Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fa110d-e6e5-4bf9-84fe-bf26a7faa603/1/HSJxjpMLi3J4y1t15jgw65wJQJY.roa
File:                     HSJxjpMLi3J4y1t15jgw65wJQJY.roa (raw, json)
Hash identifier:          I8fuO35NXvV+nv62XGpRDW51Mj/8szgw1HLV32UmcEs=
Subject key identifier:   1D:22:71:8E:93:0B:8B:72:78:CB:5B:75:E6:38:30:EB:9C:09:40:96
Certificate issuer:       /CN=9915f0d6a961aaebc6b0b5089da02939b310a51c
Certificate serial:       01856FCB8CFF4ABF3C3762F9D306ED9F885E
Authority key identifier: 99:15:F0:D6:A9:61:AA:EB:C6:B0:B5:08:9D:A0:29:39:B3:10:A5:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mRXw1qlhquvGsLUInaApObMQpRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/fa110d-e6e5-4bf9-84fe-bf26a7faa603/1/HSJxjpMLi3J4y1t15jgw65wJQJY.roa
Signing time:             Mon 02 Jan 2023 00:04:48 +0000
ROA not before:           Mon 02 Jan 2023 00:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137
IP address blocks:        192.156.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:8c:ff:4a:bf:3c:37:62:f9:d3:06:ed:9f:88:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9915f0d6a961aaebc6b0b5089da02939b310a51c
        Validity
            Not Before: Jan  2 00:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d22718e930b8b7278cb5b75e63830eb9c094096
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:53:5f:38:46:28:f1:d4:49:61:b5:83:6a:c5:
                    94:a7:bf:0f:c1:d3:65:f0:25:45:04:7f:ab:e3:0c:
                    66:36:75:fc:80:75:fb:14:3d:35:b8:06:13:0f:14:
                    75:c3:2c:16:92:b4:db:1e:ce:38:02:b0:6f:97:80:
                    5b:62:27:e1:f1:d6:36:08:43:43:2a:83:ce:dd:e2:
                    7b:e3:9a:13:94:d1:34:f5:26:bb:95:93:cd:37:f8:
                    ac:b6:a2:dd:cf:e4:80:0d:be:0a:3d:74:e0:c4:5b:
                    a1:52:dc:6a:22:da:26:4e:53:69:ab:92:7e:1d:19:
                    ed:76:88:3c:b3:1f:7e:11:8a:48:c1:f0:ad:9a:39:
                    70:2e:2a:ec:10:78:62:15:61:d7:40:00:c6:f0:48:
                    6d:79:6c:63:77:4f:47:56:0f:4a:51:1a:8b:1a:ce:
                    16:33:90:f3:60:9f:41:1b:1e:7a:dd:79:fd:db:b8:
                    c3:c5:5d:3d:6b:d9:a3:16:9a:0d:37:7c:ac:51:0b:
                    bf:c4:ab:19:fa:54:a3:8a:1e:c7:23:41:f2:68:6a:
                    de:cf:54:09:94:50:4f:f5:d1:99:26:98:02:79:ef:
                    21:4f:31:9a:fa:94:40:b2:9d:45:f9:c6:23:c9:ac:
                    22:fd:af:9f:f5:50:fe:65:79:2b:c3:1e:57:89:22:
                    ec:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:22:71:8E:93:0B:8B:72:78:CB:5B:75:E6:38:30:EB:9C:09:40:96
            X509v3 Authority Key Identifier:
