Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/aa4c3d-f272-47f6-a9cf-84a233369386/1/hAqMFUpkKss3tl4P02S-Tm4FkYQ.roa
File:                     hAqMFUpkKss3tl4P02S-Tm4FkYQ.roa (raw, json)
Hash identifier:          7yoBZMIImWIM/1++0henIKkxP4eZWUp6NG1Wxg4eTJo=
Subject key identifier:   84:0A:8C:15:4A:64:2A:CB:37:B6:5E:0F:D3:64:BE:4E:6E:05:91:84
Certificate issuer:       /CN=2fa8e657eeae0783da14a3da2ca74ddec15dd308
Certificate serial:       018571BA0B7585A1FB1416864E74D5CD7F51
Authority key identifier: 2F:A8:E6:57:EE:AE:07:83:DA:14:A3:DA:2C:A7:4D:DE:C1:5D:D3:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L6jmV-6uB4PaFKPaLKdN3sFd0wg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/aa4c3d-f272-47f6-a9cf-84a233369386/1/hAqMFUpkKss3tl4P02S-Tm4FkYQ.roa
Signing time:             Mon 02 Jan 2023 09:04:56 +0000
ROA not before:           Mon 02 Jan 2023 09:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43425
IP address blocks:        194.50.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:0b:75:85:a1:fb:14:16:86:4e:74:d5:cd:7f:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fa8e657eeae0783da14a3da2ca74ddec15dd308
        Validity
            Not Before: Jan  2 09:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=840a8c154a642acb37b65e0fd364be4e6e059184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ab:bb:ab:ee:ee:16:47:78:1b:85:1b:a7:56:
                    12:4a:c0:b3:fb:ec:cf:5f:87:25:04:0d:63:1c:e1:
                    e1:c8:75:cc:65:e3:33:5f:a6:32:a4:04:95:7b:4a:
                    45:d7:34:3a:63:7b:77:68:84:2e:87:c0:4c:50:e3:
                    12:6a:de:c6:93:30:38:08:02:d5:19:8d:0e:a0:1a:
                    c7:aa:10:7f:f2:c4:6a:0e:59:44:6d:31:3d:c5:73:
                    b6:6a:ff:f4:64:57:6c:40:c2:c4:d4:33:f3:be:d1:
                    a4:a9:3c:e1:24:57:ff:cf:51:8c:35:a5:37:7d:e8:
                    20:55:e4:b4:63:da:6b:d4:7a:0a:b4:88:57:3c:0e:
                    ca:6b:86:47:b9:63:9d:3a:48:9c:8a:ca:79:7d:8d:
                    c0:17:34:4a:75:33:09:25:d2:e4:7b:55:4c:44:6d:
                    54:36:44:60:c6:41:eb:f5:ba:41:82:85:93:aa:1e:
                    95:05:92:87:5f:84:5c:2a:99:f9:df:b6:e3:96:28:
                    4d:2f:8e:76:d3:c8:67:e6:0a:6a:c2:fe:6a:41:6b:
                    db:6d:20:7c:df:45:fd:6f:12:60:35:03:f2:65:33:
                    e1:cf:c1:23:1e:90:8b:d1:fa:c8:ac:b2:76:01:a7:
                    39:a0:14:18:9a:a9:69:e6:99:7c:0e:f1:ce:e8:55:
                    10:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:0A:8C:15:4A:64:2A:CB:37:B6:5E:0F:D3:64:BE:4E:6E:05:91:84
            X509v3 Authority Key Identifier:
