Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/DHXZaygJ089EB_iher-xPqrAMMo.roa
File:                     DHXZaygJ089EB_iher-xPqrAMMo.roa (raw, json)
Hash identifier:          qbiPYq3OGam1TQ8WSEuG+YpZoNbumHjgTDaiWAqm0R0=
Subject key identifier:   0C:75:D9:6B:28:09:D3:CF:44:07:F8:A1:7A:BF:B1:3E:AA:C0:30:CA
Certificate issuer:       /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial:       0187BC8BF4E7D345E43B6AEBEFACC97A2F69
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/DHXZaygJ089EB_iher-xPqrAMMo.roa
Signing time:             Wed 26 Apr 2023 07:51:41 +0000
ROA not before:           Wed 26 Apr 2023 07:51:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        195.182.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bc:8b:f4:e7:d3:45:e4:3b:6a:eb:ef:ac:c9:7a:2f:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
        Validity
            Not Before: Apr 26 07:51:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0c75d96b2809d3cf4407f8a17abfb13eaac030ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8a:77:2f:dc:1d:16:ca:3f:ed:ba:a4:f0:b8:
                    14:af:1d:e4:f0:27:75:e1:54:2b:b8:e4:f5:3e:de:
                    41:66:9e:2b:8a:91:82:72:62:71:e1:ce:f4:e9:68:
                    99:7e:32:28:c5:99:e8:5c:cc:b5:d8:32:95:44:e3:
                    64:25:24:cc:7b:38:3c:57:f2:cb:23:6b:f8:86:0f:
                    7d:5f:5e:63:30:9b:0b:67:10:3a:5d:20:54:5c:88:
                    3f:8e:ac:53:61:6a:85:31:b4:2c:f2:5c:17:08:7b:
                    d4:63:fb:b2:b6:e8:3b:3e:72:df:c9:a8:0b:46:df:
                    52:a8:7a:a1:0c:96:8c:42:bc:62:5a:80:b1:69:51:
                    95:da:4a:a7:df:b1:dc:8a:98:45:e5:b7:24:c6:4e:
                    ba:b6:c5:28:07:e8:f9:1c:0d:5b:75:9b:c4:47:d7:
                    e7:89:a3:0e:f6:5d:54:b3:25:71:bc:c6:70:79:21:
                    8a:31:85:22:44:2b:09:a6:e7:00:32:a2:cc:01:90:
                    e2:42:4a:d2:fa:31:0e:53:ca:eb:d9:a6:32:26:fa:
                    a1:00:f6:26:81:9f:d2:3f:5e:d5:d5:44:c3:6b:cd:
                    82:a0:d6:d1:91:ec:88:02:26:e2:a0:42:0b:4d:cb:
                    12:a0:6e:04:1f:af:fd:3e:f5:7e:87:b8:5b:82:4b:
                    1b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:75:D9:6B:28:09:D3:CF:44:07:F8:A1:7A:BF:B1:3E:AA:C0:30:CA
            X509v3 Authority Key Identifier:
                keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/DHXZaygJ089EB_iher-xPqrAMMo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.182.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:4e:61:3e:88:cc:dd:35:dc:99:fa:78:30:15:ed:55:1b:01:
         9a:08:28:36:d6:7e:c9:04:57:55:14:bf:d6:3d:50:d6:c6:cc:
         c7:6c:ee:6c:4d:77:69:26:b7:5f:41:9e:a2:ff:7b:ca:43:24:
         3e:fa:d8:7e:0e:da:3a:08:55:47:2f:f4:28:a1:96:bb:ae:c7:
         dd:e2:e3:dc:62:b3:6c:a8:4c:0d:1e:f5:bc:23:91:69:92:4a:
         14:98:a2:1f:e5:50:72:e7:7c:be:f4:d0:da:db:26:56:3b:96:
         a1:5c:d7:29:97:a7:3d:db:49:82:d5:da:bf:4b:57:8e:cf:ac:
         54:43:4d:31:ad:f3:56:a6:5c:5c:d2:99:07:8d:77:3a:8d:08:
         fd:c8:36:44:41:78:48:a9:0f:c0:c1:95:8d:6b:17:30:89:87:
         cb:30:7e:d1:e2:3f:1e:ab:36:50:79:cf:ef:64:49:b2:bd:0c:
         0f:b0:b8:4e:6f:06:a0:a3:a0:c0:4c:4d:c8:6b:22:13:73:fe:
         eb:21:5b:39:1c:cb:d0:f9:93:b2:5d:5d:0d:e8:14:a2:93:20:
         18:8c:44:6c:fd:0a:78:f9:9e:e7:96:72:e8:54:13:87:85:c4:
         02:36:30:79:f2:dc:64:21:c6:2d:c5:6a:77:a0:fa:96:53:73:
         86:71:66:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe8i/Tn00XkO2rr76zJei9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwNDI2MDc1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzc1ZDk2YjI4MDlkM2NmNDQwN2Y4YTE3YWJmYjEzZWFhYzAzMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4p3L9wdFso/7bqk8LgUrx3k8Cd1
4VQruOT1Pt5BZp4ripGCcmJx4c706WiZfjIoxZnoXMy12DKVRONkJSTMezg8V/LL
I2v4hg99X15jMJsLZxA6XSBUXIg/jqxTYWqFMbQs8lwXCHvUY/uytug7PnLfyagL
Rt9SqHqhDJaMQrxiWoCxaVGV2kqn37HciphF5bckxk66tsUoB+j5HA1bdZvER9fn
iaMO9l1UsyVxvMZweSGKMYUiRCsJpucAMqLMAZDiQkrS+jEOU8rr2aYyJvqhAPYm
gZ/SP17V1UTDa82CoNbRkeyIAibioEILTcsSoG4EH6/9PvV+h7hbgksbZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAx12WsoCdPPRAf4oXq/sT6qwDDKMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvREhYWmF5Z0owODlFQl9paGVyLXhQcXJBTU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7bGMA0G
CSqGSIb3DQEBCwUAA4IBAQBUTmE+iMzdNdyZ+ngwFe1VGwGaCCg21n7JBFdVFL/W
PVDWxszHbO5sTXdpJrdfQZ6i/3vKQyQ++th+Dto6CFVHL/QooZa7rsfd4uPcYrNs
qEwNHvW8I5FpkkoUmKIf5VBy53y+9NDa2yZWO5ahXNcpl6c920mC1dq/S1eOz6xU
Q00xrfNWplxc0pkHjXc6jQj9yDZEQXhIqQ/AwZWNaxcwiYfLMH7R4j8eqzZQec/v
ZEmyvQwPsLhObwago6DATE3IayITc/7rIVs5HMvQ+ZOyXV0N6BSikyAYjERs/Qp4
+Z7nlnLoVBOHhcQCNjB58txkIcYtxWp3oPqWU3OGcWY8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:14 2024 by rpki-client on console-ams.rpki-client.org