Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/hx9bo_HokoO-dPqR87HAoG28A5w.roa
File:                     hx9bo_HokoO-dPqR87HAoG28A5w.roa (raw, json)
Hash identifier:          33Qi/tzHtE+381NWYJcgXpc9kPONgH+5EdFCWWC13+w=
Subject key identifier:   87:1F:5B:A3:F1:E8:92:83:BE:74:FA:91:F3:B1:C0:A0:6D:BC:03:9C
Certificate issuer:       /CN=faa067162e2209dc6c216ba6cfcd8be6d7386179
Certificate serial:       01880FF8E336D2E3D9EFA2146EFF87E54064
Authority key identifier: FA:A0:67:16:2E:22:09:DC:6C:21:6B:A6:CF:CD:8B:E6:D7:38:61:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-qBnFi4iCdxsIWumz82L5tc4YXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/hx9bo_HokoO-dPqR87HAoG28A5w.roa
Signing time:             Fri 12 May 2023 12:39:09 +0000
ROA not before:           Fri 12 May 2023 12:39:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21221
IP address blocks:        185.70.208.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0f:f8:e3:36:d2:e3:d9:ef:a2:14:6e:ff:87:e5:40:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=faa067162e2209dc6c216ba6cfcd8be6d7386179
        Validity
            Not Before: May 12 12:39:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=871f5ba3f1e89283be74fa91f3b1c0a06dbc039c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:14:a3:1f:8a:83:1d:51:74:58:ab:46:e8:5d:
                    34:15:73:03:7d:74:82:49:8d:43:70:a6:e4:de:8d:
                    cf:ea:58:73:20:15:6a:5a:a3:32:a1:00:57:d2:a9:
                    f7:48:fb:68:88:ad:6d:1e:42:90:97:64:06:90:00:
                    2e:64:40:88:2d:48:e7:34:8b:2d:15:48:12:08:fd:
                    41:15:47:48:6b:26:13:d7:a8:fa:89:f2:e2:ae:80:
                    c7:b3:3c:ed:6f:a3:56:42:8a:5d:34:89:67:87:8b:
                    b7:87:0b:89:bd:63:33:0a:4c:8d:ca:4f:6d:53:f9:
                    e0:fd:19:f8:b3:de:26:5d:ba:08:0b:96:29:6e:e7:
                    96:ac:9e:77:09:5e:3f:07:cb:54:ce:de:43:03:b5:
                    df:b9:d3:dc:a4:c6:40:11:7f:ba:65:64:38:f7:1e:
                    7b:5e:7c:47:2c:f2:b4:b7:d8:c9:db:8f:7d:27:4f:
                    0a:0e:19:bb:67:51:3f:12:8d:f3:a8:32:a4:39:c7:
                    6e:37:72:61:b2:d8:6e:a6:64:02:c6:fc:32:2b:48:
                    60:e5:1e:21:a0:ae:ec:c3:0c:7b:e8:b2:a3:bd:bc:
                    65:5f:06:24:65:fe:8c:9a:f5:2b:17:54:45:1a:58:
                    de:16:61:2a:d8:bd:cc:d2:2c:b7:8c:e0:00:3d:e8:
                    59:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:1F:5B:A3:F1:E8:92:83:BE:74:FA:91:F3:B1:C0:A0:6D:BC:03:9C
            X509v3 Authority Key Identifier:
                keyid:FA:A0:67:16:2E:22:09:DC:6C:21:6B:A6:CF:CD:8B:E6:D7:38:61:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qBnFi4iCdxsIWumz82L5tc4YXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/hx9bo_HokoO-dPqR87HAoG28A5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/1-qBnFi4iCdxsIWumz82L5tc4YXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.70.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:c9:64:98:cd:90:67:d6:d7:c0:f6:ab:d3:c8:8c:0d:6a:bd:
