Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/HNyDBHF6VwTDsQEjArvxF0pVKug.roa
File:                     HNyDBHF6VwTDsQEjArvxF0pVKug.roa (raw, json)
Hash identifier:          VKpDC1exqq+p/6mN53+t5/yhaC54oHIgCvgt2vMB8h4=
Subject key identifier:   1C:DC:83:04:71:7A:57:04:C3:B1:01:23:02:BB:F1:17:4A:55:2A:E8
Certificate issuer:       /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial:       018B81E69CBD151199B0C1011B682AFC7D98
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/HNyDBHF6VwTDsQEjArvxF0pVKug.roa
Signing time:             Mon 30 Oct 2023 18:44:16 +0000
ROA not before:           Mon 30 Oct 2023 18:44:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211588
IP address blocks:        217.119.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:81:e6:9c:bd:15:11:99:b0:c1:01:1b:68:2a:fc:7d:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
        Validity
            Not Before: Oct 30 18:44:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cdc8304717a5704c3b1012302bbf1174a552ae8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d9:9c:70:20:0e:16:6d:fd:6a:38:aa:52:42:
                    74:68:d9:48:ed:a2:97:fa:93:41:b2:5f:29:ab:5a:
                    92:cb:d0:8b:d0:ce:85:9d:18:04:12:1e:e9:d5:91:
                    53:bc:73:8a:25:d8:1b:16:81:7c:d0:7a:cd:51:6a:
                    dc:00:fd:ed:cd:cd:6c:23:15:9c:0c:12:bb:c7:66:
                    da:1f:d1:35:0e:26:4a:cc:4e:be:5c:12:57:23:4d:
                    8f:16:fe:2c:e2:d3:58:aa:86:ea:0a:cf:04:c1:4f:
                    eb:dc:97:33:6c:4a:93:bc:c9:93:dd:48:be:0e:18:
                    98:61:e8:3f:89:e0:43:3c:52:8a:ba:b7:77:e6:72:
                    65:5c:eb:d2:7a:85:d3:0b:9e:5f:b7:e5:37:73:0f:
                    9a:3f:65:b5:b1:29:fc:e4:2c:42:47:dd:71:73:69:
                    23:e4:a3:f7:ed:75:ca:15:ea:1a:e4:1d:7e:b5:ec:
                    36:52:99:9e:dd:c9:b5:28:de:23:8b:38:fb:f5:b3:
                    40:f6:3e:b1:1b:18:ab:de:67:9d:02:20:2a:af:37:
                    b6:18:07:8e:af:89:12:85:1b:e6:7f:8f:04:51:6a:
                    9b:6d:3c:76:7b:e9:01:0d:2a:84:0d:69:56:0d:bb:
                    fd:0e:3c:61:58:0b:4c:12:a5:9f:48:f1:04:e4:e5:
                    28:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:DC:83:04:71:7A:57:04:C3:B1:01:23:02:BB:F1:17:4A:55:2A:E8
            X509v3 Authority Key Identifier:
                keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/HNyDBHF6VwTDsQEjArvxF0pVKug.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.119.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:a6:11:59:dd:da:07:10:e7:47:6c:01:9e:31:70:f2:93:95:
         28:1d:98:dc:f6:25:d6:83:85:8a:9e:36:f6:ce:ba:d6:44:59:
         ca:ea:5d:0a:97:90:f2:ee:ab:ad:2c:93:4d:6c:5e:1c:c0:c2:
         73:c8:cb:8f:e8:ec:4b:fc:05:f7:dd:56:ab:2b:08:e7:b0:de:
         ab:72:20:47:b4:63:ce:7d:ba:59:7a:ba:a1:58:67:72:8b:45:
         10:60:4f:88:8d:30:3b:50:87:c5:4e:c0:60:67:72:2e:27:42:
         d0:3a:47:db:d8:f3:55:d4:c5:d5:29:5a:f3:f8:37:74:b9:02:
         1f:99:23:17:70:95:1f:2a:23:15:dc:38:be:e9:e1:66:4c:12:
         b6:28:56:a7:88:02:a5:ee:75:72:4e:07:ef:d5:01:da:a0:7f:
         42:6b:a9:4d:07:62:ad:6e:a3:0c:c5:e8:46:aa:4e:ae:97:17:
         bd:b1:52:e7:d5:a7:db:0c:34:bf:3e:a7:12:52:c9:39:fc:5d:
         f8:ec:30:fc:66:eb:bc:4b:cc:d8:d4:c7:aa:b1:d4:8a:e7:6a:
         c1:dd:39:a9:00:06:f1:ac:c2:91:a1:89:1d:c6:34:f6:73:2b:
         c5:db:d9:32:f5:a7:3b:6f:c9:a5:6a:72:b1:8f:3b:db:7d:59:
         7f:67:56:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuB5py9FRGZsMEBG2gq/H2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjMxMDMwMTg0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RjODMwNDcxN2E1NzA0YzNiMTAxMjMwMmJiZjExNzRhNTUyYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dmccCAOFm39ajiqUkJ0aNlI7aKX
+pNBsl8pq1qSy9CL0M6FnRgEEh7p1ZFTvHOKJdgbFoF80HrNUWrcAP3tzc1sIxWc
DBK7x2baH9E1DiZKzE6+XBJXI02PFv4s4tNYqobqCs8EwU/r3JczbEqTvMmT3Ui+
DhiYYeg/ieBDPFKKurd35nJlXOvSeoXTC55ft+U3cw+aP2W1sSn85CxCR91xc2kj
5KP37XXKFeoa5B1+tew2Upme3cm1KN4jizj79bNA9j6xGxir3medAiAqrze2GAeO
r4kShRvmf48EUWqbbTx2e+kBDSqEDWlWDbv9DjxhWAtMEqWfSPEE5OUo7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzcgwRxelcEw7EBIwK78RdKVSroMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvSE55REJIRjZWd1REc1FFakFydnhGMHBWS3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XePMA0G
CSqGSIb3DQEBCwUAA4IBAQA2phFZ3doHEOdHbAGeMXDyk5UoHZjc9iXWg4WKnjb2
zrrWRFnK6l0Kl5Dy7qutLJNNbF4cwMJzyMuP6OxL/AX33VarKwjnsN6rciBHtGPO
fbpZerqhWGdyi0UQYE+IjTA7UIfFTsBgZ3IuJ0LQOkfb2PNV1MXVKVrz+Dd0uQIf
mSMXcJUfKiMV3Di+6eFmTBK2KFaniAKl7nVyTgfv1QHaoH9Ca6lNB2KtbqMMxehG
qk6ulxe9sVLn1afbDDS/PqcSUsk5/F347DD8Zuu8S8zY1MeqsdSK52rB3TmpAAbx
rMKRoYkdxjT2cyvF29ky9ac7b8mlanKxjzvbfVl/Z1ZW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:06 2024 by rpki-client on console-ams.rpki-client.org