                keyid:99:15:F0:D6:A9:61:AA:EB:C6:B0:B5:08:9D:A0:29:39:B3:10:A5:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRXw1qlhquvGsLUInaApObMQpRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fa110d-e6e5-4bf9-84fe-bf26a7faa603/1/HSJxjpMLi3J4y1t15jgw65wJQJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fa110d-e6e5-4bf9-84fe-bf26a7faa603/1/mRXw1qlhquvGsLUInaApObMQpRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.156.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:f8:cc:ce:ee:18:0c:0a:76:a4:0c:76:09:e7:f9:ea:0d:87:
         b2:05:f9:d0:38:77:40:30:45:ba:45:fe:0d:06:5a:e5:d4:c4:
         5e:50:21:a6:ac:20:23:c8:8c:73:d7:ac:39:d3:23:16:1f:ba:
         a9:16:89:3e:55:db:18:51:ef:d6:84:3b:9d:02:47:0d:dc:78:
         30:14:91:e0:78:ae:1e:42:8c:d5:15:ec:65:34:64:2d:11:93:
         2f:8a:e7:4b:a0:cc:10:7d:64:20:96:1c:a3:78:88:3a:73:7c:
         24:35:92:fd:5c:fe:b4:ee:45:d7:b2:05:df:43:ec:0a:c6:c4:
         ec:b4:9a:9b:83:d9:9c:74:e4:12:39:88:ba:67:f0:bd:d3:ae:
         8f:46:08:49:3b:cf:d2:07:1e:a0:22:26:03:4a:3d:7d:a3:90:
         03:a1:29:2e:f0:0d:9b:b2:bb:fa:08:d6:2e:91:4e:7c:aa:db:
         46:bc:35:c1:73:d0:c4:a3:e7:b0:65:9a:cd:79:cb:93:86:4c:
         fa:78:28:26:89:16:51:37:eb:6b:e0:9c:34:c9:c8:f2:22:42:
         91:b5:c0:dd:61:d5:8f:63:d3:05:35:c3:e4:1b:30:80:db:d0:
         43:a1:92:65:72:6a:99:d4:f3:67:31:3b:c7:21:ed:95:81:3a:
         53:9c:dd:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy4z/Sr88N2L50wbtn4heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MTVmMGQ2YTk2MWFhZWJjNmIwYjUwODlkYTAyOTM5YjMx
MGE1MWMwHhcNMjMwMTAyMDAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDIyNzE4ZTkzMGI4YjcyNzhjYjViNzVlNjM4MzBlYjljMDk0MDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVNfOEYo8dRJYbWDasWUp78PwdNl
8CVFBH+r4wxmNnX8gHX7FD01uAYTDxR1wywWkrTbHs44ArBvl4BbYifh8dY2CEND
KoPO3eJ745oTlNE09Sa7lZPNN/istqLdz+SADb4KPXTgxFuhUtxqItomTlNpq5J+
HRntdog8sx9+EYpIwfCtmjlwLirsEHhiFWHXQADG8EhteWxjd09HVg9KURqLGs4W
M5DzYJ9BGx563Xn927jDxV09a9mjFpoNN3ysUQu/xKsZ+lSjih7HI0HyaGrez1QJ
lFBP9dGZJpgCee8hTzGa+pRAsp1F+cYjyawi/a+f9VD+ZXkrwx5XiSLslQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0icY6TC4tyeMtbdeY4MOucCUCWMB8GA1UdIwQY
MBaAFJkV8NapYarrxrC1CJ2gKTmzEKUcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVJYdzFxbGhxdXZHc0xVSW5hQXBPYk1RcFJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYTExMGQtZTZlNS00YmY5LTg0ZmUt
YmYyNmE3ZmFhNjAzLzEvSFNKeGpwTUxpM0o0eTF0MTVqZ3c2NXdKUUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYTExMGQtZTZlNS00YmY5LTg0ZmUtYmYyNmE3ZmFhNjAz
LzEvbVJYdzFxbGhxdXZHc0xVSW5hQXBPYk1RcFJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJzVMA0G
CSqGSIb3DQEBCwUAA4IBAQBO+MzO7hgMCnakDHYJ5/nqDYeyBfnQOHdAMEW6Rf4N
Blrl1MReUCGmrCAjyIxz16w50yMWH7qpFok+VdsYUe/WhDudAkcN3HgwFJHgeK4e
QozVFexlNGQtEZMviudLoMwQfWQglhyjeIg6c3wkNZL9XP607kXXsgXfQ+wKxsTs
tJqbg9mcdOQSOYi6Z/C9066PRghJO8/SBx6gIiYDSj19o5ADoSku8A2bsrv6CNYu
kU58qttGvDXBc9DEo+ewZZrNecuThkz6eCgmiRZRN+tr4Jw0ycjyIkKRtcDdYdWP
Y9MFNcPkGzCA29BDoZJlcmqZ1PNnMTvHIe2VgTpTnN0e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:34 2024 by rpki-client on console-fra.rpki-client.org