Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/HloRIr9v0i1johxx3J9AGDzkwEc.roa
File:                     HloRIr9v0i1johxx3J9AGDzkwEc.roa (raw, json)
Hash identifier:          stolNGSM5IBHIMkWjgCxOrZVbTD5gbfHKzIPG6j5B8M=
Subject key identifier:   1E:5A:11:22:BF:6F:D2:2D:63:A2:1C:71:DC:9F:40:18:3C:E4:C0:47
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       0185703073164D8680E12F1725DB5AE0FB91
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/HloRIr9v0i1johxx3J9AGDzkwEc.roa
Signing time:             Mon 02 Jan 2023 01:55:01 +0000
ROA not before:           Mon 02 Jan 2023 01:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209455
IP address blocks:        195.228.58.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:73:16:4d:86:80:e1:2f:17:25:db:5a:e0:fb:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  2 01:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e5a1122bf6fd22d63a21c71dc9f40183ce4c047
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2c:e7:39:a6:0c:ec:91:e4:2b:ab:81:ea:14:
                    a5:81:b9:39:ef:b5:7b:a7:d9:d0:80:40:9c:c9:ad:
                    1a:a8:28:2f:86:95:31:25:b9:99:43:f4:7d:bc:de:
                    89:bf:4e:9e:30:40:a9:09:60:27:0f:b2:01:7f:b9:
                    14:c6:5c:31:b1:67:81:3c:ef:79:b5:ea:c5:d1:a3:
                    f6:e9:31:fb:90:8f:94:35:42:63:7e:a0:38:24:6b:
                    62:22:95:b8:c0:84:1b:3c:5e:25:9d:5d:99:bd:43:
                    2b:d9:c3:71:5d:4b:09:1f:36:8a:8c:28:8e:e5:14:
                    0d:54:a9:b2:2a:5e:2d:4e:38:15:db:18:fd:03:ab:
                    ae:47:b5:33:2b:78:83:fa:3b:24:27:8a:64:f9:ad:
                    a1:52:eb:a6:82:53:08:58:60:c0:48:f0:3f:ca:12:
                    af:cb:db:bf:46:ce:8f:4c:64:bb:8a:a3:96:75:16:
                    7b:e8:0a:ef:7f:c1:99:25:25:c8:05:05:35:e3:1b:
                    8e:72:4f:a6:28:d4:75:d4:95:8f:6e:da:c1:9c:35:
                    a1:4e:1b:2e:35:94:a2:bd:f4:bf:36:2c:fb:0e:53:
                    15:42:b3:4b:15:e5:13:e4:96:db:65:d9:b9:3f:8d:
                    da:ff:ef:ee:0f:d7:fd:f9:69:60:19:04:4a:e5:e0:
                    f4:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:5A:11:22:BF:6F:D2:2D:63:A2:1C:71:DC:9F:40:18:3C:E4:C0:47
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/HloRIr9v0i1johxx3J9AGDzkwEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.228.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:d3:61:2f:7d:51:8d:89:61:51:1b:37:48:cf:b5:b0:3a:3f:
         e8:d3:1d:a5:b5:9f:53:b0:4c:32:c1:6d:e4:a2:63:aa:90:1b:
         35:95:8d:eb:4f:3f:69:8e:08:75:06:c5:8f:c7:83:cb:d7:63:
         ee:ab:ef:53:50:0b:7c:37:56:e7:d0:d1:c0:51:56:52:48:28:
         df:a0:86:cd:85:c9:61:9d:ee:e7:95:0e:ba:39:81:47:9c:6b:
         9b:22:1e:61:b3:68:3f:0c:e4:c7:fd:82:93:6c:df:dd:d4:ad:
         6b:ed:dd:cd:69:e6:07:95:bf:eb:c2:0a:2a:71:32:21:91:23:
         20:7b:00:4a:01:e1:ff:30:64:0e:55:08:85:89:92:7b:72:18:
         ab:51:c9:cb:66:e4:13:7b:e5:a3:07:8a:59:a4:03:53:51:5e:
         f5:8c:11:59:7b:b9:cf:06:8b:20:1b:fa:39:c1:23:2d:32:5e:
         a9:a6:b4:5f:f1:38:2f:26:fe:1e:86:9b:72:4d:e6:29:63:d8:
         52:81:c2:e5:4e:5b:aa:2b:46:c6:31:7d:47:d9:92:f5:25:ed:
         9d:fd:25:54:ee:4c:47:1c:f7:ed:d5:3d:ba:ac:87:b8:f1:6f:
         03:13:ae:53:e1:cb:9b:cc:be:b1:90:9a:bf:11:58:fc:8e:14:
         e0:36:7a:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMHMWTYaA4S8XJdta4PuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVhMTEyMmJmNmZkMjJkNjNhMjFjNzFkYzlmNDAxODNjZTRjMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiznOaYM7JHkK6uB6hSlgbk577V7
p9nQgECcya0aqCgvhpUxJbmZQ/R9vN6Jv06eMECpCWAnD7IBf7kUxlwxsWeBPO95
terF0aP26TH7kI+UNUJjfqA4JGtiIpW4wIQbPF4lnV2ZvUMr2cNxXUsJHzaKjCiO
5RQNVKmyKl4tTjgV2xj9A6uuR7UzK3iD+jskJ4pk+a2hUuumglMIWGDASPA/yhKv
y9u/Rs6PTGS7iqOWdRZ76Arvf8GZJSXIBQU14xuOck+mKNR11JWPbtrBnDWhThsu
NZSivfS/Niz7DlMVQrNLFeUT5JbbZdm5P43a/+/uD9f9+WlgGQRK5eD0owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5aESK/b9ItY6IccdyfQBg85MBHMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvSGxvUklyOXYwaTFqb2h4eDNKOUFHRHprd0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+Q6MA0G
CSqGSIb3DQEBCwUAA4IBAQAH02EvfVGNiWFRGzdIz7WwOj/o0x2ltZ9TsEwywW3k
omOqkBs1lY3rTz9pjgh1BsWPx4PL12Puq+9TUAt8N1bn0NHAUVZSSCjfoIbNhclh
ne7nlQ66OYFHnGubIh5hs2g/DOTH/YKTbN/d1K1r7d3NaeYHlb/rwgoqcTIhkSMg
ewBKAeH/MGQOVQiFiZJ7chirUcnLZuQTe+WjB4pZpANTUV71jBFZe7nPBosgG/o5
wSMtMl6pprRf8TgvJv4ehptyTeYpY9hSgcLlTluqK0bGMX1H2ZL1Je2d/SVU7kxH
HPft1T26rIe48W8DE65T4cubzL6xkJq/EVj8jhTgNnpu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:13 2024 by rpki-client on console-ams.rpki-client.org