         9c:35:b2:b7:17:55:45:59:e6:c7:0b:04:12:72:9e:1c:74:b1:
         2d:dc:ef:30:bf:5b:72:cc:12:4b:69:ed:03:1e:60:e9:83:fe:
         3e:06:19:2a:25:f5:52:ba:f2:68:b8:1e:1e:a9:7d:cf:8c:c0:
         db:b0:ef:25:d4:92:0c:f6:f3:60:b7:2b:35:a3:5d:4f:85:3f:
         ed:23:43:86:40:45:88:2b:85:24:8d:a8:c6:0d:2d:60:a6:11:
         b3:05:8b:5d:f5:8d:54:25:e7:63:9b:55:40:fe:db:be:49:f3:
         6a:3e:63:99:91:d7:44:19:63:40:94:67:d0:3b:f1:f1:ad:50:
         45:d4:df:fc:f8:0d:be:5a:02:3b:99:72:e4:43:65:91:34:5e:
         74:e7:8a:27:34:87:c9:f0:e3:2a:54:37:f5:dc:38:79:c7:f7:
         2a:95:1a:e3:33:76:61:76:b3:bb:fd:ec:71:87:e1:de:80:4d:
         04:16:76:b8:ba:2b:b2:15:3d:eb:12:40:31:3a:54:d6:0a:92:
         3c:72:88:5a:ec:0e:e7:40:fd:e1:e0:28:b4:8e:44:9b:e5:de:
         08:b3:3b:58:b3:9a:c2:49:bb:c7:ee:77:80:eb:b1:7b:eb:e9:
         dc:17:63:a4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYgP+OM20uPZ76IUbv+H5UBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTA2NzE2MmUyMjA5ZGM2YzIxNmJhNmNmY2Q4YmU2ZDcz
ODYxNzkwHhcNMjMwNTEyMTIzOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFmNWJhM2YxZTg5MjgzYmU3NGZhOTFmM2IxYzBhMDZkYmMwMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBSjH4qDHVF0WKtG6F00FXMDfXSC
SY1DcKbk3o3P6lhzIBVqWqMyoQBX0qn3SPtoiK1tHkKQl2QGkAAuZECILUjnNIst
FUgSCP1BFUdIayYT16j6ifLiroDHszztb6NWQopdNIlnh4u3hwuJvWMzCkyNyk9t
U/ng/Rn4s94mXboIC5YpbueWrJ53CV4/B8tUzt5DA7XfudPcpMZAEX+6ZWQ49x57
XnxHLPK0t9jJ2499J08KDhm7Z1E/Eo3zqDKkOcduN3JhsthupmQCxvwyK0hg5R4h
oK7swwx76LKjvbxlXwYkZf6MmvUrF1RFGljeFmEq2L3M0iy3jOAAPehZ7wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIcfW6Px6JKDvnT6kfOxwKBtvAOcMB8GA1UdIwQY
MBaAFPqgZxYuIgncbCFrps/Ni+bXOGF5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xQm5GaTRpQ2R4c0lXdW16ODJMNXRjNFlYay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvYjc5YTAwLWFkZTQtNDc3Ni1hMzM0
LTI5ZGE4NzMyM2EyZC8xL2h4OWJvX0hva29PLWRQcVI4N0hBb0cyOEE1dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWEvYjc5YTAwLWFkZTQtNDc3Ni1hMzM0LTI5ZGE4NzMyM2Ey
ZC8xLzEtcUJuRmk0aUNkeHNJV3VtejgyTDV0YzRZWGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5RtAw
DQYJKoZIhvcNAQELBQADggEBAG7JZJjNkGfW18D2q9PIjA1qvZw1srcXVUVZ5scL
BBJynhx0sS3c7zC/W3LMEktp7QMeYOmD/j4GGSol9VK68mi4Hh6pfc+MwNuw7yXU
kgz282C3KzWjXU+FP+0jQ4ZARYgrhSSNqMYNLWCmEbMFi131jVQl52ObVUD+275J
82o+Y5mR10QZY0CUZ9A78fGtUEXU3/z4Db5aAjuZcuRDZZE0XnTniic0h8nw4ypU
N/XcOHnH9yqVGuMzdmF2s7v97HGH4d6ATQQWdri6K7IVPesSQDE6VNYKkjxyiFrs
DudA/eHgKLSORJvl3gizO1izmsJJu8fud4DrsXvr6dwXY6Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:35 2024 by rpki-client on console-ams.rpki-client.org