Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/9ae9ad-6a8c-47cb-bdd1-57d8030b61e1/1/HMDB4u2T08lXRenppgxlHtPHy_w.roa
File:                     HMDB4u2T08lXRenppgxlHtPHy_w.roa (raw, json)
Hash identifier:          e6lRb4EdP9YhXnI9wzA5/Kr3nvOhEoPRdms7KY/3qQE=
Subject key identifier:   1C:C0:C1:E2:ED:93:D3:C9:57:45:E9:E9:A6:0C:65:1E:D3:C7:CB:FC
Certificate issuer:       /CN=92214a90d4095fd26765cc0e4df899e8c46c06df
Certificate serial:       01856FF042B360C39AE6DC160198986EDEA4
Authority key identifier: 92:21:4A:90:D4:09:5F:D2:67:65:CC:0E:4D:F8:99:E8:C4:6C:06:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiFKkNQJX9JnZcwOTfiZ6MRsBt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/9ae9ad-6a8c-47cb-bdd1-57d8030b61e1/1/HMDB4u2T08lXRenppgxlHtPHy_w.roa
Signing time:             Mon 02 Jan 2023 00:44:54 +0000
ROA not before:           Mon 02 Jan 2023 00:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206978
IP address blocks:        185.196.29.0/24 maxlen: 24
                          2a03:e440::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:42:b3:60:c3:9a:e6:dc:16:01:98:98:6e:de:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92214a90d4095fd26765cc0e4df899e8c46c06df
        Validity
            Not Before: Jan  2 00:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cc0c1e2ed93d3c95745e9e9a60c651ed3c7cbfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b8:b4:ea:fc:7b:f7:6a:fe:57:14:f5:98:cc:
                    a4:6a:f0:d2:32:92:25:06:c2:a6:0f:6e:b5:25:58:
                    58:d1:de:9f:70:f2:7b:3d:6b:93:c3:92:4f:93:60:
                    91:28:9e:0f:08:d5:c1:53:6f:71:27:dd:34:dd:9b:
                    7d:26:8d:6f:86:db:e6:60:33:f8:21:e1:df:e6:4a:
                    85:c1:b1:7d:94:6f:9b:02:c3:12:0b:3d:4f:86:e1:
                    c5:3d:f6:2a:36:76:79:ac:b2:62:c7:47:47:76:d8:
                    e8:bc:b0:1b:e1:0f:a6:e1:4b:bb:8f:08:80:06:c6:
                    2f:35:d8:90:e0:19:f2:e5:e9:27:cf:25:5e:07:ec:
                    85:27:ec:06:36:46:82:44:b9:18:43:57:74:5c:c7:
                    66:e6:ae:a9:81:bb:a3:c1:1d:c1:da:3c:64:a0:4c:
                    c2:57:9d:6d:37:6e:5c:1a:bd:47:9e:1b:7a:f8:8b:
                    6e:a7:f0:45:0a:97:7e:4a:ba:81:8b:de:7e:16:84:
                    e6:4b:4f:26:ef:aa:06:04:a9:de:f9:24:8b:16:58:
                    6e:aa:17:ce:88:86:e0:38:32:4d:88:12:48:01:8d:
                    ee:d9:59:af:d9:df:f1:2e:73:63:9c:96:1f:08:c9:
                    05:6f:d9:42:9c:16:3c:01:db:0c:2e:95:6a:a2:d4:
                    04:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:C0:C1:E2:ED:93:D3:C9:57:45:E9:E9:A6:0C:65:1E:D3:C7:CB:FC
            X509v3 Authority Key Identifier:
                keyid:92:21:4A:90:D4:09:5F:D2:67:65:CC:0E:4D:F8:99:E8:C4:6C:06:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiFKkNQJX9JnZcwOTfiZ6MRsBt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/9ae9ad-6a8c-47cb-bdd1-57d8030b61e1/1/HMDB4u2T08lXRenppgxlHtPHy_w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/9ae9ad-6a8c-47cb-bdd1-57d8030b61e1/1/kiFKkNQJX9JnZcwOTfiZ6MRsBt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.196.29.0/24
