Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/HwOXFoYLSF7bnVMHPlbTgG7xf60.roa
File:                     HwOXFoYLSF7bnVMHPlbTgG7xf60.roa (raw, json)
Hash identifier:          W82jXJKxQbZr1EYgevAeCLVrej7IwyvEeTKuScyCnd0=
Subject key identifier:   1F:03:97:16:86:0B:48:5E:DB:9D:53:07:3E:56:D3:80:6E:F1:7F:AD
Certificate issuer:       /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial:       018CC26D42C6CE35608325092851DFAFC56B
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/HwOXFoYLSF7bnVMHPlbTgG7xf60.roa
Signing time:             Mon 01 Jan 2024 00:29:49 +0000
ROA not before:           Mon 01 Jan 2024 00:29:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205820
IP address blocks:        185.244.50.0/24 maxlen: 24
                          185.251.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 13:50:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:42:c6:ce:35:60:83:25:09:28:51:df:af:c5:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
        Validity
            Not Before: Jan  1 00:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1f039716860b485edb9d53073e56d3806ef17fad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:3b:1d:4c:2f:28:4d:f7:3c:0c:cc:52:7c:77:
                    e9:00:ab:b2:33:ba:28:fb:9b:b4:65:52:83:ca:c0:
                    71:14:aa:bc:21:02:75:7b:70:82:74:3b:f4:15:91:
                    7c:54:ff:b2:08:d9:c6:9e:22:40:d3:8e:2f:91:05:
                    75:e7:a9:f1:e1:68:7c:ff:e7:79:88:fd:f6:32:28:
                    02:af:13:38:85:8b:3c:02:d3:82:61:63:d2:65:75:
                    e1:71:ec:fb:6e:a9:f0:95:14:71:bc:77:69:08:82:
                    56:8c:65:25:a1:22:71:22:34:f2:96:d2:1b:01:e6:
                    ae:99:e1:ca:65:f9:b2:27:57:c2:83:72:cd:b2:e7:
                    7e:db:39:4b:43:2b:a4:df:31:e0:5f:24:4d:b8:9b:
                    f1:37:47:4c:ff:e9:5b:58:0e:06:e5:7b:6c:72:e1:
                    b0:83:a0:2f:47:ff:66:8d:98:e8:2e:8f:cb:80:f7:
                    e7:51:4e:90:77:d9:0c:05:35:2b:ca:fc:5d:4c:4a:
                    7f:e3:67:7c:80:10:a7:d8:d4:50:b2:d2:e9:c2:9f:
                    d8:2e:8d:93:9c:5f:44:f0:c4:d2:e6:db:a9:7e:7c:
                    ef:27:a9:81:97:d9:05:fb:46:e2:29:05:b7:cf:53:
                    dc:94:03:55:ac:3d:b4:1b:26:57:38:93:e8:a4:a3:
                    11:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:03:97:16:86:0B:48:5E:DB:9D:53:07:3E:56:D3:80:6E:F1:7F:AD
            X509v3 Authority Key Identifier:
                keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/HwOXFoYLSF7bnVMHPlbTgG7xf60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.244.50.0/24
                  185.251.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:3d:bf:59:67:1a:e7:6b:92:fa:88:90:79:f2:19:8b:40:e0:
         8a:b5:1b:89:7d:d3:41:99:b4:ca:cd:9d:0e:9e:75:cb:a9:d2:
         ca:49:d8:4b:b8:cc:51:78:0a:86:ce:08:31:ca:38:dd:ed:da:
         45:49:80:43:53:30:7e:a0:09:e3:f4:1f:31:31:fe:b1:b0:5b:
         17:7e:14:90:c5:d2:23:df:d8:5d:a7:45:08:ef:66:75:c9:77:
         fd:c8:f1:ed:b9:e7:32:3c:ae:f2:3a:ae:89:65:cf:b7:db:95:
         f9:79:ba:d8:55:d6:94:5b:67:56:4e:c7:4f:9a:92:35:51:6f:
         98:97:21:1c:a4:96:87:61:82:f4:04:52:d5:5e:f5:8f:13:6c:
         6f:34:b0:17:b0:5d:4f:b0:3b:b1:59:a8:03:26:dd:6a:b5:02:
         6f:5d:47:18:9c:eb:23:0d:4c:d7:aa:5a:0a:69:95:d6:6a:27:
         73:2c:28:0d:b7:24:f7:2f:51:60:b8:3d:be:bd:fc:3c:0e:16:
         06:c7:b1:79:c0:99:87:bb:a3:43:a4:f4:3b:56:f3:82:b4:e8:
         a1:e3:1a:1a:74:13:93:55:f4:f2:b6:f6:9c:fa:70:a2:9e:89:
         3c:2d:73:39:b7:ef:9c:45:91:70:9a:2c:2c:73:cb:74:cc:f4:
         95:dd:20:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbULGzjVggyUJKFHfr8VrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjAzOTcxNjg2MGI0ODVlZGI5ZDUzMDczZTU2ZDM4MDZlZjE3ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszsdTC8oTfc8DMxSfHfpAKuyM7oo
+5u0ZVKDysBxFKq8IQJ1e3CCdDv0FZF8VP+yCNnGniJA044vkQV156nx4Wh8/+d5
iP32MigCrxM4hYs8AtOCYWPSZXXhcez7bqnwlRRxvHdpCIJWjGUloSJxIjTyltIb
AeaumeHKZfmyJ1fCg3LNsud+2zlLQyuk3zHgXyRNuJvxN0dM/+lbWA4G5XtscuGw
g6AvR/9mjZjoLo/LgPfnUU6Qd9kMBTUryvxdTEp/42d8gBCn2NRQstLpwp/YLo2T
nF9E8MTS5tupfnzvJ6mBl9kF+0biKQW3z1PclANVrD20GyZXOJPopKMR9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB8DlxaGC0he251TBz5W04Bu8X+tMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvSHdPWEZvWUxTRjdiblZNSFBsYlRnRzd4ZjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufQyAwQA
ufsmMA0GCSqGSIb3DQEBCwUAA4IBAQBDPb9ZZxrna5L6iJB58hmLQOCKtRuJfdNB
mbTKzZ0OnnXLqdLKSdhLuMxReAqGzggxyjjd7dpFSYBDUzB+oAnj9B8xMf6xsFsX
fhSQxdIj39hdp0UI72Z1yXf9yPHtuecyPK7yOq6JZc+325X5ebrYVdaUW2dWTsdP
mpI1UW+YlyEcpJaHYYL0BFLVXvWPE2xvNLAXsF1PsDuxWagDJt1qtQJvXUcYnOsj
DUzXqloKaZXWaidzLCgNtyT3L1FguD2+vfw8DhYGx7F5wJmHu6NDpPQ7VvOCtOih
4xoadBOTVfTytvac+nCinok8LXM5t++cRZFwmiwsc8t0zPSV3SA8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:02 2024 by rpki-client on console-ams.rpki-client.org