Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hgyQ-TJNJeryCrJ4QhVADSTuv4E.roa
File:                     hgyQ-TJNJeryCrJ4QhVADSTuv4E.roa (raw, json)
Hash identifier:          CuUcQPgOVEwJ+MBL+e7s9hNMCqUe8raqMaHsReafsBQ=
Subject key identifier:   86:0C:90:F9:32:4D:25:EA:F2:0A:B2:78:42:15:40:0D:24:EE:BF:81
Certificate issuer:       /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial:       0186EE5EAB7A7D0285A1E43829FD0E1E9AE1
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hgyQ-TJNJeryCrJ4QhVADSTuv4E.roa
Signing time:             Fri 17 Mar 2023 07:00:27 +0000
ROA not before:           Fri 17 Mar 2023 07:00:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57344
IP address blocks:        194.24.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ee:5e:ab:7a:7d:02:85:a1:e4:38:29:fd:0e:1e:9a:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
        Validity
            Not Before: Mar 17 07:00:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=860c90f9324d25eaf20ab2784215400d24eebf81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ed:91:3a:70:25:3a:93:27:99:0a:46:33:92:
                    87:f4:dc:5e:a7:a4:7a:f5:5e:24:99:92:c2:75:83:
                    09:4e:85:78:2a:2a:57:d6:99:cd:21:b7:db:05:0a:
                    5e:91:3d:7e:30:e3:a7:62:be:70:e7:00:98:bb:b7:
                    e3:a1:dd:72:c6:f7:91:0b:ce:25:3e:6a:eb:ba:32:
                    42:cb:03:af:76:a9:df:4b:3a:9f:c4:e4:16:63:f2:
                    2a:8f:56:17:85:5c:03:9f:b7:dc:04:e4:5d:fe:b5:
                    39:41:f3:df:91:ad:bb:94:88:38:a0:04:bd:b9:eb:
                    d4:d7:29:3d:19:5a:98:a1:de:6c:27:53:1b:39:00:
                    1d:f6:0f:aa:11:36:fc:fe:f4:01:27:3d:c6:21:1c:
                    2d:99:20:5f:a2:01:e9:b0:76:a2:5e:98:76:e7:da:
                    2b:fa:bd:a4:5d:9a:3c:b4:46:46:92:84:a0:05:47:
                    e1:d3:86:dc:42:a9:78:4d:d8:f8:89:19:94:af:9e:
                    a8:9a:ed:f1:e3:1f:ea:f7:a7:61:d5:ae:1f:0b:18:
                    72:c4:c0:f3:bd:5f:e0:ba:90:17:76:0f:05:5b:9a:
                    ab:59:2b:a4:3e:cc:de:3c:38:71:97:ee:89:1f:db:
                    ba:6b:b9:30:0f:0e:b5:53:93:8a:3f:02:fd:95:3b:
                    45:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:0C:90:F9:32:4D:25:EA:F2:0A:B2:78:42:15:40:0D:24:EE:BF:81
            X509v3 Authority Key Identifier:
                keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hgyQ-TJNJeryCrJ4QhVADSTuv4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.24.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:8a:5b:dc:11:f7:1c:75:45:74:cb:bc:44:c2:0e:23:34:b8:
         99:cb:a5:4d:de:b0:e0:5e:3a:b6:23:59:46:5e:1a:64:0c:0f:
         25:93:97:5e:c1:f3:0d:44:ea:4d:b4:ce:79:92:82:05:da:fd:
         26:33:c4:45:3a:e0:ee:d0:8a:c7:b4:b8:79:7d:2b:c6:47:c0:
         25:20:ee:f6:55:59:49:e7:74:8c:86:ca:dc:87:17:8b:53:06:
         63:81:fe:b4:e2:16:4d:2f:31:bf:0b:d5:0d:4b:1e:69:06:66:
         49:ec:df:bd:0a:02:4b:45:13:ab:c7:17:ea:2f:b9:f6:cf:58:
         ed:e7:e3:97:6d:f7:ea:b5:6e:25:7b:91:85:8d:93:91:4d:e0:
         d4:8c:ee:16:84:4f:a6:07:6e:17:24:ed:30:64:81:0c:6a:64:
         f2:b6:9c:d8:2d:d2:28:71:ff:ae:91:24:90:84:3e:fa:92:f6:
         81:d6:35:37:88:58:e8:37:48:0e:2c:a6:3c:25:6a:96:7a:a2:
         e2:cb:fd:e0:6e:4e:67:86:e1:86:04:1a:21:0c:25:3d:46:62:
         f7:7a:f0:b1:62:aa:2c:3f:3e:14:98:e2:4a:f2:b4:65:f0:3c:
         80:37:c3:19:f6:63:e8:51:04:f2:d8:c8:37:93:85:e8:04:0d:
         eb:f3:2d:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbuXqt6fQKFoeQ4Kf0OHprhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjMwMzE3MDcwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBjOTBmOTMyNGQyNWVhZjIwYWIyNzg0MjE1NDAwZDI0ZWViZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+2ROnAlOpMnmQpGM5KH9Nxep6R6
9V4kmZLCdYMJToV4KipX1pnNIbfbBQpekT1+MOOnYr5w5wCYu7fjod1yxveRC84l
PmrrujJCywOvdqnfSzqfxOQWY/Iqj1YXhVwDn7fcBORd/rU5QfPfka27lIg4oAS9
uevU1yk9GVqYod5sJ1MbOQAd9g+qETb8/vQBJz3GIRwtmSBfogHpsHaiXph259or
+r2kXZo8tEZGkoSgBUfh04bcQql4Tdj4iRmUr56omu3x4x/q96dh1a4fCxhyxMDz
vV/gupAXdg8FW5qrWSukPszePDhxl+6JH9u6a7kwDw61U5OKPwL9lTtFuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYMkPkyTSXq8gqyeEIVQA0k7r+BMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvaGd5US1USk5KZXJ5Q3JKNFFoVkFEU1R1djRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhi9MA0G
CSqGSIb3DQEBCwUAA4IBAQCailvcEfccdUV0y7xEwg4jNLiZy6VN3rDgXjq2I1lG
XhpkDA8lk5dewfMNROpNtM55koIF2v0mM8RFOuDu0IrHtLh5fSvGR8AlIO72VVlJ
53SMhsrchxeLUwZjgf604hZNLzG/C9UNSx5pBmZJ7N+9CgJLRROrxxfqL7n2z1jt
5+OXbffqtW4le5GFjZORTeDUjO4WhE+mB24XJO0wZIEMamTytpzYLdIocf+ukSSQ
hD76kvaB1jU3iFjoN0gOLKY8JWqWeqLiy/3gbk5nhuGGBBohDCU9RmL3evCxYqos
Pz4UmOJK8rRl8DyAN8MZ9mPoUQTy2Mg3k4XoBA3r8y0c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org