Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/HFAEgq2mfVqvVAVVDna_R56PKJk.roa
File:                     HFAEgq2mfVqvVAVVDna_R56PKJk.roa (raw, json)
Hash identifier:          EROrJmTVDSGXzQCnZYwYuNTGNGronzsKSEWFvHfDzGE=
Subject key identifier:   1C:50:04:82:AD:A6:7D:5A:AF:54:05:55:0E:76:BF:47:9E:8F:28:99
Certificate issuer:       /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial:       018756D39F478E3CDEEAD77686A9943B1261
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/HFAEgq2mfVqvVAVVDna_R56PKJk.roa
Signing time:             Thu 06 Apr 2023 13:48:42 +0000
ROA not before:           Thu 06 Apr 2023 13:48:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207508
IP address blocks:        213.142.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Nov 2023 14:17:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:56:d3:9f:47:8e:3c:de:ea:d7:76:86:a9:94:3b:12:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
        Validity
            Not Before: Apr  6 13:48:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c500482ada67d5aaf5405550e76bf479e8f2899
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2d:0b:ee:eb:ba:0c:c5:f7:6c:46:e1:99:09:
                    0a:5c:07:de:b1:a2:1b:17:6e:6d:83:4a:ec:a5:b5:
                    7d:c4:9e:57:c5:71:00:4c:7a:90:41:ea:63:2e:74:
                    6b:b3:16:aa:98:2b:09:62:4c:33:56:e4:59:84:f9:
                    59:a4:12:d8:6e:7a:5b:f2:ee:5c:ad:e2:cc:4a:45:
                    12:94:33:03:22:e5:ef:5a:2a:ca:48:94:09:2a:33:
                    ac:ed:7f:0e:ec:3d:c2:2b:67:c9:a1:b3:08:99:81:
                    71:3f:50:46:59:39:76:61:01:bc:f2:ac:c3:e0:10:
                    1a:f7:08:02:fc:8a:5d:f0:7a:87:bf:03:3a:be:e8:
                    96:5b:49:fb:76:1e:a5:e3:19:fa:63:32:51:a4:af:
                    02:f1:55:52:b4:c5:f9:78:3a:0f:49:4b:38:c9:02:
                    0c:85:ed:dd:5b:ec:47:e4:ca:9a:31:22:31:67:85:
                    d9:af:60:80:96:c3:76:aa:ab:ef:a8:97:0a:58:bd:
                    85:76:14:a7:af:9d:5a:90:27:b0:19:78:50:69:b9:
                    be:1a:45:ed:37:b8:97:71:5f:b2:03:f8:8b:af:2c:
                    05:d5:94:47:37:89:a9:24:e3:02:af:fd:5f:2f:b7:
                    80:89:84:5d:ac:87:04:79:b1:63:8e:56:a0:a5:a1:
                    71:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:50:04:82:AD:A6:7D:5A:AF:54:05:55:0E:76:BF:47:9E:8F:28:99
            X509v3 Authority Key Identifier:
                keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/HFAEgq2mfVqvVAVVDna_R56PKJk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.142.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:26:3a:43:d7:09:e8:38:89:92:39:a0:fd:a4:76:f2:55:50:
         84:dd:a5:ac:2d:98:a7:df:d0:19:38:2e:a6:0b:23:56:d2:19:
         01:15:e5:a6:e5:8a:e9:04:ad:54:a3:ab:39:52:9b:fd:7b:f4:
         99:d9:ce:2f:ee:59:4c:a1:42:4f:da:32:f8:ae:94:08:02:31:
         80:33:12:da:ff:48:1a:ff:c5:a4:22:e5:80:e6:5a:b7:74:e1:
         84:6a:b5:1a:9f:d8:43:dd:ca:8e:fc:52:e4:3c:fb:88:66:92:
         29:d1:b6:b8:0f:33:05:6b:87:65:71:77:0d:d8:0e:46:91:35:
         ea:7d:b7:4a:12:3c:76:db:d1:0f:c0:4e:41:c8:fc:8c:2d:07:
         74:7d:18:05:ac:64:8d:2d:c5:d5:79:b3:f0:30:9f:11:77:2c:
         5d:cf:9e:fb:5c:8e:15:ec:1f:b9:5b:18:1e:e6:31:03:37:75:
         a8:e1:8e:89:fb:18:2b:89:f6:14:91:b8:9c:33:0f:d7:23:e6:
         3b:8b:05:b1:c8:79:f8:b7:64:6e:fc:2b:86:53:e5:9a:ba:7a:
         6d:0c:4a:7b:18:4e:87:6d:e4:75:c3:df:8e:85:79:bd:2e:5c:
         90:6b:4b:6b:0d:82:37:2b:df:66:eb:0c:6e:4c:ae:12:8a:69:
         e5:73:57:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdW059Hjjze6td2hqmUOxJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwNDA2MTM0ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzUwMDQ4MmFkYTY3ZDVhYWY1NDA1NTUwZTc2YmY0NzllOGYyODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC0L7uu6DMX3bEbhmQkKXAfesaIb
F25tg0rspbV9xJ5XxXEATHqQQepjLnRrsxaqmCsJYkwzVuRZhPlZpBLYbnpb8u5c
reLMSkUSlDMDIuXvWirKSJQJKjOs7X8O7D3CK2fJobMImYFxP1BGWTl2YQG88qzD
4BAa9wgC/Ipd8HqHvwM6vuiWW0n7dh6l4xn6YzJRpK8C8VVStMX5eDoPSUs4yQIM
he3dW+xH5MqaMSIxZ4XZr2CAlsN2qqvvqJcKWL2FdhSnr51akCewGXhQabm+GkXt
N7iXcV+yA/iLrywF1ZRHN4mpJOMCr/1fL7eAiYRdrIcEebFjjlagpaFxGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxQBIKtpn1ar1QFVQ52v0eejyiZMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvSEZBRWdxMm1mVnF2VkFWVkRuYV9SNTZQS0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Y6GMA0G
CSqGSIb3DQEBCwUAA4IBAQBYJjpD1wnoOImSOaD9pHbyVVCE3aWsLZin39AZOC6m
CyNW0hkBFeWm5YrpBK1Uo6s5Upv9e/SZ2c4v7llMoUJP2jL4rpQIAjGAMxLa/0ga
/8WkIuWA5lq3dOGEarUan9hD3cqO/FLkPPuIZpIp0ba4DzMFa4dlcXcN2A5GkTXq
fbdKEjx229EPwE5ByPyMLQd0fRgFrGSNLcXVebPwMJ8Rdyxdz577XI4V7B+5Wxge
5jEDN3Wo4Y6J+xgrifYUkbicMw/XI+Y7iwWxyHn4t2Ru/CuGU+WaunptDEp7GE6H
beR1w9+OhXm9LlyQa0trDYI3K99m6wxuTK4Simnlc1cs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org