Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/hmImOSMd3raQELfYMvVKNwC-UPY.roa
File:                     hmImOSMd3raQELfYMvVKNwC-UPY.roa (raw, json)
Hash identifier:          YwgofQ7eGyB8thbTGIMO+JZjPUS9ExZM3nKMVaKzJxM=
Subject key identifier:   86:62:26:39:23:1D:DE:B6:90:10:B7:D8:32:F5:4A:37:00:BE:50:F6
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       01856C8140F8C11101CF3D2A831B9EF3B953
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/hmImOSMd3raQELfYMvVKNwC-UPY.roa
Signing time:             Sun 01 Jan 2023 08:44:48 +0000
ROA not before:           Sun 01 Jan 2023 08:44:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209737
IP address blocks:        80.246.224.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 20:28:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:81:40:f8:c1:11:01:cf:3d:2a:83:1b:9e:f3:b9:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Jan  1 08:44:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86622639231ddeb69010b7d832f54a3700be50f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:da:bd:17:82:0e:9c:5c:ef:d6:67:fd:1f:d8:
                    14:d1:d6:c5:54:f2:eb:fc:5e:34:85:53:bb:65:01:
                    fc:38:63:a7:22:2e:19:5e:01:ee:ca:30:98:65:78:
                    ab:65:da:16:f3:7a:e3:a5:a8:9d:b4:9c:8f:e0:c3:
                    f7:c5:40:5f:81:b9:3e:40:e3:e4:70:ca:19:7a:6d:
                    4e:73:b4:4c:bc:cb:55:37:6d:a7:53:20:45:e2:71:
                    87:6f:b5:72:72:aa:b6:d8:6e:52:03:2c:9d:f5:f3:
                    1d:c2:e8:c5:e2:14:29:60:e8:fd:7b:87:0a:fc:da:
                    34:c7:82:44:b8:af:11:ff:9f:fb:cc:8d:ea:65:ff:
                    91:a3:c1:7d:3d:d5:2b:e6:8f:2a:01:77:b2:c0:5b:
                    7f:d3:b6:5e:6d:c3:01:a1:c1:a7:19:c9:4f:b4:ad:
                    ac:0c:d0:55:f8:6f:ae:84:bd:06:12:6d:1f:94:f3:
                    98:8a:8f:3f:59:7e:dc:10:89:3a:36:ed:e8:48:39:
                    f3:f8:a0:71:9c:c3:88:56:61:ad:00:df:e5:0d:b2:
                    30:81:ce:04:f8:1f:68:0d:5f:39:77:bd:f3:91:4d:
                    3b:78:fe:61:d1:00:a2:32:eb:0b:9f:9f:6a:db:89:
                    23:d5:63:51:60:90:e2:6e:bc:cf:54:58:2d:79:5e:
                    3f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:62:26:39:23:1D:DE:B6:90:10:B7:D8:32:F5:4A:37:00:BE:50:F6
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/hmImOSMd3raQELfYMvVKNwC-UPY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7a:bc:78:92:b1:8c:bd:83:05:b9:9d:a2:1b:4a:45:4b:5c:c3:
         ff:73:98:5e:16:66:c2:8b:a0:40:2d:f3:28:e4:2f:a9:bb:bc:
         bf:a0:eb:ab:af:6a:0c:3a:45:2e:d7:06:e8:e4:eb:13:89:1c:
         1b:bb:e8:38:88:3c:80:98:81:f0:57:fc:b6:99:56:1d:f6:9e:
         0f:62:a2:ec:ac:b6:6f:a8:1e:62:60:bd:91:d6:3a:08:b2:7d:
         a1:7f:c6:a2:27:47:57:4c:c0:2c:33:8b:bc:98:40:02:85:6c:
         6f:36:e3:95:ed:59:ea:41:f1:1a:b6:71:58:55:c1:33:71:c0:
         46:b2:a7:44:d5:48:97:72:98:bb:50:16:6e:95:52:7e:d4:75:
         69:b3:14:d0:e2:a1:1c:47:42:ff:c2:d7:b3:42:bf:fa:f0:b9:
         af:77:1a:9a:3a:46:77:15:65:e4:03:3a:58:ff:a5:f6:a2:24:
         3d:19:82:75:7e:74:69:00:5a:8a:1d:86:1c:bd:fe:ae:5c:b9:
         30:cd:b0:bd:c0:5c:d5:30:b5:fb:a0:76:c2:29:f0:2e:cd:49:
         0b:4c:68:0a:93:19:c0:17:d8:13:b9:29:0c:40:42:e0:a8:17:
         1f:e8:96:4e:a7:85:91:96:b6:8a:5c:65:1c:99:49:3e:64:15:
         62:db:c0:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsgUD4wREBzz0qgxue87lTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwMTAxMDg0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYyMjYzOTIzMWRkZWI2OTAxMGI3ZDgzMmY1NGEzNzAwYmU1MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdq9F4IOnFzv1mf9H9gU0dbFVPLr
/F40hVO7ZQH8OGOnIi4ZXgHuyjCYZXirZdoW83rjpaidtJyP4MP3xUBfgbk+QOPk
cMoZem1Oc7RMvMtVN22nUyBF4nGHb7Vycqq22G5SAyyd9fMdwujF4hQpYOj9e4cK
/No0x4JEuK8R/5/7zI3qZf+Ro8F9PdUr5o8qAXeywFt/07ZebcMBocGnGclPtK2s
DNBV+G+uhL0GEm0flPOYio8/WX7cEIk6Nu3oSDnz+KBxnMOIVmGtAN/lDbIwgc4E
+B9oDV85d73zkU07eP5h0QCiMusLn59q24kj1WNRYJDibrzPVFgteV4/fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZiJjkjHd62kBC32DL1SjcAvlD2MB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvaG1JbU9TTWQzcmFRRUxmWU12VktOd0MtVVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUPbgMA0G
CSqGSIb3DQEBCwUAA4IBAQB6vHiSsYy9gwW5naIbSkVLXMP/c5heFmbCi6BALfMo
5C+pu7y/oOurr2oMOkUu1wbo5OsTiRwbu+g4iDyAmIHwV/y2mVYd9p4PYqLsrLZv
qB5iYL2R1joIsn2hf8aiJ0dXTMAsM4u8mEAChWxvNuOV7VnqQfEatnFYVcEzccBG
sqdE1UiXcpi7UBZulVJ+1HVpsxTQ4qEcR0L/wtezQr/68LmvdxqaOkZ3FWXkAzpY
/6X2oiQ9GYJ1fnRpAFqKHYYcvf6uXLkwzbC9wFzVMLX7oHbCKfAuzUkLTGgKkxnA
F9gTuSkMQELgqBcf6JZOp4WRlraKXGUcmUk+ZBVi28Dq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org