Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/HvJiO4ncjfd8vFSiqvJHUcyyEzw.roa
File:                     HvJiO4ncjfd8vFSiqvJHUcyyEzw.roa (raw, json)
Hash identifier:          94UsGkI2KtzHamFTEzRXj0FtZnpvLYwX+TaI9AbXnhE=
Subject key identifier:   1E:F2:62:3B:89:DC:8D:F7:7C:BC:54:A2:AA:F2:47:51:CC:B2:13:3C
Certificate issuer:       /CN=b2d7f999838aa163bf344fc69917bb60d12fdfc3
Certificate serial:       018571B9FBEE45C46CF2EF9C967704972465
Authority key identifier: B2:D7:F9:99:83:8A:A1:63:BF:34:4F:C6:99:17:BB:60:D1:2F:DF:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/HvJiO4ncjfd8vFSiqvJHUcyyEzw.roa
Signing time:             Mon 02 Jan 2023 09:04:52 +0000
ROA not before:           Mon 02 Jan 2023 09:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206343
IP address blocks:        185.137.158.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b9:fb:ee:45:c4:6c:f2:ef:9c:96:77:04:97:24:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2d7f999838aa163bf344fc69917bb60d12fdfc3
        Validity
            Not Before: Jan  2 09:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ef2623b89dc8df77cbc54a2aaf24751ccb2133c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:7e:fb:1e:f6:ee:66:db:81:88:83:3c:ac:36:
                    1f:90:97:dd:6a:7b:07:b8:e9:db:34:2c:b4:e8:d3:
                    39:27:26:89:3c:b2:ad:73:df:86:59:09:24:70:2e:
                    0c:e6:d0:b6:7e:d5:f3:a5:be:18:af:c9:7e:c6:bd:
                    68:f7:33:af:c2:f8:ec:b3:c8:d7:43:c2:8c:11:1d:
                    b6:2c:ba:ba:8a:e0:96:8c:8b:e0:8a:06:fe:32:ba:
                    10:12:60:f9:4b:5e:b1:25:6e:df:5b:b4:75:00:8b:
                    93:6a:8e:9c:59:87:5b:3e:7d:45:64:32:a1:7c:82:
                    17:fc:23:60:92:3a:2a:5a:10:02:f5:66:61:5c:c3:
                    75:e4:8a:c0:2c:a8:47:a8:9b:4c:3e:af:45:f9:90:
                    6b:69:16:7f:6b:24:b6:90:42:1e:b9:f8:0c:85:28:
                    91:2c:98:29:ed:de:47:48:d8:dd:68:c9:8a:75:3c:
                    ce:59:33:8a:71:17:58:31:f0:ed:2a:0b:75:c0:7c:
                    b0:16:87:40:da:ae:a1:0a:bb:ab:a4:69:01:9a:a3:
                    46:e5:fd:df:e3:67:7e:af:be:59:4b:0d:25:fc:68:
                    a5:d4:d6:aa:62:bf:c1:6d:d8:81:6e:d9:f8:20:ce:
                    da:1e:ec:8d:e5:bb:0c:94:23:36:ed:fa:a9:35:1a:
                    36:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:F2:62:3B:89:DC:8D:F7:7C:BC:54:A2:AA:F2:47:51:CC:B2:13:3C
            X509v3 Authority Key Identifier:
                keyid:B2:D7:F9:99:83:8A:A1:63:BF:34:4F:C6:99:17:BB:60:D1:2F:DF:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/HvJiO4ncjfd8vFSiqvJHUcyyEzw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:dd:2f:f1:2d:de:ae:4f:48:b7:21:d0:41:44:bd:e0:d8:ab:
