Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/HSngP8bH2gt5PJuUjWBOB7WAG-A.roa
File:                     HSngP8bH2gt5PJuUjWBOB7WAG-A.roa (raw, json)
Hash identifier:          Bi0LXcuDBbXnL4wPJJnAq5d7IJJ+7Le6Ftpw8xI9Ds0=
Subject key identifier:   1D:29:E0:3F:C6:C7:DA:0B:79:3C:9B:94:8D:60:4E:07:B5:80:1B:E0
Certificate issuer:       /CN=a4824308bc83b4ee56f1c0c1b9fbfc311b0cd44a
Certificate serial:       018B1A9DDF2008EE1C1859AA810F037CEE38
Authority key identifier: A4:82:43:08:BC:83:B4:EE:56:F1:C0:C1:B9:FB:FC:31:1B:0C:D4:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pIJDCLyDtO5W8cDBufv8MRsM1Eo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/HSngP8bH2gt5PJuUjWBOB7WAG-A.roa
Signing time:             Tue 10 Oct 2023 17:23:55 +0000
ROA not before:           Tue 10 Oct 2023 17:23:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51465
IP address blocks:        193.91.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1a:9d:df:20:08:ee:1c:18:59:aa:81:0f:03:7c:ee:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4824308bc83b4ee56f1c0c1b9fbfc311b0cd44a
        Validity
            Not Before: Oct 10 17:23:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d29e03fc6c7da0b793c9b948d604e07b5801be0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:a5:02:e4:14:42:59:02:20:f1:b0:57:9d:23:
                    0c:d6:16:70:a1:e4:98:85:42:7e:b5:0c:02:5d:93:
                    1e:9f:d4:13:8c:e2:a4:87:ce:dc:2e:e2:9e:21:44:
                    07:13:55:f8:dd:47:f7:d5:12:08:b3:fe:36:55:98:
                    54:87:50:33:75:3d:02:3a:95:fc:c4:2c:bc:f9:6a:
                    5c:54:df:04:94:7b:c6:c4:73:0c:1a:44:9b:b0:5d:
                    9f:88:cb:19:7b:e0:c8:1c:0d:54:f1:fb:b8:31:4f:
                    c5:da:7d:6a:bb:2e:bd:62:ec:38:8e:f5:03:22:5e:
                    b0:0f:4c:df:53:20:83:8f:6d:dc:a8:26:34:b9:93:
                    ad:9b:27:21:6a:a8:bb:58:76:4b:0f:cd:aa:1b:0a:
                    08:02:6b:4d:16:b3:d2:36:3d:e5:13:81:7f:d7:45:
                    a4:b4:b7:af:d6:43:09:e1:37:5f:bc:89:92:5e:b4:
                    be:26:5e:dc:31:01:ac:28:f2:18:21:bd:a5:b3:cc:
                    9a:11:f9:e2:47:d1:5c:1b:93:37:94:08:e2:a8:e6:
                    50:a9:c3:b6:62:da:b0:9d:19:6d:3e:98:71:be:13:
                    e4:d6:c7:ec:04:39:37:1d:02:fa:9d:0a:36:01:d0:
                    c8:a1:24:3f:5f:3b:4e:05:02:24:db:e1:85:f1:8f:
                    e4:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:29:E0:3F:C6:C7:DA:0B:79:3C:9B:94:8D:60:4E:07:B5:80:1B:E0
            X509v3 Authority Key Identifier:
                keyid:A4:82:43:08:BC:83:B4:EE:56:F1:C0:C1:B9:FB:FC:31:1B:0C:D4:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pIJDCLyDtO5W8cDBufv8MRsM1Eo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/HSngP8bH2gt5PJuUjWBOB7WAG-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/pIJDCLyDtO5W8cDBufv8MRsM1Eo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.91.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:34:d1:18:b7:a0:08:be:41:1e:52:99:41:e9:5e:c0:37:93:
