Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5e2f4b-429f-4327-b747-1f4073ba436f/1/AN2HA-f4tz-t_IHEMtKDA92qGv0.roa
File:                     AN2HA-f4tz-t_IHEMtKDA92qGv0.roa (raw, json)
Hash identifier:          W73TUsgxm3+wxnrWDmnUlmim0C00BJPcUnb9IGS6e50=
Subject key identifier:   00:DD:87:03:E7:F8:B7:3F:AD:FC:81:C4:32:D2:83:03:DD:AA:1A:FD
Certificate issuer:       /CN=1e08a59ed98f59a0ea0e6c4379c30f5bd5f20821
Certificate serial:       01856EEFF4E576A033C5B4E10B2E8C20E56F
Authority key identifier: 1E:08:A5:9E:D9:8F:59:A0:EA:0E:6C:43:79:C3:0F:5B:D5:F2:08:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HgilntmPWaDqDmxDecMPW9XyCCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/5e2f4b-429f-4327-b747-1f4073ba436f/1/AN2HA-f4tz-t_IHEMtKDA92qGv0.roa
Signing time:             Sun 01 Jan 2023 20:04:57 +0000
ROA not before:           Sun 01 Jan 2023 20:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34968
IP address blocks:        193.169.26.0/23 maxlen: 23
                          193.169.92.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:ef:f4:e5:76:a0:33:c5:b4:e1:0b:2e:8c:20:e5:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e08a59ed98f59a0ea0e6c4379c30f5bd5f20821
        Validity
            Not Before: Jan  1 20:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00dd8703e7f8b73fadfc81c432d28303ddaa1afd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b1:27:2e:16:6d:01:af:e0:3f:01:17:f4:7b:
                    0f:5c:4e:6b:a5:9b:69:64:a0:22:9e:4b:ee:44:a1:
                    2d:f6:c7:e5:b3:8b:dd:4c:64:4a:59:b7:f3:b1:e5:
                    dc:c9:23:f6:50:db:9d:b4:c4:83:70:d4:46:a7:97:
                    51:46:9f:83:ba:5b:be:74:cb:de:a8:f0:ba:8e:91:
                    c2:3d:ee:40:11:25:5d:35:2f:91:de:0d:79:02:9f:
                    c2:eb:70:cb:79:e4:07:07:92:e0:d1:79:76:85:e1:
                    1d:44:69:55:de:11:78:4b:d5:3d:62:93:f1:68:13:
                    f7:5e:1b:7a:3a:95:59:21:48:ba:c0:97:01:a5:d9:
                    ec:f9:85:17:28:ec:98:c1:48:8d:44:63:89:a7:f0:
                    fe:0b:bf:f8:a2:47:ca:ae:ff:fa:fe:cc:1a:28:03:
                    fe:7a:2b:d4:76:4b:d1:a7:8c:f0:44:21:29:65:08:
                    64:d9:de:09:80:4e:3a:14:cf:51:15:87:2d:83:2e:
                    91:74:21:7f:a2:7f:dd:09:f1:f3:5a:d6:06:7c:84:
                    cf:58:1f:95:42:17:c7:ac:2e:6c:33:90:ae:b0:32:
                    df:98:70:bf:e2:f9:59:48:de:ec:36:6c:4f:b8:cd:
                    ac:13:7a:25:df:79:84:08:84:13:c8:71:2c:0d:b4:
                    24:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:DD:87:03:E7:F8:B7:3F:AD:FC:81:C4:32:D2:83:03:DD:AA:1A:FD
            X509v3 Authority Key Identifier:
                keyid:1E:08:A5:9E:D9:8F:59:A0:EA:0E:6C:43:79:C3:0F:5B:D5:F2:08:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgilntmPWaDqDmxDecMPW9XyCCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5e2f4b-429f-4327-b747-1f4073ba436f/1/AN2HA-f4tz-t_IHEMtKDA92qGv0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5e2f4b-429f-4327-b747-1f4073ba436f/1/HgilntmPWaDqDmxDecMPW9XyCCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.169.26.0/23
