10:4a:4a:39:00:2c:6f:ba:
                    2a:0e:95:e9:f6:81:19:96:0b:84:f2:e9:94:54:d5:
                    e4:82:ba:f3:3f:29:f2:2b:95:81:6a:13:7d:f7:2e:
                    f2:53:a9:e1:ab:3f:17:1f:e2:ff:b9:d5:84:c8:eb:
                    f7:89:56:d0:d5:28:82:04:da:81:88:f1:7d:e1:78:
                    65:63:ef:f4:c3:bb:6f:21:f5:c8:df:be:d4:8d:a2:
                    2f:00:65:0f:d7:67:ef:c2:9a:61:e0:6c:79:81:1b:
                    d2:36:fa:8e:f6:f7:6a:b2:73:30:44:35:09:85:52:
                    e4:7a:5b:99:c6:f1:2e:13:e0:81:ab:ed:11:c9:0d:
                    ad:bf:c9:24:a0:8f:89:8b:53:ec:10:5b:23:69:4c:
                    6c:26:16:50:62:bd:03:a9:d6:4f:a4:b4:9d:b7:0e:
                    0f:e1:77:dc:2e:43:00:7a:af:34:af:99:20:85:b1:
                    c3:0f:ed:80:16:bd:91:fa:c9:9f:f8:64:22:f1:52:
                    fd:29:76:1c:02:40:1f:fb:04:af:80:0a:54:30:e0:
                    39:cc:24:9a:8e:6f:dd:a6:4e:ff:33:17:a8:0f:fa:
                    8e:be:ea:bf:7a:c2:d7:57:1d:62:bf:cb:a7:ca:a0:
                    0e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:95:A6:C7:15:29:BD:0C:62:91:59:D0:D9:03:44:C0:CB:A0:99:DD
            X509v3 Authority Key Identifier:
                keyid:75:53:5B:AD:E3:7A:3D:6F:C3:80:44:2A:28:5E:15:7B:98:4C:A9:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVNbreN6PW_DgEQqKF4Ve5hMqR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2f339b-f19f-452f-88be-29ffc4443901/1/HpWmxxUpvQxikVnQ2QNEwMugmd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2f339b-f19f-452f-88be-29ffc4443901/1/dVNbreN6PW_DgEQqKF4Ve5hMqR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.223.156.0/22
                  188.65.120.0/21
                  195.8.214.0/23
                IPv6:
                  2a03:d1c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         14:cb:89:28:b5:e4:7d:de:f0:c9:89:ee:a6:35:2f:91:0f:4e:
         a8:14:b5:bf:85:8b:03:d3:30:56:e5:f9:a0:ff:e0:dd:d4:2d:
         d4:54:2f:53:2e:4f:90:e1:23:9f:ac:e7:ca:7a:e3:a4:fd:21:
         10:df:26:27:d1:8e:89:aa:3b:60:9c:07:3a:43:5c:56:c6:c9:
         00:e6:ce:24:95:5d:0e:18:3c:8f:a7:d1:2c:69:1b:89:5b:32:
         ca:cf:eb:5a:b9:ab:0d:04:2a:f4:77:07:e4:b0:af:08:c3:59:
         b5:da:af:b9:75:cb:1c:df:34:0f:25:e8:54:69:46:1c:fa:4e:
         e8:35:43:58:44:aa:67:34:3f:df:fe:1f:e6:0e:ab:1b:14:41:
         dd:a9:2c:83:be:b4:b3:67:05:57:7b:56:82:3c:53:ad:2f:68:
         58:a7:50:06:00:0b:41:89:13:ec:7f:43:dd:8e:f1:65:b4:22:
         3a:e0:95:dd:cb:b2:ae:5c:fa:c2:68:31:e8:75:a8:20:51:f0:
         7d:56:b5:d9:c4:6e:31:27:04:27:78:cb:0d:54:23:09:31:48:
         93:07:e6:2e:b2:ff:09:78:a7:bb:79:ff:95:ce:d6:d3:ce:7d:
         22:a4:e9:72:7b:60:9c:de:6e:33:f4:58:ac:ac:b3:ea:89:27:
         6c:3b:a1:7f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYtMjMZ15Cae9oMklkIfnHrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NTM1YmFkZTM3YTNkNmZjMzgwNDQyYTI4NWUxNTdiOTg0
Y2E5MWQwHhcNMjMxMDIwMTAwNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTk1YTZjNzE1MjliZDBjNjI5MTU5ZDBkOTAzNDRjMGNiYTA5OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHwTp+xThv1kDlaWbiUEK50BMONl
EEpKOQAsb7oqDpXp9oEZlguE8umUVNXkgrrzPynyK5WBahN99y7yU6nhqz8XH+L/
udWEyOv3iVbQ1SiCBNqBiPF94XhlY+/0w7tvIfXI377UjaIvAGUP12fvwpph4Gx5
gRvSNvqO9vdqsnMwRDUJhVLkeluZxvEuE+CBq+0RyQ2tv8kkoI+Ji1PsEFsjaUxs
JhZQYr0DqdZPpLSdtw4P4XfcLkMAeq80r5kghbHDD+2AFr2R+smf+GQi8VL9KXYc
AkAf+wSvgApUMOA5zCSajm/dpk7/MxeoD/qOvuq/esLXVx1iv8unyqAO+wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB6VpscVKb0MYpFZ0NkDRMDLoJndMB8GA1UdIwQY
MBaAFHVTW63jej1vw4BEKiheFXuYTKkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFZOYnJlTjZQV19EZ0VRcUtGNFZlNWhNcVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yZjMzOWItZjE5Zi00NTJmLTg4YmUt
MjlmZmM0NDQzOTAxLzEvSHBXbXh4VXB2UXhpa1ZuUTJRTkV3TXVnbWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yZjMzOWItZjE5Zi00NTJmLTg4YmUtMjlmZmM0NDQzOTAx
LzEvZFZOYnJlTjZQV19EZ0VRcUtGNFZlNWhNcVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCud+cAwQD
vEF4AwQBwwjWMA0EAgACMAcDBQMqA9HAMA0GCSqGSIb3DQEBCwUAA4IBAQAUy4ko
teR93vDJie6mNS+RD06oFLW/hYsD0zBW5fmg/+Dd1C3UVC9TLk+Q4SOfrOfKeuOk
/SEQ3yYn0Y6JqjtgnAc6Q1xWxskA5s4klV0OGDyPp9EsaRuJWzLKz+tauasNBCr0
dwfksK8Iw1m12q+5dcsc3zQPJehUaUYc+k7oNUNYRKpnND/f/h/mDqsbFEHdqSyD
vrSzZwVXe1aCPFOtL2hYp1AGAAtBiRPsf0PdjvFltCI64JXdy7KuXPrCaDHodagg
UfB9VrXZxG4xJwQneMsNVCMJMUiTB+Yusv8JeKe7ef+VztbTzn0ipOlye2Cc3m4z
9FisrLPqiSdsO6F/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:00 2024 by rpki-client on console-fra.rpki-client.org