         db:69:67:62:dd:55:97:f3:a3:fd:f1:c4:9f:24:be:7b:29:46:
         3a:e8:49:48:84:1c:f3:60:69:e5:74:bd:83:d1:46:96:ea:5d:
         ef:de:ea:74:95:a5:02:4a:3a:24:f2:f5:15:01:93:76:a9:35:
         14:fb:96:d1:3c:6c:e2:5b:34:ec:f7:f4:28:b6:a6:73:7c:23:
         5e:54:38:69:9b:8c:a9:7d:91:fe:c3:7e:e0:74:55:e0:46:c2:
         d2:de:f3:9d:73:59:ee:f1:36:f8:9f:03:a3:ba:ee:49:94:6e:
         e5:f0:de:22:c2:4e:6f:70:ce:95:bc:30:72:57:0f:0e:dc:8c:
         d0:b9:be:75:16:68:b3:44:74:2f:e5:55:76:05:63:3b:18:2c:
         d1:b5:50:0a:95:74:47:e3:b7:74:5c:e4:02:4a:ea:a8:6f:5b:
         d8:d2:3d:ce:2a:4a:9c:89:73:e9:99:23:74:3f:09:90:ac:a8:
         78:54:df:7c:8e:bb:ef:db:26:50:b3:42:88:3f:c7:94:41:ea:
         2f:7e:73:86:99:35:da:47:1d:72:07:f9:c7:14:ed:01:1d:36:
         06:b6:9e:48:83:ca:96:3d:17:2c:2d:a5:a4:ee:b5:d4:58:21:
         8f:e4:8d:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsand8gCO4cGFmqgQ8DfO44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ODI0MzA4YmM4M2I0ZWU1NmYxYzBjMWI5ZmJmYzMxMWIw
Y2Q0NGEwHhcNMjMxMDEwMTcyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDI5ZTAzZmM2YzdkYTBiNzkzYzliOTQ4ZDYwNGUwN2I1ODAxYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaUC5BRCWQIg8bBXnSMM1hZwoeSY
hUJ+tQwCXZMen9QTjOKkh87cLuKeIUQHE1X43Uf31RIIs/42VZhUh1AzdT0COpX8
xCy8+WpcVN8ElHvGxHMMGkSbsF2fiMsZe+DIHA1U8fu4MU/F2n1quy69Yuw4jvUD
Il6wD0zfUyCDj23cqCY0uZOtmychaqi7WHZLD82qGwoIAmtNFrPSNj3lE4F/10Wk
tLev1kMJ4TdfvImSXrS+Jl7cMQGsKPIYIb2ls8yaEfniR9FcG5M3lAjiqOZQqcO2
YtqwnRltPphxvhPk1sfsBDk3HQL6nQo2AdDIoSQ/XztOBQIk2+GF8Y/kNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0p4D/Gx9oLeTyblI1gTge1gBvgMB8GA1UdIwQY
MBaAFKSCQwi8g7TuVvHAwbn7/DEbDNRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcElKRENMeUR0TzVXOGNEQnVmdjhNUnNNMUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81ZmViMTMtOWU0My00MzI1LTg1Yzkt
MTk2ZTZmMzc1ZmQ2LzEvSFNuZ1A4YkgyZ3Q1UEp1VWpXQk9CN1dBRy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81ZmViMTMtOWU0My00MzI1LTg1YzktMTk2ZTZmMzc1ZmQ2
LzEvcElKRENMeUR0TzVXOGNEQnVmdjhNUnNNMUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwVsFMA0G
CSqGSIb3DQEBCwUAA4IBAQBKNNEYt6AIvkEeUplB6V7AN5PbaWdi3VWX86P98cSf
JL57KUY66ElIhBzzYGnldL2D0UaW6l3v3up0laUCSjok8vUVAZN2qTUU+5bRPGzi
WzTs9/QotqZzfCNeVDhpm4ypfZH+w37gdFXgRsLS3vOdc1nu8Tb4nwOjuu5JlG7l
8N4iwk5vcM6VvDByVw8O3IzQub51FmizRHQv5VV2BWM7GCzRtVAKlXRH47d0XOQC
Suqob1vY0j3OKkqciXPpmSN0PwmQrKh4VN98jrvv2yZQs0KIP8eUQeovfnOGmTXa
Rx1yB/nHFO0BHTYGtp5Ig8qWPRcsLaWk7rXUWCGP5I3J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:21 2024 by rpki-client on console-ams.rpki-client.org