Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/HNo6xNZnk-nFhAGg_6AhFqLHGc8.roa
File:                     HNo6xNZnk-nFhAGg_6AhFqLHGc8.roa (raw, json)
Hash identifier:          8nCDKNPub9h5gP7NdjMHxtUACUiTZsHPFMiZBF7efaA=
Subject key identifier:   1C:DA:3A:C4:D6:67:93:E9:C5:84:01:A0:FF:A0:21:16:A2:C7:19:CF
Certificate issuer:       /CN=2cc25ff32918f0b49306259d483afb9e381a3915
Certificate serial:       018570674EBF14D465D624CDC96708894286
Authority key identifier: 2C:C2:5F:F3:29:18:F0:B4:93:06:25:9D:48:3A:FB:9E:38:1A:39:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/HNo6xNZnk-nFhAGg_6AhFqLHGc8.roa
Signing time:             Mon 02 Jan 2023 02:54:56 +0000
ROA not before:           Mon 02 Jan 2023 02:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51274
IP address blocks:        185.158.172.0/24 maxlen: 24
                          185.158.174.0/24 maxlen: 24
                          185.158.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 16 Jul 2023 11:11:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:4e:bf:14:d4:65:d6:24:cd:c9:67:08:89:42:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cc25ff32918f0b49306259d483afb9e381a3915
        Validity
            Not Before: Jan  2 02:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cda3ac4d66793e9c58401a0ffa02116a2c719cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:2e:0f:6d:71:0c:e4:bc:03:55:16:96:cc:e2:
                    0f:af:18:d5:1e:dc:cd:f5:56:0d:d0:4a:55:48:aa:
                    54:1c:26:df:3b:1f:37:3f:1c:20:1a:1f:22:74:0b:
                    1b:f0:a9:c8:c5:56:6c:00:8d:6f:8f:18:54:ab:7c:
                    c1:47:2c:2d:62:69:e7:c7:35:2f:da:0d:1b:e0:f3:
                    69:61:07:dc:25:a4:1f:12:8d:c8:cd:53:61:35:64:
                    6d:f5:fb:b2:ef:4e:cf:d8:48:07:d2:7a:ed:2d:93:
                    c0:2d:a3:b5:12:60:18:1a:87:85:bd:aa:14:cb:4a:
                    08:3a:d2:63:11:ae:22:8f:21:0c:72:84:1f:54:f4:
                    30:64:a5:f9:f7:07:6a:77:6d:d0:89:ce:67:f8:24:
                    89:c0:bf:5a:fc:0a:64:a2:0a:9b:e3:df:96:19:06:
                    cf:05:70:a5:a8:b8:54:cc:44:0a:00:71:a9:6a:7c:
                    92:a2:7c:a4:ad:ca:93:44:c5:98:86:84:f7:f1:9b:
                    5d:d3:c2:3d:3a:a9:ab:96:8d:22:2f:19:d1:9f:5a:
                    3b:4e:dc:64:af:14:22:64:01:0e:74:47:bb:b5:c4:
                    5c:e7:8c:2c:aa:1c:93:12:df:16:04:f6:63:0b:b9:
                    f0:15:f3:65:05:ac:70:e4:b1:90:9b:46:08:b2:d0:
                    6e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:DA:3A:C4:D6:67:93:E9:C5:84:01:A0:FF:A0:21:16:A2:C7:19:CF
            X509v3 Authority Key Identifier:
                keyid:2C:C2:5F:F3:29:18:F0:B4:93:06:25:9D:48:3A:FB:9E:38:1A:39:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/HNo6xNZnk-nFhAGg_6AhFqLHGc8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/LMJf8ykY8LSTBiWdSDr7njgaORU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.158.172.0-185.158.174.255

