Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/hJo6a0iIJXLzkgz2L__j2XIt__Q.roa
File:                     hJo6a0iIJXLzkgz2L__j2XIt__Q.roa (raw, json)
Hash identifier:          f9UVgvpckICKUHQI3MB4umy7xZZrFbz6h8X3Gyx5c7g=
Subject key identifier:   84:9A:3A:6B:48:88:25:72:F3:92:0C:F6:2F:FF:E3:D9:72:2D:FF:F4
Certificate issuer:       /CN=f2ee5b6849c8c81f5a763595588a6ba6821e767b
Certificate serial:       018CB1317749B75B288F8E81C5380907708A
Authority key identifier: F2:EE:5B:68:49:C8:C8:1F:5A:76:35:95:58:8A:6B:A6:82:1E:76:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/hJo6a0iIJXLzkgz2L__j2XIt__Q.roa
Signing time:             Thu 28 Dec 2023 16:10:58 +0000
ROA not before:           Thu 28 Dec 2023 16:10:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200497
IP address blocks:        194.9.18.0/23 maxlen: 24
                          194.4.144.0/22 maxlen: 24
                          194.9.8.0/23 maxlen: 24
                          2a0c:e440::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b1:31:77:49:b7:5b:28:8f:8e:81:c5:38:09:07:70:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f2ee5b6849c8c81f5a763595588a6ba6821e767b
        Validity
            Not Before: Dec 28 16:10:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=849a3a6b48882572f3920cf62fffe3d9722dfff4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:15:fa:6d:8a:cf:d8:f0:da:ff:27:95:a2:55:
                    eb:db:72:25:f5:6e:07:0a:f5:79:56:72:e6:a7:e5:
                    87:f8:ea:06:49:d7:d8:d1:6d:7d:56:78:8c:a6:cd:
                    46:67:30:3d:89:d1:ad:a4:77:45:85:5b:23:dc:61:
                    7f:44:a0:ea:a7:ea:3a:b3:fc:ee:b0:59:27:85:18:
                    4a:9e:9f:79:fc:7f:d1:72:16:ad:15:dc:cf:cf:57:
                    a7:ed:f2:16:c2:39:06:27:48:f5:68:d8:ea:9a:a8:
                    4e:42:a9:70:72:3d:1d:3d:9a:25:27:ba:7c:d3:8a:
                    79:2b:66:2b:db:0b:b0:35:1b:bd:5f:b0:15:2f:d1:
                    8c:ae:1d:14:4c:38:7e:54:f3:e3:99:46:6f:97:df:
                    57:00:24:e7:58:6e:e1:dd:6c:a5:e7:5a:2f:18:e8:
                    2d:c1:51:8c:f4:55:a4:75:e4:43:c1:b3:00:22:2a:
                    7d:8f:af:7b:a2:a3:3e:9a:ac:e6:23:0a:fe:d9:95:
                    ff:0e:fe:5e:7b:b3:94:71:38:80:a1:d6:14:11:52:
                    18:28:34:59:30:33:4e:30:37:d9:ad:21:19:96:6f:
                    22:b1:57:50:1a:57:9d:ba:e3:4d:1c:ec:7c:ec:2c:
                    44:47:f6:39:4d:ee:ce:4d:25:63:84:33:b6:12:21:
                    75:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:9A:3A:6B:48:88:25:72:F3:92:0C:F6:2F:FF:E3:D9:72:2D:FF:F4
            X509v3 Authority Key Identifier:
                keyid:F2:EE:5B:68:49:C8:C8:1F:5A:76:35:95:58:8A:6B:A6:82:1E:76:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/hJo6a0iIJXLzkgz2L__j2XIt__Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.4.144.0/22