                  193.169.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         75:a4:da:a1:aa:3c:d3:fc:1c:7b:1c:79:11:f7:65:b3:d6:0f:
         84:48:0c:58:ad:b3:66:77:ca:68:ac:f9:6b:1a:8c:df:83:95:
         f6:78:28:42:88:b3:b1:40:98:21:96:12:f6:13:d0:47:37:4f:
         a0:df:5f:e9:58:03:8e:d0:3e:7e:1f:17:6c:08:c5:d9:b7:95:
         c2:4a:9f:b7:e6:91:fd:73:e0:32:31:c0:52:d3:70:2e:c9:75:
         2e:11:17:7a:b6:fe:dc:10:88:70:ec:9d:94:7d:fd:a0:32:9d:
         2a:9d:ba:85:67:4f:6f:66:01:44:23:70:ae:9d:dd:4f:0d:ec:
         e4:e2:79:cb:ce:23:d4:02:0f:d2:b6:e4:8a:4d:c8:79:fe:9d:
         41:c5:50:8c:41:9f:e3:b0:80:7b:5d:03:9d:e4:53:c9:84:5e:
         b7:da:7e:b1:ec:07:44:dc:ae:87:56:9a:23:0a:a1:1c:96:1d:
         cb:22:5d:75:2d:d1:4a:bf:e2:0b:3f:4d:1a:7a:fb:bc:54:96:
         ad:d2:3a:ca:03:13:da:d8:ba:49:6a:81:7a:26:db:c5:32:b7:
         fa:51:1b:da:b8:d5:6a:02:47:59:38:4d:22:70:bf:46:66:9a:
         4d:f6:96:40:b1:7c:61:c9:6a:96:79:93:27:13:d7:8c:84:e2:
         3b:16:b7:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu7/TldqAzxbThCy6MIOVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMDhhNTllZDk4ZjU5YTBlYTBlNmM0Mzc5YzMwZjViZDVm
MjA4MjEwHhcNMjMwMTAxMjAwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRkODcwM2U3ZjhiNzNmYWRmYzgxYzQzMmQyODMwM2RkYWExYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLEnLhZtAa/gPwEX9HsPXE5rpZtp
ZKAinkvuRKEt9sfls4vdTGRKWbfzseXcySP2UNudtMSDcNRGp5dRRp+Dulu+dMve
qPC6jpHCPe5AESVdNS+R3g15Ap/C63DLeeQHB5Lg0Xl2heEdRGlV3hF4S9U9YpPx
aBP3Xht6OpVZIUi6wJcBpdns+YUXKOyYwUiNRGOJp/D+C7/4okfKrv/6/swaKAP+
eivUdkvRp4zwRCEpZQhk2d4JgE46FM9RFYctgy6RdCF/on/dCfHzWtYGfITPWB+V
QhfHrC5sM5CusDLfmHC/4vlZSN7sNmxPuM2sE3ol33mECIQTyHEsDbQkTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFADdhwPn+Lc/rfyBxDLSgwPdqhr9MB8GA1UdIwQY
MBaAFB4IpZ7Zj1mg6g5sQ3nDD1vV8gghMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGdpbG50bVBXYURxRG14RGVjTVBXOVh5Q0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZTJmNGItNDI5Zi00MzI3LWI3NDct
MWY0MDczYmE0MzZmLzEvQU4ySEEtZjR0ei10X0lIRU10S0RBOTJxR3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81ZTJmNGItNDI5Zi00MzI3LWI3NDctMWY0MDczYmE0MzZm
LzEvSGdpbG50bVBXYURxRG14RGVjTVBXOVh5Q0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwakaAwQB
walcMA0GCSqGSIb3DQEBCwUAA4IBAQB1pNqhqjzT/Bx7HHkR92Wz1g+ESAxYrbNm
d8porPlrGozfg5X2eChCiLOxQJghlhL2E9BHN0+g31/pWAOO0D5+HxdsCMXZt5XC
Sp+35pH9c+AyMcBS03AuyXUuERd6tv7cEIhw7J2Uff2gMp0qnbqFZ09vZgFEI3Cu
nd1PDezk4nnLziPUAg/StuSKTch5/p1BxVCMQZ/jsIB7XQOd5FPJhF632n6x7AdE
3K6HVpojCqEclh3LIl11LdFKv+ILP00aevu8VJat0jrKAxPa2LpJaoF6JtvFMrf6
URvauNVqAkdZOE0icL9GZppN9pZAsXxhyWqWeZMnE9eMhOI7Frdc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:12 2024 by rpki-client on console-ams.rpki-client.org