                keyid:2F:A8:E6:57:EE:AE:07:83:DA:14:A3:DA:2C:A7:4D:DE:C1:5D:D3:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6jmV-6uB4PaFKPaLKdN3sFd0wg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/aa4c3d-f272-47f6-a9cf-84a233369386/1/hAqMFUpkKss3tl4P02S-Tm4FkYQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/aa4c3d-f272-47f6-a9cf-84a233369386/1/L6jmV-6uB4PaFKPaLKdN3sFd0wg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:fb:61:90:95:60:59:9b:14:32:e8:81:fb:b3:bc:fb:e0:ee:
         01:dc:7b:42:fd:b8:b1:3a:3c:22:1a:d5:0a:eb:a6:c1:ee:91:
         53:60:5f:ab:45:4b:42:4c:0d:93:3f:db:14:14:74:4b:7d:9f:
         3f:8f:d9:1b:ca:74:4f:c6:4e:fc:63:92:73:53:bc:ac:79:de:
         a7:ac:da:99:a6:e2:c0:15:03:7e:59:3e:12:a4:ee:d8:4c:53:
         6a:fe:db:48:31:19:57:f2:ca:c2:52:96:2a:fb:23:f2:c8:8b:
         95:c4:e1:37:e3:a9:1d:7d:c4:f8:90:c0:c5:3d:f5:13:c2:23:
         33:6a:37:88:13:d8:fe:c8:98:f8:63:4a:b3:3a:e8:16:c2:18:
         5f:49:ca:37:48:60:6d:12:30:b2:5f:d1:8f:57:57:2d:02:81:
         f7:b9:a2:f5:85:f3:b9:db:06:07:0d:17:b6:4f:f2:de:b0:ed:
         63:1c:dc:d7:30:20:9c:49:12:f1:05:df:e0:b9:4f:47:5b:ad:
         5f:dc:de:4f:c9:0e:66:5a:1d:4b:39:e2:70:b0:00:a9:a7:ad:
         64:71:11:de:20:78:ff:f3:05:00:a2:1a:b5:b8:d4:9f:ae:5b:
         86:29:95:7a:ab:70:04:b0:ca:a9:93:88:12:22:f3:dd:85:f6:
         dc:e5:e0:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxugt1haH7FBaGTnTVzX9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYThlNjU3ZWVhZTA3ODNkYTE0YTNkYTJjYTc0ZGRlYzE1
ZGQzMDgwHhcNMjMwMTAyMDkwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBhOGMxNTRhNjQyYWNiMzdiNjVlMGZkMzY0YmU0ZTZlMDU5MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6u7q+7uFkd4G4Ubp1YSSsCz++zP
X4clBA1jHOHhyHXMZeMzX6YypASVe0pF1zQ6Y3t3aIQuh8BMUOMSat7GkzA4CALV
GY0OoBrHqhB/8sRqDllEbTE9xXO2av/0ZFdsQMLE1DPzvtGkqTzhJFf/z1GMNaU3
feggVeS0Y9pr1HoKtIhXPA7Ka4ZHuWOdOkicisp5fY3AFzRKdTMJJdLke1VMRG1U
NkRgxkHr9bpBgoWTqh6VBZKHX4RcKpn537bjlihNL45208hn5gpqwv5qQWvbbSB8
30X9bxJgNQPyZTPhz8EjHpCL0frIrLJ2Aac5oBQYmqlp5pl8DvHO6FUQ2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQKjBVKZCrLN7ZeD9Nkvk5uBZGEMB8GA1UdIwQY
MBaAFC+o5lfurgeD2hSj2iynTd7BXdMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZqbVYtNnVCNFBhRktQYUxLZE4zc0ZkMHdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hYTRjM2QtZjI3Mi00N2Y2LWE5Y2Yt
ODRhMjMzMzY5Mzg2LzEvaEFxTUZVcGtLc3MzdGw0UDAyUy1UbTRGa1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hYTRjM2QtZjI3Mi00N2Y2LWE5Y2YtODRhMjMzMzY5Mzg2
LzEvTDZqbVYtNnVCNFBhRktQYUxLZE4zc0ZkMHdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjKzMA0G
CSqGSIb3DQEBCwUAA4IBAQCn+2GQlWBZmxQy6IH7s7z74O4B3HtC/bixOjwiGtUK
66bB7pFTYF+rRUtCTA2TP9sUFHRLfZ8/j9kbynRPxk78Y5JzU7ysed6nrNqZpuLA
FQN+WT4SpO7YTFNq/ttIMRlX8srCUpYq+yPyyIuVxOE346kdfcT4kMDFPfUTwiMz
ajeIE9j+yJj4Y0qzOugWwhhfSco3SGBtEjCyX9GPV1ctAoH3uaL1hfO52wYHDRe2
T/LesO1jHNzXMCCcSRLxBd/guU9HW61f3N5PyQ5mWh1LOeJwsACpp61kcRHeIHj/
8wUAohq1uNSfrluGKZV6q3AEsMqpk4gSIvPdhfbc5eBZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:04 2024 by rpki-client on console-fra.rpki-client.org