Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/35c0b9-2855-4b20-8c80-7e280752da21/1/HWw1qrYk0gQB9o8T3JZuQiZNVDs.roa
File:                     HWw1qrYk0gQB9o8T3JZuQiZNVDs.roa (raw, json)
Hash identifier:          rhrcVeiconcbjRTxvxDeJqYnQRj31Dky34GKKlnrx1g=
Subject key identifier:   1D:6C:35:AA:B6:24:D2:04:01:F6:8F:13:DC:96:6E:42:26:4D:54:3B
Certificate issuer:       /CN=4f672d39929731aed9e01bc5a9e6d680f4659a0b
Certificate serial:       01868348D9F6CB723633B18D642B0B816F0F
Authority key identifier: 4F:67:2D:39:92:97:31:AE:D9:E0:1B:C5:A9:E6:D6:80:F4:65:9A:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T2ctOZKXMa7Z4BvFqebWgPRlmgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/35c0b9-2855-4b20-8c80-7e280752da21/1/HWw1qrYk0gQB9o8T3JZuQiZNVDs.roa
Signing time:             Fri 24 Feb 2023 11:57:15 +0000
ROA not before:           Fri 24 Feb 2023 11:57:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28857
IP address blocks:        195.78.52.0/23 maxlen: 24
                          2001:4b60::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:83:48:d9:f6:cb:72:36:33:b1:8d:64:2b:0b:81:6f:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f672d39929731aed9e01bc5a9e6d680f4659a0b
        Validity
            Not Before: Feb 24 11:57:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d6c35aab624d20401f68f13dc966e42264d543b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ed:7e:07:09:c1:e2:82:e1:12:76:0a:5e:d6:
                    ce:12:ca:67:71:54:e5:6d:d0:c3:f1:08:0d:0b:e3:
                    fb:4b:88:03:14:28:12:14:11:57:af:90:c4:2d:fe:
                    17:6a:59:7c:74:61:4a:b9:9d:e3:f5:24:f6:41:bd:
                    03:b0:16:e9:67:bc:76:44:85:a4:f6:60:c9:91:e1:
                    81:30:6e:66:1e:29:f3:e0:24:e8:09:f2:4b:38:91:
                    62:7d:e0:a3:9d:74:dc:0d:a4:80:1e:6c:f5:33:a8:
                    f0:32:c7:ff:f0:9c:44:d2:52:cd:dc:1e:39:36:b9:
                    e5:47:6b:bd:40:f6:f5:bc:0a:ab:5e:cb:81:03:12:
                    4f:6d:8c:7f:1c:31:35:bc:84:ea:38:06:80:51:99:
                    e1:e8:fa:da:c3:df:c0:72:ba:34:28:47:53:70:8c:
                    d5:b8:ed:a9:d0:6e:86:6d:b3:87:02:65:f4:a9:01:
                    5a:7c:97:f8:fe:76:10:6c:f9:50:66:28:59:e4:18:
                    8f:dc:5e:fd:ec:51:fb:0d:19:d7:51:f2:e9:49:35:
                    ed:45:3e:81:7d:d9:fd:5c:cc:dd:fd:c1:ac:e4:45:
                    b5:d9:62:13:e6:a2:7a:bf:33:1b:e6:60:9b:c2:37:
                    67:5d:88:cb:b4:22:52:15:fb:ea:e3:6a:ed:a3:80:
                    cb:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:6C:35:AA:B6:24:D2:04:01:F6:8F:13:DC:96:6E:42:26:4D:54:3B
            X509v3 Authority Key Identifier:
                keyid:4F:67:2D:39:92:97:31:AE:D9:E0:1B:C5:A9:E6:D6:80:F4:65:9A:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T2ctOZKXMa7Z4BvFqebWgPRlmgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/35c0b9-2855-4b20-8c80-7e280752da21/1/HWw1qrYk0gQB9o8T3JZuQiZNVDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/35c0b9-2855-4b20-8c80-7e280752da21/1/T2ctOZKXMa7Z4BvFqebWgPRlmgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.78.52.0/23
