Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/HpsJP9F1tGC8jm4TrhamNewTaiQ.roa
File:                     HpsJP9F1tGC8jm4TrhamNewTaiQ.roa (raw, json)
Hash identifier:          Xt6E7VKw1AWaOfVv+Vn3nxE8hFlG8odg3LJqs0+KTfk=
Subject key identifier:   1E:9B:09:3F:D1:75:B4:60:BC:8E:6E:13:AE:16:A6:35:EC:13:6A:24
Certificate issuer:       /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial:       01856ECB7D8F69F6CE11C5476F85EC94D89D
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/HpsJP9F1tGC8jm4TrhamNewTaiQ.roa
Signing time:             Sun 01 Jan 2023 19:25:07 +0000
ROA not before:           Sun 01 Jan 2023 19:25:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42651
IP address blocks:        45.88.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:cb:7d:8f:69:f6:ce:11:c5:47:6f:85:ec:94:d8:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
        Validity
            Not Before: Jan  1 19:25:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e9b093fd175b460bc8e6e13ae16a635ec136a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:94:37:da:63:1a:84:07:40:67:36:e0:74:29:
                    ea:49:c1:66:66:55:b0:3e:83:a6:5c:32:03:aa:29:
                    88:cd:3c:a0:9a:4f:89:d6:ef:48:05:9f:1d:13:f5:
                    2c:0b:fd:d5:67:bc:29:3b:58:5e:84:a7:bc:51:d5:
                    33:60:66:4d:b9:b5:dd:29:f0:0e:c2:b7:f0:37:96:
                    79:87:95:d0:75:52:de:70:72:3e:44:48:f9:6d:df:
                    71:0c:ac:83:4b:4c:7f:46:33:c7:9a:7f:9d:b1:66:
                    c1:60:59:68:dc:29:62:d2:3d:3f:1a:de:3e:48:1d:
                    29:87:82:06:6a:94:27:06:09:59:8b:5d:57:d6:cc:
                    8b:d7:a8:44:50:75:d1:fb:4c:30:b8:23:09:9e:5f:
                    34:ab:f9:cb:8e:00:57:2e:b8:5c:00:9a:f7:6a:29:
                    32:5e:c0:87:c3:3d:6a:70:22:bf:e5:9c:21:a9:a7:
                    e5:93:8b:cb:55:cc:95:73:64:fc:90:6d:57:c5:b7:
                    64:e2:d1:b8:89:f0:a6:c4:38:87:f0:62:8f:4b:32:
                    62:ef:4f:79:87:6b:89:86:2c:fb:a2:96:69:35:53:
                    16:c0:c8:dd:34:6a:06:c3:c1:07:cb:b9:e5:00:09:
                    7a:89:80:4b:fd:24:79:8a:cb:2d:ba:c7:97:8f:8b:
                    3f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:9B:09:3F:D1:75:B4:60:BC:8E:6E:13:AE:16:A6:35:EC:13:6A:24
            X509v3 Authority Key Identifier:
                keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/HpsJP9F1tGC8jm4TrhamNewTaiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:a7:f1:01:7a:60:28:4d:fd:6e:8e:f6:39:c7:67:3c:b7:05:
         ab:0b:85:89:46:ba:6e:7c:b7:ec:cd:a4:58:6b:e8:97:77:d5:
         f6:12:05:a7:8c:c3:db:e0:e2:e5:ce:10:65:e7:cc:c5:6a:90:
         5d:6b:39:15:30:09:59:ff:69:a4:6b:56:32:52:d8:e8:98:55:
         35:d5:d5:ce:03:fb:86:73:38:c8:b0:f0:cb:20:b7:bb:3b:54:
         8b:4d:1f:78:43:cd:08:74:3b:4d:4b:15:8e:80:b1:3d:93:2f:
         ae:7e:3e:d2:d9:c6:db:79:c1:14:6a:0a:73:4b:ff:c0:dd:06:
         cf:be:cd:a0:86:a7:42:a6:31:5e:47:5c:33:4a:86:b0:8a:5e:
         67:be:54:ab:cd:cc:e7:a9:5a:2b:32:35:11:a9:c4:47:67:9b:
         6b:0a:51:62:35:ad:2f:97:47:6c:a4:04:c5:c8:fe:b0:c2:ab:
         7c:81:e4:d7:75:56:1d:17:fd:23:72:7f:90:4f:46:f5:0a:c3:
         f9:c3:06:66:08:f0:5c:c3:86:f1:f0:e8:95:17:e2:c9:51:8d:
         ae:2a:b7:db:7c:c9:a9:3b:11:e4:d3:16:4a:52:e8:09:76:d9:
         bd:c0:5a:84:d7:16:67:eb:ef:96:5b:78:44:b8:3c:19:1e:8c:
         66:59:41:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy32PafbOEcVHb4XslNidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTIyOWUyNjZiMjU1ODg5OWYzNTQ3ZWU2M2Q4NGVkNjU5
NDc2OGIwHhcNMjMwMTAxMTkyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTliMDkzZmQxNzViNDYwYmM4ZTZlMTNhZTE2YTYzNWVjMTM2YTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZQ32mMahAdAZzbgdCnqScFmZlWw
PoOmXDIDqimIzTygmk+J1u9IBZ8dE/UsC/3VZ7wpO1hehKe8UdUzYGZNubXdKfAO
wrfwN5Z5h5XQdVLecHI+REj5bd9xDKyDS0x/RjPHmn+dsWbBYFlo3Cli0j0/Gt4+
SB0ph4IGapQnBglZi11X1syL16hEUHXR+0wwuCMJnl80q/nLjgBXLrhcAJr3aiky
XsCHwz1qcCK/5Zwhqaflk4vLVcyVc2T8kG1Xxbdk4tG4ifCmxDiH8GKPSzJi7095
h2uJhiz7opZpNVMWwMjdNGoGw8EHy7nlAAl6iYBL/SR5isstuseXj4s/XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6bCT/RdbRgvI5uE64WpjXsE2okMB8GA1UdIwQY
MBaAFJOiKeJmslWImfNUfuY9hO1llHaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYt
NGQ3NzdjYWNkOWE0LzEvSHBzSlA5RjF0R0M4am00VHJoYW1OZXdUYWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYtNGQ3NzdjYWNkOWE0
LzEvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVjLMA0G
CSqGSIb3DQEBCwUAA4IBAQBUp/EBemAoTf1ujvY5x2c8twWrC4WJRrpufLfszaRY
a+iXd9X2EgWnjMPb4OLlzhBl58zFapBdazkVMAlZ/2mka1YyUtjomFU11dXOA/uG
czjIsPDLILe7O1SLTR94Q80IdDtNSxWOgLE9ky+ufj7S2cbbecEUagpzS//A3QbP
vs2ghqdCpjFeR1wzSoawil5nvlSrzcznqVorMjURqcRHZ5trClFiNa0vl0dspATF
yP6wwqt8geTXdVYdF/0jcn+QT0b1CsP5wwZmCPBcw4bx8OiVF+LJUY2uKrfbfMmp
OxHk0xZKUugJdtm9wFqE1xZn6++WW3hEuDwZHoxmWUF9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:30 2024 by rpki-client on console-ams.rpki-client.org