Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/HV5I9ebSN0m0Vc7HjLCpxsbOlSw.roa
File:                     HV5I9ebSN0m0Vc7HjLCpxsbOlSw.roa (raw, json)
Hash identifier:          P8Rpmvj5eLN4Y3WrQ+i/Qr2u9ML0Ofsb9m4wWNW/cT0=
Subject key identifier:   1D:5E:48:F5:E6:D2:37:49:B4:55:CE:C7:8C:B0:A9:C6:C6:CE:95:2C
Certificate issuer:       /CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Certificate serial:       018CC80145B1300A00FDBAF6D08F96C5AF6B
Authority key identifier: F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/HV5I9ebSN0m0Vc7HjLCpxsbOlSw.roa
Signing time:             Tue 02 Jan 2024 02:29:35 +0000
ROA not before:           Tue 02 Jan 2024 02:29:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199432
IP address blocks:        91.250.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 08 Feb 2024 18:48:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:45:b1:30:0a:00:fd:ba:f6:d0:8f:96:c5:af:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
        Validity
            Not Before: Jan  2 02:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1d5e48f5e6d23749b455cec78cb0a9c6c6ce952c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:eb:8e:57:22:92:c7:87:27:3a:80:e1:16:0f:
                    c2:43:57:b7:fc:85:0d:fd:20:7b:ef:fe:67:fe:b2:
                    7b:d0:7b:0c:09:91:2f:46:ce:af:c5:29:14:2e:88:
                    1a:67:ba:fe:6f:1e:55:4c:e6:f4:82:32:52:6f:7c:
                    39:90:8e:74:95:e6:b6:c4:59:c8:b8:bf:51:c9:d8:
                    e9:0d:f1:75:30:40:0c:e1:57:77:ae:e6:7e:ce:99:
                    06:24:b4:20:58:09:f5:a0:9c:42:d1:63:73:1c:cc:
                    77:5f:3c:29:9f:ff:b3:f5:35:21:e9:aa:10:6b:10:
                    b0:ec:2d:e8:de:a1:2c:3b:87:54:4b:c4:04:f9:cd:
                    ca:60:2a:8b:43:3a:d5:64:b8:36:4d:53:f6:e5:28:
                    97:b9:b7:e9:1e:6a:03:98:12:22:14:77:8c:c3:72:
                    70:97:be:88:1f:1e:47:e6:02:53:53:ca:a2:85:6a:
                    4c:db:41:e1:e8:06:14:21:e3:36:6a:1b:a0:93:30:
                    f4:5a:5e:ec:77:17:b4:e2:f8:64:ed:6a:c3:04:cd:
                    80:c9:e2:9c:c7:1f:cf:72:f6:d5:2e:1b:ee:0b:66:
                    e8:7c:7f:9a:6b:67:18:3d:75:4a:b0:05:ce:41:15:
                    db:cb:47:c2:9f:b1:28:28:c1:a7:1c:f3:c9:58:19:
                    df:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:5E:48:F5:E6:D2:37:49:B4:55:CE:C7:8C:B0:A9:C6:C6:CE:95:2C
            X509v3 Authority Key Identifier:
                keyid:F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/HV5I9ebSN0m0Vc7HjLCpxsbOlSw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.250.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:4a:4f:29:5a:45:05:57:72:c8:4d:e8:07:63:e5:29:39:8f:
         94:9e:92:d0:bf:62:ed:c1:d4:14:ee:1b:c1:28:f9:d3:0c:72:
         90:48:45:90:fa:54:a2:1b:e3:a6:a1:8d:b9:49:b4:63:e9:e5:
         c1:16:21:a1:6e:18:02:95:15:68:85:52:c2:b0:c4:eb:74:aa:
         14:23:6c:9c:97:86:86:68:98:78:d0:48:5b:71:79:ae:d4:8a:
         68:39:58:fa:e2:1c:66:e6:74:74:87:fe:77:96:7e:ba:2f:4f:
         0c:19:9f:d2:c6:7d:ce:48:32:f2:7d:65:4f:f4:5d:ad:27:ec:
         7f:22:e7:a6:46:a6:be:e5:01:fa:c5:17:bd:ed:55:38:bd:98:
         6f:44:e8:e6:fc:c8:42:d1:43:ba:bd:17:31:5b:40:56:ad:08:
         59:6e:0e:aa:d6:80:a6:d5:6e:27:60:3c:9b:d8:73:7e:1e:9b:
         f0:48:5e:8a:55:45:dd:56:da:95:90:f9:53:85:04:42:cb:9c:
         e8:9f:44:07:76:0e:b1:e4:77:54:71:88:fa:3c:8e:c4:48:5c:
         15:a7:c3:98:a2:19:e2:68:e3:0d:e2:2b:3c:8b:1e:2e:37:e8:
         33:97:08:2c:d0:e6:3c:ac:71:39:0a:69:24:ee:a9:28:eb:23:
         eb:01:f8:79
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIAUWxMAoA/br20I+Wxa9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MGUwMTdjZjE3MTE1MTliMGZmOWY2NTg1OGM0OTFiMmZh
NWQ0MGIwHhcNMjQwMTAyMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDVlNDhmNWU2ZDIzNzQ5YjQ1NWNlYzc4Y2IwYTljNmM2Y2U5NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOuOVyKSx4cnOoDhFg/CQ1e3/IUN
/SB77/5n/rJ70HsMCZEvRs6vxSkULogaZ7r+bx5VTOb0gjJSb3w5kI50lea2xFnI
uL9RydjpDfF1MEAM4Vd3ruZ+zpkGJLQgWAn1oJxC0WNzHMx3Xzwpn/+z9TUh6aoQ
axCw7C3o3qEsO4dUS8QE+c3KYCqLQzrVZLg2TVP25SiXubfpHmoDmBIiFHeMw3Jw
l76IHx5H5gJTU8qihWpM20Hh6AYUIeM2ahugkzD0Wl7sdxe04vhk7WrDBM2AyeKc
xx/PcvbVLhvuC2bofH+aa2cYPXVKsAXOQRXby0fCn7EoKMGnHPPJWBnflQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFB1eSPXm0jdJtFXOx4ywqcbGzpUsMB8GA1UdIwQY
MBaAFPgOAXzxcRUZsP+fZYWMSRsvpdQLMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BNEJmUEZ4RlJtd181OWxoWXhKR3ktbDFBcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2
LThjZTYwYTVjOGIxZi8xL0hWNUk5ZWJTTjBtMFZjN0hqTENweHNiT2xTdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2LThjZTYwYTVjOGIx
Zi8xLzEtQTRCZlBGeEZSbXdfNTlsaFl4Skd5LWwxQXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb+v0w
DQYJKoZIhvcNAQELBQADggEBABlKTylaRQVXcshN6Adj5Sk5j5SektC/Yu3B1BTu
G8Eo+dMMcpBIRZD6VKIb46ahjblJtGPp5cEWIaFuGAKVFWiFUsKwxOt0qhQjbJyX
hoZomHjQSFtxea7Uimg5WPriHGbmdHSH/neWfrovTwwZn9LGfc5IMvJ9ZU/0Xa0n
7H8i56ZGpr7lAfrFF73tVTi9mG9E6Ob8yELRQ7q9FzFbQFatCFluDqrWgKbVbidg
PJvYc34em/BIXopVRd1W2pWQ+VOFBELLnOifRAd2DrHkd1RxiPo8jsRIXBWnw5ii
GeJo4w3iKzyLHi436DOXCCzQ5jyscTkKaSTuqSjrI+sB+Hk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:44 2024 by rpki-client on console-fra.rpki-client.org