Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HLkRWVpkanHiJmtgzS4nOe3qBlo.roa
File:                     HLkRWVpkanHiJmtgzS4nOe3qBlo.roa (raw, json)
Hash identifier:          /Jx64LMKOkY3o7g25Vvop+J/vyDH9u18ah1HTZry6hw=
Subject key identifier:   1C:B9:11:59:5A:64:6A:71:E2:26:6B:60:CD:2E:27:39:ED:EA:06:5A
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01875FD1444E9F4B33E5B447663AA5AB35D8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HLkRWVpkanHiJmtgzS4nOe3qBlo.roa
Signing time:             Sat 08 Apr 2023 07:42:42 +0000
ROA not before:           Sat 08 Apr 2023 07:42:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     17447
IP address blocks:        93.115.254.0/24 maxlen: 24
                          89.34.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Apr 2023 08:36:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:5f:d1:44:4e:9f:4b:33:e5:b4:47:66:3a:a5:ab:35:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr  8 07:42:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cb911595a646a71e2266b60cd2e2739edea065a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:a2:dc:d8:91:c1:0a:a2:4e:ba:ac:e1:d7:14:
                    d7:0a:5e:12:a3:da:a6:01:9f:55:42:4c:8a:6e:f4:
                    5e:0a:30:e6:e0:fb:4d:f7:a3:42:14:bb:69:17:d0:
                    f2:e5:5a:d0:a8:c2:57:14:7b:5e:85:6b:6c:7a:6c:
                    c8:a4:4a:13:17:8d:e0:3d:47:a3:f5:40:12:bc:f2:
                    d6:1a:01:f1:a9:fd:76:cb:ec:3b:1e:e9:6f:22:2a:
                    3d:79:7b:cd:9e:ad:af:03:aa:53:6a:d6:a4:23:be:
                    99:78:a3:55:b3:bc:14:a8:73:ad:29:a4:92:5d:9b:
                    cf:cb:4e:6e:df:81:b2:f7:c8:d0:94:ab:47:6a:c8:
                    a9:e0:c8:94:6a:51:d6:54:66:87:00:1c:38:24:04:
                    c8:f8:fa:98:1a:e8:93:a4:c5:15:69:33:19:55:8e:
                    ac:0a:af:1f:0f:95:08:ee:af:03:6c:7b:7e:c6:dc:
                    07:11:25:97:94:df:0d:93:e0:c9:08:45:43:97:4d:
                    61:3d:93:10:bf:cd:e7:53:21:c7:60:f7:f4:cb:5e:
                    86:3a:1d:75:19:92:d9:7c:e0:d4:de:22:65:57:4f:
                    7d:a5:44:54:ac:79:33:fb:d5:38:03:bc:34:85:f9:
                    74:68:40:62:cd:8b:64:6e:d1:d5:44:e1:74:57:be:
                    54:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B9:11:59:5A:64:6A:71:E2:26:6B:60:CD:2E:27:39:ED:EA:06:5A
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HLkRWVpkanHiJmtgzS4nOe3qBlo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.34.126.0/24
                  93.115.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:c6:f8:8c:ef:c5:3a:0c:46:a5:30:9a:2b:5c:14:62:5e:cd:
         19:ea:0f:6d:b4:95:24:51:74:d5:d8:28:18:f0:56:a6:0f:bf:
         ae:c2:97:dc:62:ef:20:aa:3c:ca:7e:a6:97:1d:2c:cb:62:a4:
         93:91:25:f1:4e:29:41:c0:90:ba:56:7e:1a:dd:23:ce:e1:4b:
         bc:75:eb:f2:c8:c8:ba:f3:3c:b8:c4:6c:df:95:1a:49:a3:5b:
         f5:ae:3e:a7:31:40:e5:39:33:bd:42:a9:2b:ce:f3:ef:2f:76:
         60:ed:f0:91:72:37:21:72:f6:4e:d7:cf:21:8f:61:36:25:81:
         76:93:43:17:bc:15:e3:5f:0e:66:8a:eb:dd:49:b8:3c:3a:e6:
         04:8c:68:50:f2:2c:de:bc:ec:ab:74:a9:93:7c:a7:39:0b:cb:
         fc:6c:08:0e:ab:3f:db:18:cf:45:e3:33:1e:bd:20:1b:a4:2a:
         81:bf:ab:bf:af:23:3e:25:d1:f8:9e:d2:ec:0b:a1:06:1a:86:
         eb:69:ec:76:6e:19:13:43:5f:59:6f:5d:4b:af:6d:d7:6b:ea:
         41:41:50:fb:f1:e6:51:1f:3d:66:8e:8e:40:8c:74:dc:f0:66:
         58:a9:ff:72:28:d7:9d:80:86:a0:ff:08:b0:4c:aa:75:26:8f:
         b5:13:ed:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdf0UROn0sz5bRHZjqlqzXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA4MDc0MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2I5MTE1OTVhNjQ2YTcxZTIyNjZiNjBjZDJlMjczOWVkZWEwNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26Lc2JHBCqJOuqzh1xTXCl4So9qm
AZ9VQkyKbvReCjDm4PtN96NCFLtpF9Dy5VrQqMJXFHtehWtsemzIpEoTF43gPUej
9UASvPLWGgHxqf12y+w7HulvIio9eXvNnq2vA6pTatakI76ZeKNVs7wUqHOtKaSS
XZvPy05u34Gy98jQlKtHasip4MiUalHWVGaHABw4JATI+PqYGuiTpMUVaTMZVY6s
Cq8fD5UI7q8DbHt+xtwHESWXlN8Nk+DJCEVDl01hPZMQv83nUyHHYPf0y16GOh11
GZLZfODU3iJlV099pURUrHkz+9U4A7w0hfl0aEBizYtkbtHVROF0V75UWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBy5EVlaZGpx4iZrYM0uJznt6gZaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSExrUldWcGthbkhpSm10Z3pTNG5PZTNxQmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSJ+AwQA
XXP+MA0GCSqGSIb3DQEBCwUAA4IBAQANxviM78U6DEalMJorXBRiXs0Z6g9ttJUk
UXTV2CgY8FamD7+uwpfcYu8gqjzKfqaXHSzLYqSTkSXxTilBwJC6Vn4a3SPO4Uu8
devyyMi68zy4xGzflRpJo1v1rj6nMUDlOTO9QqkrzvPvL3Zg7fCRcjchcvZO188h
j2E2JYF2k0MXvBXjXw5miuvdSbg8OuYEjGhQ8izevOyrdKmTfKc5C8v8bAgOqz/b
GM9F4zMevSAbpCqBv6u/ryM+JdH4ntLsC6EGGobraex2bhkTQ19Zb11Lr23Xa+pB
QVD78eZRHz1mjo5AjHTc8GZYqf9yKNedgIag/wiwTKp1Jo+1E+1p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org