         de:76:6d:bd:57:88:d7:83:9c:a1:08:14:08:f4:ed:a9:71:2a:
         53:b7:53:89:ee:0a:90:88:20:9a:23:26:bd:7a:29:cf:32:f6:
         4b:bd:07:7b:7c:18:42:a9:59:5f:7f:d2:61:47:b8:d0:8a:29:
         e9:f1:2f:86:9e:0e:97:0e:32:4f:b7:0c:83:55:ac:09:14:c6:
         3e:f4:6e:a7:86:ec:c0:ee:e4:a9:de:1f:92:6d:ec:41:bd:e3:
         53:3e:06:dd:ce:fa:4e:a5:c4:85:0d:32:f5:f2:62:61:d9:5f:
         6c:63:cf:5b:52:28:68:2c:98:ed:95:47:ac:cd:56:bb:f6:05:
         97:d5:d4:69:ee:da:01:10:8b:a4:1d:8f:11:65:3a:61:79:22:
         54:d4:1d:65:eb:67:7f:2c:24:67:9c:5b:fd:38:0e:f9:9e:86:
         86:ff:2b:fe:11:b6:2e:66:32:e5:9e:75:dd:1b:8f:77:5e:c7:
         dc:9d:18:6a:b5:f7:d2:9f:d0:76:fa:93:7c:b7:59:30:76:05:
         6d:50:9d:92:bb:fe:ec:fc:30:54:e6:ef:15:3c:df:09:e3:fd:
         98:da:c0:82:08:f0:b3:6e:2e:43:47:51:1f:ab:33:b0:ec:54:
         8f:bb:b9:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxufvuRcRs8u+clncElyRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDdmOTk5ODM4YWExNjNiZjM0NGZjNjk5MTdiYjYwZDEy
ZmRmYzMwHhcNMjMwMTAyMDkwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWYyNjIzYjg5ZGM4ZGY3N2NiYzU0YTJhYWYyNDc1MWNjYjIxMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgn77HvbuZtuBiIM8rDYfkJfdansH
uOnbNCy06NM5JyaJPLKtc9+GWQkkcC4M5tC2ftXzpb4Yr8l+xr1o9zOvwvjss8jX
Q8KMER22LLq6iuCWjIvgigb+MroQEmD5S16xJW7fW7R1AIuTao6cWYdbPn1FZDKh
fIIX/CNgkjoqWhAC9WZhXMN15IrALKhHqJtMPq9F+ZBraRZ/ayS2kEIeufgMhSiR
LJgp7d5HSNjdaMmKdTzOWTOKcRdYMfDtKgt1wHywFodA2q6hCrurpGkBmqNG5f3f
42d+r75ZSw0l/Gil1NaqYr/BbdiBbtn4IM7aHuyN5bsMlCM27fqpNRo2wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7yYjuJ3I33fLxUoqryR1HMshM8MB8GA1UdIwQY
MBaAFLLX+ZmDiqFjvzRPxpkXu2DRL9/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RmNW1ZT0tvV09fTkVfR21SZTdZTkV2MzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82OThlZmItYzZiNC00ZDJjLTkzNjgt
N2NlYzJkNTM0NWI0LzEvSHZKaU80bmNqZmQ4dkZTaXF2SkhVY3l5RXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82OThlZmItYzZiNC00ZDJjLTkzNjgtN2NlYzJkNTM0NWI0
LzEvc3RmNW1ZT0tvV09fTkVfR21SZTdZTkV2MzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYmeMA0G
CSqGSIb3DQEBCwUAA4IBAQAx3S/xLd6uT0i3IdBBRL3g2Kvedm29V4jXg5yhCBQI
9O2pcSpTt1OJ7gqQiCCaIya9einPMvZLvQd7fBhCqVlff9JhR7jQiinp8S+Gng6X
DjJPtwyDVawJFMY+9G6nhuzA7uSp3h+SbexBveNTPgbdzvpOpcSFDTL18mJh2V9s
Y89bUihoLJjtlUeszVa79gWX1dRp7toBEIukHY8RZTpheSJU1B1l62d/LCRnnFv9
OA75noaG/yv+EbYuZjLlnnXdG493XsfcnRhqtffSn9B2+pN8t1kwdgVtUJ2Su/7s
/DBU5u8VPN8J4/2Y2sCCCPCzbi5DR1EfqzOw7FSPu7nH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:03 2024 by rpki-client on console-ams.rpki-client.org