Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/fh19_HveBxeqlLqBx9nKPn6ZzX0.roa
File:                     fh19_HveBxeqlLqBx9nKPn6ZzX0.roa (raw, json)
Hash identifier:          cOwdW+D0teXxgqIVdG/ArDm290qoSz+7XVFos+xz30s=
Subject key identifier:   7E:1D:7D:FC:7B:DE:07:17:AA:94:BA:81:C7:D9:CA:3E:7E:99:CD:7D
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       01856F5DD184FE8CE19B4E254DF5863F9ADA
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/fh19_HveBxeqlLqBx9nKPn6ZzX0.roa
Signing time:             Sun 01 Jan 2023 22:04:57 +0000
ROA not before:           Sun 01 Jan 2023 22:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205003
IP address blocks:        212.183.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:d1:84:fe:8c:e1:9b:4e:25:4d:f5:86:3f:9a:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jan  1 22:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7e1d7dfc7bde0717aa94ba81c7d9ca3e7e99cd7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e0:e9:43:6a:87:ed:7b:51:c7:4a:53:dd:db:
                    02:82:c8:f0:59:14:74:b9:a3:bb:1a:15:e0:07:e5:
                    df:db:cb:76:4c:64:d3:8a:b4:20:7a:74:65:d4:10:
                    10:70:90:96:81:23:8d:cf:61:ef:39:ba:0e:8d:76:
                    0d:69:e6:d6:41:3d:8a:e6:0d:9f:19:ba:02:d0:af:
                    6e:de:78:fc:fd:c8:9c:2e:23:38:a3:98:73:65:f9:
                    36:dc:0e:f0:e6:71:7b:3d:75:ff:55:66:38:22:5a:
                    b6:4c:99:04:8e:70:d1:55:fa:76:4f:c2:09:ac:f8:
                    92:87:cd:41:b2:b3:30:ad:7e:8d:25:f7:d6:55:5b:
                    5d:6f:90:4f:d3:11:64:ee:9f:fe:46:62:6f:f0:cc:
                    24:65:c8:91:80:e3:1a:cb:51:41:41:35:8b:31:ac:
                    96:19:2a:7d:0f:d5:33:1b:a6:65:f8:9f:55:02:3b:
                    0b:2b:30:71:84:57:d4:6f:f6:3f:b0:4d:de:c0:b6:
                    5d:5a:04:f1:c2:e9:16:0b:a8:2e:71:17:f9:80:a3:
                    1c:3d:a7:2d:87:42:63:3f:96:7e:a6:c9:9c:11:98:
                    d6:6a:da:03:fc:fc:2c:36:7f:7b:b2:ae:60:be:72:
                    e6:22:f7:36:eb:54:47:cf:cd:54:f2:9c:23:93:b6:
                    9e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:1D:7D:FC:7B:DE:07:17:AA:94:BA:81:C7:D9:CA:3E:7E:99:CD:7D
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/fh19_HveBxeqlLqBx9nKPn6ZzX0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.183.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d0:6b:11:b3:42:2c:94:58:48:a8:d5:3c:27:64:ae:0e:74:99:
         bf:e2:c9:98:85:7e:27:01:4c:d6:cd:e8:ac:e7:df:dd:98:a3:
         e4:84:00:24:37:6b:8b:4d:67:fb:96:87:45:81:cd:de:7a:dd:
         8a:47:83:fc:79:fa:bf:d4:7d:bf:ae:93:af:6d:f1:e9:3d:2a:
         27:88:41:af:33:9b:ea:c4:38:ee:b1:cb:9f:2c:9d:fa:8d:f2:
         c6:f3:10:70:bd:97:d6:6f:ba:c7:a3:c3:07:fb:90:d3:ff:e0:
         56:e8:69:e9:f8:43:c4:1c:66:f3:20:2c:48:88:dc:c8:73:97:
         c5:f2:4e:b5:c1:e2:be:8c:da:07:9a:2d:d0:76:bd:76:9e:48:
         b5:c6:d7:a5:11:1c:8a:c9:64:59:70:97:95:2c:0a:a7:a4:12:
         b8:4f:a4:12:e0:33:cf:00:67:ab:80:31:e9:03:86:14:f7:d5:
         9d:1e:f9:b0:10:25:74:fe:e6:15:df:02:18:f8:c0:c5:2e:7c:
         1b:50:e9:50:02:7e:9a:a8:77:52:ef:71:b3:2f:e0:90:2b:81:
         a0:99:68:45:f3:58:39:47:22:c7:aa:57:8e:a0:cb:1a:ac:21:
         fc:36:f0:58:c8:a1:77:4c:5d:97:6b:49:ee:8d:a1:39:68:4e:
         70:3e:74:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXdGE/ozhm04lTfWGP5raMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwMTAxMjIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTFkN2RmYzdiZGUwNzE3YWE5NGJhODFjN2Q5Y2EzZTdlOTljZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeDpQ2qH7XtRx0pT3dsCgsjwWRR0
uaO7GhXgB+Xf28t2TGTTirQgenRl1BAQcJCWgSONz2HvOboOjXYNaebWQT2K5g2f
GboC0K9u3nj8/cicLiM4o5hzZfk23A7w5nF7PXX/VWY4Ilq2TJkEjnDRVfp2T8IJ
rPiSh81BsrMwrX6NJffWVVtdb5BP0xFk7p/+RmJv8MwkZciRgOMay1FBQTWLMayW
GSp9D9UzG6Zl+J9VAjsLKzBxhFfUb/Y/sE3ewLZdWgTxwukWC6gucRf5gKMcPact
h0JjP5Z+psmcEZjWatoD/PwsNn97sq5gvnLmIvc261RHz81U8pwjk7aeXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4dffx73gcXqpS6gcfZyj5+mc19MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvZmgxOV9IdmVCeGVxbExxQng5bktQbjZaelgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1LccMA0G
CSqGSIb3DQEBCwUAA4IBAQDQaxGzQiyUWEio1TwnZK4OdJm/4smYhX4nAUzWzeis
59/dmKPkhAAkN2uLTWf7lodFgc3eet2KR4P8efq/1H2/rpOvbfHpPSoniEGvM5vq
xDjuscufLJ36jfLG8xBwvZfWb7rHo8MH+5DT/+BW6Gnp+EPEHGbzICxIiNzIc5fF
8k61weK+jNoHmi3Qdr12nki1xtelERyKyWRZcJeVLAqnpBK4T6QS4DPPAGergDHp
A4YU99WdHvmwECV0/uYV3wIY+MDFLnwbUOlQAn6aqHdS73GzL+CQK4GgmWhF81g5
RyLHqleOoMsarCH8NvBYyKF3TF2Xa0nujaE5aE5wPnS/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org