                IPv6:
                  2a03:e440::/29

    Signature Algorithm: sha256WithRSAEncryption
         a6:89:5c:0f:23:c6:c9:3d:ec:10:a6:16:0e:d6:16:70:12:72:
         46:1d:5b:c7:d9:2d:fa:e2:28:52:bd:23:3e:0c:0d:22:94:c4:
         2a:76:a2:97:7b:d7:d2:a1:5c:f2:36:33:ce:93:98:56:1f:db:
         a4:27:26:e4:97:d6:3f:39:bf:74:41:27:c7:6b:ea:7a:56:8a:
         99:29:58:58:82:4a:79:c4:6f:ad:d0:8a:a9:bc:cb:b7:4d:19:
         ba:eb:9c:06:e2:8a:35:9d:57:3d:5c:17:b6:b3:5e:97:db:ae:
         ef:e0:96:dc:c5:9c:49:07:5c:c6:2a:99:3f:08:52:cc:24:58:
         3e:3b:a7:0b:0f:78:b7:7d:0f:8c:f5:be:9d:66:da:61:09:52:
         43:90:c1:c6:69:14:cd:1a:78:7c:da:d2:00:48:9f:d3:f3:e3:
         6b:bf:59:9a:42:c8:2f:6c:52:5b:ec:0a:19:52:6c:9a:9c:fa:
         70:cb:28:27:16:11:ca:47:a5:24:ff:32:20:7e:3e:3c:13:95:
         78:c2:ba:fd:1a:ca:2c:d1:fb:a1:ec:61:00:0d:84:71:8a:61:
         50:b8:6a:12:25:35:f7:a8:04:3d:20:3a:b2:a8:4a:c4:6d:c2:
         cd:3b:c0:ad:bf:a2:ef:81:9b:ae:4d:d8:c5:36:4b:c4:c2:b9:
         fe:f7:6e:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv8EKzYMOa5twWAZiYbt6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjE0YTkwZDQwOTVmZDI2NzY1Y2MwZTRkZjg5OWU4YzQ2
YzA2ZGYwHhcNMjMwMTAyMDA0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2MwYzFlMmVkOTNkM2M5NTc0NWU5ZTlhNjBjNjUxZWQzYzdjYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7i06vx792r+VxT1mMykavDSMpIl
BsKmD261JVhY0d6fcPJ7PWuTw5JPk2CRKJ4PCNXBU29xJ9003Zt9Jo1vhtvmYDP4
IeHf5kqFwbF9lG+bAsMSCz1PhuHFPfYqNnZ5rLJix0dHdtjovLAb4Q+m4Uu7jwiA
BsYvNdiQ4Bny5eknzyVeB+yFJ+wGNkaCRLkYQ1d0XMdm5q6pgbujwR3B2jxkoEzC
V51tN25cGr1Hnht6+Itup/BFCpd+SrqBi95+FoTmS08m76oGBKne+SSLFlhuqhfO
iIbgODJNiBJIAY3u2Vmv2d/xLnNjnJYfCMkFb9lCnBY8AdsMLpVqotQELwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBzAweLtk9PJV0Xp6aYMZR7Tx8v8MB8GA1UdIwQY
MBaAFJIhSpDUCV/SZ2XMDk34mejEbAbfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lGS2tOUUpYOUpuWmN3T1RmaVo2TVJzQnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi85YWU5YWQtNmE4Yy00N2NiLWJkZDEt
NTdkODAzMGI2MWUxLzEvSE1EQjR1MlQwOGxYUmVucHBneGxIdFBIeV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi85YWU5YWQtNmE4Yy00N2NiLWJkZDEtNTdkODAzMGI2MWUx
LzEva2lGS2tOUUpYOUpuWmN3T1RmaVo2TVJzQnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucQdMA0E
AgACMAcDBQMqA+RAMA0GCSqGSIb3DQEBCwUAA4IBAQCmiVwPI8bJPewQphYO1hZw
EnJGHVvH2S364ihSvSM+DA0ilMQqdqKXe9fSoVzyNjPOk5hWH9ukJybkl9Y/Ob90
QSfHa+p6VoqZKVhYgkp5xG+t0IqpvMu3TRm665wG4oo1nVc9XBe2s16X267v4Jbc
xZxJB1zGKpk/CFLMJFg+O6cLD3i3fQ+M9b6dZtphCVJDkMHGaRTNGnh82tIASJ/T
8+Nrv1maQsgvbFJb7AoZUmyanPpwyygnFhHKR6Uk/zIgfj48E5V4wrr9Gsos0fuh
7GEADYRximFQuGoSJTX3qAQ9IDqyqErEbcLNO8Ctv6LvgZuuTdjFNkvEwrn+926Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:22 2024 by rpki-client on console-ams.rpki-client.org