    Signature Algorithm: sha256WithRSAEncryption
         5e:d5:ed:51:75:62:4f:53:99:fe:61:e7:4d:ed:8b:5f:e7:9c:
         71:79:7b:7f:01:b1:58:99:a8:aa:16:eb:08:fd:51:b3:d9:4d:
         a3:94:1e:c9:53:50:9c:95:b7:09:30:cc:e1:9a:6e:0f:02:e7:
         0e:c4:2c:8b:2f:e6:d3:d0:3c:20:30:22:4c:65:a9:1b:cd:f1:
         53:11:d8:db:39:c3:f4:56:2d:d3:14:29:9d:74:55:10:2b:41:
         10:74:e1:d5:a3:a9:7c:bd:05:b8:b3:45:e4:e7:bf:60:bd:84:
         8d:27:3d:0b:cf:da:a7:a0:fe:a4:12:ef:66:62:e9:16:df:c9:
         ec:b5:5f:31:ab:b5:f2:56:7a:05:b3:02:ad:2f:7c:b1:b5:e3:
         c4:cc:9c:ff:17:7d:5a:1d:d5:b9:1e:62:40:b9:e1:cf:c7:91:
         64:df:fb:91:f1:b2:b7:8b:e4:51:63:22:06:ac:f0:5c:05:52:
         0b:d1:92:29:a9:bb:0b:f8:b2:2b:56:82:bc:1e:d9:90:69:a1:
         53:2d:8b:c5:53:3d:17:a7:fb:23:bd:af:91:a3:e6:d8:9a:86:
         1f:f4:f4:09:1c:f9:e6:19:04:83:94:8c:fc:fb:b3:b2:e1:e7:
         22:64:88:8b:e0:e8:c4:6f:3f:55:75:ea:1d:99:5c:87:ae:7a:
         5f:91:33:81
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwZ06/FNRl1iTNyWcIiUKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYzI1ZmYzMjkxOGYwYjQ5MzA2MjU5ZDQ4M2FmYjllMzgx
YTM5MTUwHhcNMjMwMTAyMDI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RhM2FjNGQ2Njc5M2U5YzU4NDAxYTBmZmEwMjExNmEyYzcxOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC4PbXEM5LwDVRaWzOIPrxjVHtzN
9VYN0EpVSKpUHCbfOx83PxwgGh8idAsb8KnIxVZsAI1vjxhUq3zBRywtYmnnxzUv
2g0b4PNpYQfcJaQfEo3IzVNhNWRt9fuy707P2EgH0nrtLZPALaO1EmAYGoeFvaoU
y0oIOtJjEa4ijyEMcoQfVPQwZKX59wdqd23Qic5n+CSJwL9a/Apkogqb49+WGQbP
BXClqLhUzEQKAHGpanySonykrcqTRMWYhoT38Ztd08I9Oqmrlo0iLxnRn1o7Ttxk
rxQiZAEOdEe7tcRc54wsqhyTEt8WBPZjC7nwFfNlBaxw5LGQm0YIstBuEwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBzaOsTWZ5PpxYQBoP+gIRaixxnPMB8GA1UdIwQY
MBaAFCzCX/MpGPC0kwYlnUg6+544GjkVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE1KZjh5a1k4TFNUQmlXZFNEcjduamdhT1JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xMjc3ZWMtMTU2YS00NmM0LTlmMDMt
ZTI1NzUxYjNmZmQ1LzEvSE5vNnhOWm5rLW5GaEFHZ182QWhGcUxIR2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xMjc3ZWMtMTU2YS00NmM0LTlmMDMtZTI1NzUxYjNmZmQ1
LzEvTE1KZjh5a1k4TFNUQmlXZFNEcjduamdhT1JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5nqwD
BAC5nq4wDQYJKoZIhvcNAQELBQADggEBAF7V7VF1Yk9Tmf5h503ti1/nnHF5e38B
sViZqKoW6wj9UbPZTaOUHslTUJyVtwkwzOGabg8C5w7ELIsv5tPQPCAwIkxlqRvN
8VMR2Ns5w/RWLdMUKZ10VRArQRB04dWjqXy9BbizReTnv2C9hI0nPQvP2qeg/qQS
72Zi6Rbfyey1XzGrtfJWegWzAq0vfLG148TMnP8XfVod1bkeYkC54c/HkWTf+5Hx
sreL5FFjIgas8FwFUgvRkimpuwv4sitWgrwe2ZBpoVMti8VTPRen+yO9r5Gj5tia
hh/09Akc+eYZBIOUjPz7s7Lh5yJkiIvg6MRvP1V16h2ZXIeuel+RM4E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:15 2024 by rpki-client on console-fra.rpki-client.org