Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/h2B07dbN2cLM_qpZKrezTNUp-hc.roa
File:                     h2B07dbN2cLM_qpZKrezTNUp-hc.roa (raw, json)
Hash identifier:          L7ATeFtnyd9HpGrghYv9tzJQnd/Q4aE/6VfgYqL2Fr4=
Subject key identifier:   87:60:74:ED:D6:CD:D9:C2:CC:FE:AA:59:2A:B7:B3:4C:D5:29:FA:17
Certificate issuer:       /CN=43d518d7307788fca3891878490e4f32d9aaf6af
Certificate serial:       01856DA63C42C268AA4858BFE0AE631DE488
Authority key identifier: 43:D5:18:D7:30:77:88:FC:A3:89:18:78:49:0E:4F:32:D9:AA:F6:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/h2B07dbN2cLM_qpZKrezTNUp-hc.roa
Signing time:             Sun 01 Jan 2023 14:04:48 +0000
ROA not before:           Sun 01 Jan 2023 14:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20592
IP address blocks:        185.178.96.0/22 maxlen: 22
                          212.115.116.0/23 maxlen: 23
                          212.115.118.0/24 maxlen: 24
                          2a11:6f00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:3c:42:c2:68:aa:48:58:bf:e0:ae:63:1d:e4:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d518d7307788fca3891878490e4f32d9aaf6af
        Validity
            Not Before: Jan  1 14:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=876074edd6cdd9c2ccfeaa592ab7b34cd529fa17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:8c:e7:e0:73:50:61:ed:07:0e:c5:f5:e1:b9:
                    6f:01:d8:a1:96:ff:09:cd:fe:3e:49:c5:e4:2b:42:
                    6e:38:86:5a:95:42:48:30:e3:05:b6:91:e1:8f:43:
                    c4:39:9b:7d:40:0d:69:79:5f:dc:ba:87:e7:24:a1:
                    a7:84:5b:76:a2:e1:fe:b4:d6:92:e1:fb:46:50:bb:
                    09:2a:03:f0:aa:37:d3:64:86:f2:96:82:4b:a0:59:
                    ca:ac:4f:ef:de:a7:2b:cd:3e:49:10:0d:0b:6c:1b:
                    1e:5d:91:c8:32:69:43:db:a0:8b:d8:bc:ff:d6:da:
                    8f:ec:d4:e7:78:4c:52:27:7b:08:f8:64:1c:9b:dd:
                    6a:c7:fb:0e:80:2a:8c:44:73:72:20:22:c3:34:7c:
                    71:e6:57:35:d2:5a:84:fb:be:7e:88:01:78:af:f4:
                    52:0b:7a:46:74:19:06:5c:8f:5b:fa:a0:cc:f1:f5:
                    0f:55:6a:95:99:98:dd:68:53:34:c4:9e:3f:4b:99:
                    03:4b:2d:3e:3f:56:de:f1:aa:3c:0a:c0:07:34:90:
                    33:aa:cd:55:8d:d2:31:40:2f:8c:54:41:8c:e8:cb:
                    32:68:0e:5e:8d:9d:af:07:12:2b:55:7a:56:8a:09:
                    81:e9:a3:ce:d2:9d:a1:5c:ef:9b:ec:bb:e9:02:0b:
                    c3:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:60:74:ED:D6:CD:D9:C2:CC:FE:AA:59:2A:B7:B3:4C:D5:29:FA:17
            X509v3 Authority Key Identifier:
                keyid:43:D5:18:D7:30:77:88:FC:A3:89:18:78:49:0E:4F:32:D9:AA:F6:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/h2B07dbN2cLM_qpZKrezTNUp-hc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.178.96.0/22