                  194.9.8.0/23
                  194.9.18.0/23
                IPv6:
                  2a0c:e440::/29

    Signature Algorithm: sha256WithRSAEncryption
         6e:2d:c0:8a:68:39:ed:85:13:be:7b:c0:88:d4:a5:e7:79:26:
         3c:88:61:20:26:b7:ee:85:21:76:1b:f8:13:8a:c8:17:0a:f9:
         a4:61:bf:53:2b:24:2f:b9:18:dd:06:53:56:36:a6:14:61:a5:
         b0:40:8c:94:6a:a6:37:6c:b3:80:bc:5c:da:19:d8:1a:b2:17:
         8e:47:fd:21:7c:8e:91:d0:7f:b3:9c:48:42:52:64:72:a1:36:
         cd:89:55:5c:3a:c0:8e:e8:73:90:5f:37:c2:56:cf:ce:e6:87:
         fe:d6:a5:85:a4:4f:a4:ab:b9:40:8b:38:12:72:94:76:29:a1:
         6b:66:a3:ba:88:93:2d:c3:d4:9e:82:01:9e:03:85:de:af:10:
         1c:b4:d9:b1:0c:e1:ff:be:26:c6:ce:8c:09:21:ef:cd:a0:22:
         6a:09:09:9b:8b:f7:57:50:1e:95:cb:99:e7:55:f2:03:89:88:
         e2:3b:71:da:89:b0:01:c5:78:ce:38:96:46:6c:eb:d5:92:e7:
         c3:0a:e8:d6:13:fb:ee:e4:36:eb:c6:ae:b3:cb:24:55:c4:64:
         0d:d4:00:ac:15:f2:53:7e:f7:52:66:88:3a:59:4d:c4:ba:9d:
         4d:79:db:aa:60:05:c3:c9:c3:71:36:d1:f5:be:b7:45:f7:da:
         66:19:ce:cd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYyxMXdJt1soj46BxTgJB3CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZWU1YjY4NDljOGM4MWY1YTc2MzU5NTU4OGE2YmE2ODIx
ZTc2N2IwHhcNMjMxMjI4MTYxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDlhM2E2YjQ4ODgyNTcyZjM5MjBjZjYyZmZmZTNkOTcyMmRmZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhX6bYrP2PDa/yeVolXr23Il9W4H
CvV5VnLmp+WH+OoGSdfY0W19VniMps1GZzA9idGtpHdFhVsj3GF/RKDqp+o6s/zu
sFknhRhKnp95/H/RchatFdzPz1en7fIWwjkGJ0j1aNjqmqhOQqlwcj0dPZolJ7p8
04p5K2Yr2wuwNRu9X7AVL9GMrh0UTDh+VPPjmUZvl99XACTnWG7h3Wyl51ovGOgt
wVGM9FWkdeRDwbMAIip9j697oqM+mqzmIwr+2ZX/Dv5ee7OUcTiAodYUEVIYKDRZ
MDNOMDfZrSEZlm8isVdQGleduuNNHOx87CxER/Y5Te7OTSVjhDO2EiF1JQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFISaOmtIiCVy85IM9i//49lyLf/0MB8GA1UdIwQY
MBaAFPLuW2hJyMgfWnY1lViKa6aCHnZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMDJhODgtM2E4NS00NzZmLWI0NTIt
NjBhMDM5ZGQxYmNhLzEvaEpvNmEwaUlKWEx6a2d6MkxfX2oyWEl0X19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMDJhODgtM2E4NS00NzZmLWI0NTItNjBhMDM5ZGQxYmNh
LzEvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCwgSQAwQB
wgkIAwQBwgkSMA0EAgACMAcDBQMqDORAMA0GCSqGSIb3DQEBCwUAA4IBAQBuLcCK
aDnthRO+e8CI1KXneSY8iGEgJrfuhSF2G/gTisgXCvmkYb9TKyQvuRjdBlNWNqYU
YaWwQIyUaqY3bLOAvFzaGdgasheOR/0hfI6R0H+znEhCUmRyoTbNiVVcOsCO6HOQ
XzfCVs/O5of+1qWFpE+kq7lAizgScpR2KaFrZqO6iJMtw9SeggGeA4XerxActNmx
DOH/vibGzowJIe/NoCJqCQmbi/dXUB6Vy5nnVfIDiYjiO3HaibABxXjOOJZGbOvV
kufDCujWE/vu5Dbrxq6zyyRVxGQN1ACsFfJTfvdSZog6WU3Eup1NeduqYAXDycNx
NtH1vrdF99pmGc7N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:33 2024 by rpki-client on console-ams.rpki-client.org