Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hyQr-y5UBiseU48uykOzHQWnq6M.roa
File:                     hyQr-y5UBiseU48uykOzHQWnq6M.roa (raw, json)
Hash identifier:          /ow7jpCYBsJ29WsB90Knq5mUpHKfISEtOUsSLjKrNOQ=
Subject key identifier:   87:24:2B:FB:2E:54:06:2B:1E:53:8F:2E:CA:43:B3:1D:05:A7:AB:A3
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018612368A3D9B3907708C43011D1A03F08C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hyQr-y5UBiseU48uykOzHQWnq6M.roa
Signing time:             Thu 02 Feb 2023 13:00:09 +0000
ROA not before:           Thu 02 Feb 2023 13:00:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211440
IP address blocks:        78.142.241.0/24 maxlen: 24
                          203.0.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 29 Jun 2023 18:09:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:12:36:8a:3d:9b:39:07:70:8c:43:01:1d:1a:03:f0:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb  2 13:00:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87242bfb2e54062b1e538f2eca43b31d05a7aba3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a8:8e:08:c9:4e:da:f5:ae:2d:5a:60:98:06:
                    70:a7:90:c1:3c:e7:9d:95:6e:e1:b4:12:98:39:15:
                    4b:f6:b7:7d:51:9a:1a:f7:5d:2f:8b:01:51:31:e7:
                    13:c1:8e:6f:a6:65:12:b3:ae:95:7c:84:b9:b5:2f:
                    29:68:93:34:f9:5a:aa:89:df:b9:dc:11:69:c1:21:
                    27:a9:1b:df:55:3c:ee:74:7f:8b:c9:b9:61:39:93:
                    1f:9d:74:0a:56:8d:f7:07:42:b3:9e:31:93:de:72:
                    39:0c:e5:46:f2:4a:6a:7a:90:9e:90:fe:f1:ee:2d:
                    f3:47:4b:ae:8a:58:d4:e7:21:be:ad:ea:2f:62:0b:
                    dc:c0:52:8c:27:16:e7:59:02:e9:d2:77:ed:42:fb:
                    ac:73:c3:c4:9a:76:e7:dc:fb:bd:e0:a7:89:52:ba:
                    32:26:d2:3f:04:d6:c0:67:cf:6a:71:a7:f1:f1:93:
                    b9:ae:ef:3e:26:ee:b6:27:88:fa:ee:ca:4b:f5:2a:
                    1a:e4:77:65:ea:55:73:48:32:26:79:8b:bb:da:aa:
                    5e:05:80:58:1e:e5:75:71:38:23:35:34:32:bf:c0:
                    1c:0d:61:37:57:f3:b8:38:b8:68:34:bf:51:68:1e:
                    c9:22:6a:b9:66:5e:06:34:3b:85:c1:19:25:e4:80:
                    4b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:24:2B:FB:2E:54:06:2B:1E:53:8F:2E:CA:43:B3:1D:05:A7:AB:A3
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hyQr-y5UBiseU48uykOzHQWnq6M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.142.241.0/24
                  203.0.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:6c:04:8d:06:74:4a:c3:1f:bb:57:4b:d9:6c:90:15:96:98:
         a3:75:84:3d:86:a9:31:ca:1b:e9:48:c0:ed:18:72:94:c3:f9:
         11:77:34:ab:0e:70:60:49:9c:59:fa:61:cf:d3:7f:7e:7c:a2:
         9a:41:57:cf:72:cc:87:12:e6:9b:d2:69:f8:e6:c3:8d:1d:1d:
         0a:c1:4c:ab:88:d2:43:2e:24:6c:74:aa:59:f6:47:b5:f9:75:
         f6:14:db:f5:92:fe:0b:88:e5:bc:e6:9f:d8:b0:72:c9:3d:47:
         9a:be:2f:81:1b:59:6f:2a:0a:4f:a7:53:f7:6b:e5:94:da:14:
         05:d9:34:33:a1:53:c4:80:a8:25:b5:ad:ad:6c:ca:4c:76:a6:
         55:cb:37:92:83:3e:b4:8a:43:95:0b:f7:2c:21:16:fa:d3:a0:
         b9:1c:16:c4:11:11:2e:a8:a5:c3:c4:c9:98:a4:fa:45:5f:ae:
         89:af:c4:2a:3f:0c:9b:aa:08:25:ea:f7:56:cf:7e:c5:c5:75:
         10:2f:5e:ee:9e:37:d7:40:a7:89:07:88:b7:5d:bb:e0:28:31:
         d3:b3:cb:ea:f4:51:d7:0e:d5:8b:8c:0f:3a:7c:c4:b0:be:24:
         f7:87:2c:7b:9f:7b:de:6f:bd:bd:7f:09:cc:3f:5a:41:69:52:
         d5:05:b1:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYSNoo9mzkHcIxDAR0aA/CMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAyMTMwMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI0MmJmYjJlNTQwNjJiMWU1MzhmMmVjYTQzYjMxZDA1YTdhYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qiOCMlO2vWuLVpgmAZwp5DBPOed
lW7htBKYORVL9rd9UZoa910viwFRMecTwY5vpmUSs66VfIS5tS8paJM0+Vqqid+5
3BFpwSEnqRvfVTzudH+LyblhOZMfnXQKVo33B0KznjGT3nI5DOVG8kpqepCekP7x
7i3zR0uuiljU5yG+reovYgvcwFKMJxbnWQLp0nftQvusc8PEmnbn3Pu94KeJUroy
JtI/BNbAZ89qcafx8ZO5ru8+Ju62J4j67spL9Soa5Hdl6lVzSDImeYu72qpeBYBY
HuV1cTgjNTQyv8AcDWE3V/O4OLhoNL9RaB7JImq5Zl4GNDuFwRkl5IBLxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIckK/suVAYrHlOPLspDsx0Fp6ujMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaHlRci15NVVCaXNlVTQ4dXlrT3pIUVducTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATo7xAwQA
ywAJMA0GCSqGSIb3DQEBCwUAA4IBAQAbbASNBnRKwx+7V0vZbJAVlpijdYQ9hqkx
yhvpSMDtGHKUw/kRdzSrDnBgSZxZ+mHP039+fKKaQVfPcsyHEuab0mn45sONHR0K
wUyriNJDLiRsdKpZ9ke1+XX2FNv1kv4LiOW85p/YsHLJPUeavi+BG1lvKgpPp1P3
a+WU2hQF2TQzoVPEgKglta2tbMpMdqZVyzeSgz60ikOVC/csIRb606C5HBbEEREu
qKXDxMmYpPpFX66Jr8QqPwybqggl6vdWz37FxXUQL17unjfXQKeJB4i3XbvgKDHT
s8vq9FHXDtWLjA86fMSwviT3hyx7n3veb729fwnMP1pBaVLVBbH+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:47 2024 by rpki-client on console-fra.rpki-client.org