Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/3ce047-d858-4e7f-a070-d4319d13c775/1/H7Z8xDMxm3BBjRmtdzqCUyvw5Ks.roa
File:                     H7Z8xDMxm3BBjRmtdzqCUyvw5Ks.roa (raw, json)
Hash identifier:          /U0G40c39mPEYf0W7EYYRwWGZiUrkXFwFzBroaT+8f8=
Subject key identifier:   1F:B6:7C:C4:33:31:9B:70:41:8D:19:AD:77:3A:82:53:2B:F0:E4:AB
Certificate issuer:       /CN=1e0436dd698eba3eab5a92db1d64f2f314ed3116
Certificate serial:       01856F39223F45912E0B8BB328DDC9F4E0B9
Authority key identifier: 1E:04:36:DD:69:8E:BA:3E:AB:5A:92:DB:1D:64:F2:F3:14:ED:31:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HgQ23WmOuj6rWpLbHWTy8xTtMRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/3ce047-d858-4e7f-a070-d4319d13c775/1/H7Z8xDMxm3BBjRmtdzqCUyvw5Ks.roa
Signing time:             Sun 01 Jan 2023 21:24:53 +0000
ROA not before:           Sun 01 Jan 2023 21:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12843
IP address blocks:        193.164.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:22:3f:45:91:2e:0b:8b:b3:28:dd:c9:f4:e0:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e0436dd698eba3eab5a92db1d64f2f314ed3116
        Validity
            Not Before: Jan  1 21:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1fb67cc433319b70418d19ad773a82532bf0e4ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:00:d7:54:f5:4b:90:52:dc:15:a9:b9:3a:27:
                    67:d9:ae:1c:52:67:a2:eb:87:c3:e5:d9:ae:8b:88:
                    bc:47:77:0d:da:59:c9:72:25:e8:99:32:37:95:07:
                    80:26:14:82:e1:92:c6:96:3b:a4:93:49:c9:0b:96:
                    38:45:1a:b5:fe:57:6b:c0:8f:cd:55:40:d8:9d:80:
                    51:51:47:28:56:dd:bd:fa:38:31:6f:34:ff:6d:8c:
                    3f:01:e4:ed:fe:88:5b:6e:43:d9:ee:64:42:e0:f1:
                    c9:a2:a4:7b:c9:eb:e4:58:73:4f:83:80:9d:d8:71:
                    d6:01:43:b4:cd:30:ac:69:70:55:cb:10:e3:f0:6a:
                    b6:93:5e:05:22:24:e0:3f:da:6f:2f:eb:41:19:da:
                    7d:24:31:12:44:8b:97:3e:9a:e4:12:ea:b5:74:6f:
                    86:b9:eb:06:40:f9:91:9b:6f:c4:2a:bf:0a:91:0a:
                    e3:e3:33:e0:79:8f:bc:b7:ab:6b:d9:2a:78:6c:59:
                    f3:64:86:23:f0:66:78:81:07:a1:8e:eb:26:7e:43:
                    15:41:81:a8:42:ee:56:5e:54:7e:ea:a7:44:6a:90:
                    c8:a8:8a:45:28:12:32:44:d9:03:28:79:91:08:b6:
                    43:58:b0:1e:34:4d:6c:92:a5:b4:44:04:d0:2e:3b:
                    8d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:B6:7C:C4:33:31:9B:70:41:8D:19:AD:77:3A:82:53:2B:F0:E4:AB
            X509v3 Authority Key Identifier:
                keyid:1E:04:36:DD:69:8E:BA:3E:AB:5A:92:DB:1D:64:F2:F3:14:ED:31:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgQ23WmOuj6rWpLbHWTy8xTtMRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/3ce047-d858-4e7f-a070-d4319d13c775/1/H7Z8xDMxm3BBjRmtdzqCUyvw5Ks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/3ce047-d858-4e7f-a070-d4319d13c775/1/HgQ23WmOuj6rWpLbHWTy8xTtMRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.164.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:51:0b:06:12:36:a6:fc:5e:98:e7:f2:a3:e3:90:ab:4e:1e:
         e0:64:64:b8:71:e5:27:3a:6b:76:3e:8a:56:57:30:f3:33:0b:
         f3:6f:a5:fa:8a:d4:24:e0:5b:48:94:d2:d4:09:a1:0e:0e:e3:
         ee:72:d0:a7:c2:c8:c2:e7:a0:0b:2f:47:b0:87:03:54:a0:74:
         22:2e:6c:ce:d0:82:14:36:09:12:79:ed:9d:c6:8b:cb:6d:ce:
         91:cd:1c:e8:17:4e:fe:4d:23:44:39:61:9f:09:a8:be:8e:d8:
         67:09:7d:97:9e:20:1b:fb:12:ca:ef:51:a1:5f:75:9e:c0:a7:
         71:c2:16:e4:de:a7:b9:6b:03:c3:a2:47:f9:ab:a6:97:9e:43:
         1c:d7:8c:65:ba:37:56:53:a8:f8:55:06:fb:84:9f:b5:b9:62:
         c4:e0:cb:cf:c0:1f:fc:c2:85:85:56:5a:69:e8:05:af:52:48:
         79:ee:1e:43:2c:aa:2a:7b:1a:17:97:aa:48:e4:c6:1c:5a:aa:
         2e:e6:fd:0a:f6:4c:31:d7:6d:f7:9c:f1:13:f2:ef:77:fb:e6:
         cb:c1:d9:56:83:d8:d8:4e:bf:e1:28:f6:07:8f:b7:21:46:a7:
         a0:f1:a8:d7:72:ae:74:06:28:f0:cf:a0:bd:e1:cf:b2:ec:38:
         a7:1c:ee:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOSI/RZEuC4uzKN3J9OC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMDQzNmRkNjk4ZWJhM2VhYjVhOTJkYjFkNjRmMmYzMTRl
ZDMxMTYwHhcNMjMwMTAxMjEyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmI2N2NjNDMzMzE5YjcwNDE4ZDE5YWQ3NzNhODI1MzJiZjBlNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgDXVPVLkFLcFam5Oidn2a4cUmei
64fD5dmui4i8R3cN2lnJciXomTI3lQeAJhSC4ZLGljukk0nJC5Y4RRq1/ldrwI/N
VUDYnYBRUUcoVt29+jgxbzT/bYw/AeTt/ohbbkPZ7mRC4PHJoqR7yevkWHNPg4Cd
2HHWAUO0zTCsaXBVyxDj8Gq2k14FIiTgP9pvL+tBGdp9JDESRIuXPprkEuq1dG+G
uesGQPmRm2/EKr8KkQrj4zPgeY+8t6tr2Sp4bFnzZIYj8GZ4gQehjusmfkMVQYGo
Qu5WXlR+6qdEapDIqIpFKBIyRNkDKHmRCLZDWLAeNE1skqW0RATQLjuNpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+2fMQzMZtwQY0ZrXc6glMr8OSrMB8GA1UdIwQY
MBaAFB4ENt1pjro+q1qS2x1k8vMU7TEWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGdRMjNXbU91ajZyV3BMYkhXVHk4eFR0TVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zY2UwNDctZDg1OC00ZTdmLWEwNzAt
ZDQzMTlkMTNjNzc1LzEvSDdaOHhETXhtM0JCalJtdGR6cUNVeXZ3NUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zY2UwNDctZDg1OC00ZTdmLWEwNzAtZDQzMTlkMTNjNzc1
LzEvSGdRMjNXbU91ajZyV3BMYkhXVHk4eFR0TVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaSaMA0G
CSqGSIb3DQEBCwUAA4IBAQAhUQsGEjam/F6Y5/Kj45CrTh7gZGS4ceUnOmt2PopW
VzDzMwvzb6X6itQk4FtIlNLUCaEODuPuctCnwsjC56ALL0ewhwNUoHQiLmzO0IIU
NgkSee2dxovLbc6RzRzoF07+TSNEOWGfCai+jthnCX2XniAb+xLK71GhX3WewKdx
whbk3qe5awPDokf5q6aXnkMc14xlujdWU6j4VQb7hJ+1uWLE4MvPwB/8woWFVlpp
6AWvUkh57h5DLKoqexoXl6pI5MYcWqou5v0K9kwx1233nPET8u93++bLwdlWg9jY
Tr/hKPYHj7chRqeg8ajXcq50Bijwz6C94c+y7DinHO7L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:15 2024 by rpki-client on console-fra.rpki-client.org