                  212.115.116.0-212.115.118.255
                IPv6:
                  2a11:6f00::/29

    Signature Algorithm: sha256WithRSAEncryption
         0f:ba:db:ab:a3:f3:ed:99:a3:a4:50:e4:22:82:35:98:ce:63:
         56:2d:1d:e9:87:da:a0:da:15:b0:4a:c4:20:d1:78:a5:fa:c2:
         08:fc:9b:5e:15:6d:e6:26:d0:ba:8d:53:68:74:74:96:c7:34:
         aa:9c:02:16:8a:a1:10:5d:17:75:ca:ae:09:fe:4f:4c:67:cf:
         b6:2a:0a:ca:70:51:53:70:cd:f5:f8:33:77:eb:39:8d:5f:96:
         ae:6f:88:03:2f:9f:55:6c:1b:5b:b8:c2:6b:f6:10:25:a3:e1:
         31:29:e6:fc:83:f5:b3:f6:d0:17:cc:22:db:c4:2c:81:44:b6:
         06:13:63:8d:14:b4:52:33:9b:3e:38:5a:8f:cd:ee:c7:e9:ed:
         63:93:f2:47:95:4f:47:77:fb:bd:bc:2f:c2:1f:69:68:c4:0e:
         c4:30:8b:32:68:50:67:d6:fc:77:c6:1f:fb:2b:0e:78:04:42:
         3a:c2:eb:36:57:87:ba:95:cc:2d:87:ce:c9:7e:3d:86:6e:26:
         0d:ef:b9:59:96:59:fa:cf:df:f6:5d:b2:7f:e4:ad:bb:20:03:
         9c:e9:58:7b:5d:c1:c0:17:7b:f2:78:69:47:59:ea:43:58:d2:
         3d:b1:53:bd:65:ee:f2:ce:f8:ab:9c:29:13:af:dc:8d:bd:eb:
         de:da:e4:15
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtpjxCwmiqSFi/4K5jHeSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDUxOGQ3MzA3Nzg4ZmNhMzg5MTg3ODQ5MGU0ZjMyZDlh
YWY2YWYwHhcNMjMwMTAxMTQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzYwNzRlZGQ2Y2RkOWMyY2NmZWFhNTkyYWI3YjM0Y2Q1MjlmYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYzn4HNQYe0HDsX14blvAdihlv8J
zf4+ScXkK0JuOIZalUJIMOMFtpHhj0PEOZt9QA1peV/cuofnJKGnhFt2ouH+tNaS
4ftGULsJKgPwqjfTZIbyloJLoFnKrE/v3qcrzT5JEA0LbBseXZHIMmlD26CL2Lz/
1tqP7NTneExSJ3sI+GQcm91qx/sOgCqMRHNyICLDNHxx5lc10lqE+75+iAF4r/RS
C3pGdBkGXI9b+qDM8fUPVWqVmZjdaFM0xJ4/S5kDSy0+P1be8ao8CsAHNJAzqs1V
jdIxQC+MVEGM6MsyaA5ejZ2vBxIrVXpWigmB6aPO0p2hXO+b7LvpAgvDGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIdgdO3WzdnCzP6qWSq3s0zVKfoXMB8GA1UdIwQY
MBaAFEPVGNcwd4j8o4kYeEkOTzLZqvavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlVWTF6QjNpUHlqaVJoNFNRNVBNdG1xOXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9hYjdjYWEtOGJjNS00YmNlLWExMzAt
ZWRkZjMyMGQ1MGUyLzEvaDJCMDdkYk4yY0xNX3FwWktyZXpUTlVwLWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9hYjdjYWEtOGJjNS00YmNlLWExMzAtZWRkZjMyMGQ1MGUy
LzEvUTlVWTF6QjNpUHlqaVJoNFNRNVBNdG1xOXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCubJgMAwD
BALUc3QDBADUc3YwDQQCAAIwBwMFAyoRbwAwDQYJKoZIhvcNAQELBQADggEBAA+6
26uj8+2Zo6RQ5CKCNZjOY1YtHemH2qDaFbBKxCDReKX6wgj8m14VbeYm0LqNU2h0
dJbHNKqcAhaKoRBdF3XKrgn+T0xnz7YqCspwUVNwzfX4M3frOY1flq5viAMvn1Vs
G1u4wmv2ECWj4TEp5vyD9bP20BfMItvELIFEtgYTY40UtFIzmz44Wo/N7sfp7WOT
8keVT0d3+728L8IfaWjEDsQwizJoUGfW/HfGH/srDngEQjrC6zZXh7qVzC2Hzsl+
PYZuJg3vuVmWWfrP3/Zdsn/krbsgA5zpWHtdwcAXe/J4aUdZ6kNY0j2xU71l7vLO
+KucKROv3I29697a5BU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:02 2024 by rpki-client on console-fra.rpki-client.org