                IPv6:
                  2001:4b60::/32

    Signature Algorithm: sha256WithRSAEncryption
         7e:bf:94:74:58:00:e1:09:19:11:8f:3e:19:27:41:99:4b:c2:
         d6:13:2e:d8:e6:37:48:72:f4:34:ca:71:e3:68:54:13:e9:9b:
         b7:e2:2f:f3:69:ec:d2:ca:25:8e:87:5e:75:79:cb:50:f8:01:
         8d:d0:1c:48:08:32:b4:22:24:9d:05:f9:d4:36:6a:8e:18:d3:
         8e:79:47:77:f3:51:e5:c0:ce:c8:cb:80:5c:b1:9a:e6:5b:d6:
         0a:d1:ff:d2:14:fa:f1:a0:9b:ad:b4:2d:23:76:46:f3:10:0a:
         3a:75:c8:7e:f9:56:c2:f7:34:ed:10:2d:f7:35:9a:13:55:55:
         ff:4b:a2:48:d2:6f:15:8f:9d:82:ee:fe:05:40:01:54:d7:e5:
         8f:ef:10:13:5b:d9:fd:e3:d8:23:00:b5:ac:eb:bc:73:6b:0c:
         f3:3a:8e:5f:e2:ce:ce:e6:43:d5:6c:d2:44:7a:63:b9:ca:9e:
         1a:31:8f:27:d3:61:62:a6:68:a7:3d:22:1b:9b:b8:04:f9:e1:
         ce:df:b4:75:3f:88:46:b4:6f:b8:7c:17:a9:c6:87:5c:94:94:
         2a:6c:2c:54:f1:3a:a4:79:e1:28:a9:98:5d:8d:42:e4:6c:70:
         2e:c6:ae:c1:8d:f1:c7:0c:00:a2:cf:ed:cb:bc:b2:23:51:3f:
         42:40:4b:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaDSNn2y3I2M7GNZCsLgW8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNjcyZDM5OTI5NzMxYWVkOWUwMWJjNWE5ZTZkNjgwZjQ2
NTlhMGIwHhcNMjMwMjI0MTE1NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZjMzVhYWI2MjRkMjA0MDFmNjhmMTNkYzk2NmU0MjI2NGQ1NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve1+BwnB4oLhEnYKXtbOEspncVTl
bdDD8QgNC+P7S4gDFCgSFBFXr5DELf4Xall8dGFKuZ3j9ST2Qb0DsBbpZ7x2RIWk
9mDJkeGBMG5mHinz4CToCfJLOJFifeCjnXTcDaSAHmz1M6jwMsf/8JxE0lLN3B45
NrnlR2u9QPb1vAqrXsuBAxJPbYx/HDE1vITqOAaAUZnh6Praw9/Acro0KEdTcIzV
uO2p0G6GbbOHAmX0qQFafJf4/nYQbPlQZihZ5BiP3F797FH7DRnXUfLpSTXtRT6B
fdn9XMzd/cGs5EW12WIT5qJ6vzMb5mCbwjdnXYjLtCJSFfvq42rto4DL2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB1sNaq2JNIEAfaPE9yWbkImTVQ7MB8GA1UdIwQY
MBaAFE9nLTmSlzGu2eAbxanm1oD0ZZoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDJjdE9aS1hNYTdaNEJ2RnFlYldnUFJsbWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zNWMwYjktMjg1NS00YjIwLThjODAt
N2UyODA3NTJkYTIxLzEvSFd3MXFyWWswZ1FCOW84VDNKWnVRaVpOVkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zNWMwYjktMjg1NS00YjIwLThjODAtN2UyODA3NTJkYTIx
LzEvVDJjdE9aS1hNYTdaNEJ2RnFlYldnUFJsbWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw040MA0E
AgACMAcDBQAgAUtgMA0GCSqGSIb3DQEBCwUAA4IBAQB+v5R0WADhCRkRjz4ZJ0GZ
S8LWEy7Y5jdIcvQ0ynHjaFQT6Zu34i/zaezSyiWOh151ectQ+AGN0BxICDK0IiSd
BfnUNmqOGNOOeUd381HlwM7Iy4BcsZrmW9YK0f/SFPrxoJuttC0jdkbzEAo6dch+
+VbC9zTtEC33NZoTVVX/S6JI0m8Vj52C7v4FQAFU1+WP7xATW9n949gjALWs67xz
awzzOo5f4s7O5kPVbNJEemO5yp4aMY8n02FipminPSIbm7gE+eHO37R1P4hGtG+4
fBepxodclJQqbCxU8TqkeeEoqZhdjULkbHAuxq7BjfHHDACiz+3LvLIjUT9CQEsC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org