Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/hlyFgZl17U5Pyq-nPaYix5brSVo.roa
File:                     hlyFgZl17U5Pyq-nPaYix5brSVo.roa (raw, json)
Hash identifier:          v4sU5saIZeiNet1s00P/H7G+5TGKnt+owaZtWarx4m8=
Subject key identifier:   86:5C:85:81:99:75:ED:4E:4F:CA:AF:A7:3D:A6:22:C7:96:EB:49:5A
Certificate issuer:       /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial:       018699B69C3F7AE784191C1313C1E3DBC191
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/hlyFgZl17U5Pyq-nPaYix5brSVo.roa
Signing time:             Tue 28 Feb 2023 20:28:46 +0000
ROA not before:           Tue 28 Feb 2023 20:28:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210289
IP address blocks:        195.177.230.0/24 maxlen: 24
                          195.177.231.0/24 maxlen: 24
                          195.178.104.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 10:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:99:b6:9c:3f:7a:e7:84:19:1c:13:13:c1:e3:db:c1:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
        Validity
            Not Before: Feb 28 20:28:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=865c85819975ed4e4fcaafa73da622c796eb495a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:02:99:07:1d:49:81:d4:fb:77:81:ae:ff:1b:
                    f7:91:ff:aa:5e:c7:de:33:db:91:df:83:11:a8:3b:
                    20:04:67:eb:28:b8:3d:77:69:62:cb:a3:dd:d0:2d:
                    77:4d:55:74:0e:5e:d3:15:1c:03:57:cf:dd:7f:9b:
                    3c:d1:a2:2a:99:4a:68:7e:84:23:1c:25:d7:4a:c6:
                    73:ae:84:1e:93:aa:eb:b9:92:c2:44:d7:a3:d0:70:
                    8a:1c:1f:a5:71:36:a4:50:34:69:f2:b6:b2:ab:f2:
                    15:b0:39:d6:b0:cc:98:97:ab:5b:c0:11:39:9f:3f:
                    ca:f8:13:44:5d:01:46:ce:06:8e:11:f8:4c:b2:ab:
                    3f:4a:89:f2:c1:f5:b4:e8:90:ff:f3:7c:5e:21:f0:
                    d5:e7:5a:70:e4:40:3d:d6:71:b1:68:f4:33:f8:f6:
                    df:32:b5:75:8a:f4:9b:ec:01:c2:ed:83:4a:2d:07:
                    87:c5:20:95:f7:9b:38:73:94:02:71:8b:9c:dd:b6:
                    9d:d1:bf:3d:05:cc:3c:95:39:18:77:17:2a:ed:57:
                    81:b2:56:ff:aa:42:af:ca:23:94:a4:e9:3d:8e:a5:
                    fe:d2:e8:12:3a:b1:a0:b5:e0:13:cf:9a:0d:94:fd:
                    19:3e:46:17:9a:85:0d:0a:10:df:04:e0:b7:ca:fd:
                    e6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:5C:85:81:99:75:ED:4E:4F:CA:AF:A7:3D:A6:22:C7:96:EB:49:5A
            X509v3 Authority Key Identifier:
                keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/hlyFgZl17U5Pyq-nPaYix5brSVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.177.230.0/23
                  195.178.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:ad:4b:28:38:8e:62:bc:25:82:61:b9:b4:57:d0:d7:2f:1a:
         79:65:76:c4:af:94:bf:fe:cb:e4:00:7f:aa:13:65:de:dc:f8:
         d9:22:44:2f:84:73:1f:75:29:49:7d:2a:3b:86:4a:29:0b:02:
         92:6d:d1:bd:be:e2:21:ee:bf:ce:f0:f4:20:98:24:d0:86:10:
         10:7b:0d:fd:b7:71:25:5d:2a:8a:3c:1e:b6:57:b3:35:d9:83:
         0d:15:66:26:96:3c:b7:b4:3d:99:52:e9:e6:61:5f:43:d3:ce:
         05:2b:db:32:bd:a0:ca:ef:27:c5:1a:49:b0:4f:8d:4a:8f:14:
         eb:1b:de:95:cc:ef:61:ca:cb:43:74:c5:70:29:7e:63:7c:81:
         d3:e3:31:4c:d7:5f:3a:ef:2b:7d:c3:81:72:a8:e9:ae:50:5f:
         26:70:fd:9b:9b:3d:d6:d2:df:61:5e:1d:20:30:a3:a1:29:47:
         a8:fe:bb:6c:c7:0c:2e:41:1a:be:74:bc:59:48:a2:41:13:62:
         4e:80:a8:e7:c3:f2:d9:2a:da:1f:5e:2d:2c:fd:71:27:41:a5:
         a2:ca:a4:1f:77:a4:45:0f:94:26:68:ac:6a:2c:a3:f4:f0:ff:
         f1:ec:88:24:dc:86:57:73:de:ca:bc:e6:b1:2a:ec:e5:a8:55:
         94:78:9f:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaZtpw/eueEGRwTE8Hj28GRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjMwMjI4MjAyODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjVjODU4MTk5NzVlZDRlNGZjYWFmYTczZGE2MjJjNzk2ZWI0OTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigKZBx1JgdT7d4Gu/xv3kf+qXsfe
M9uR34MRqDsgBGfrKLg9d2liy6Pd0C13TVV0Dl7TFRwDV8/df5s80aIqmUpofoQj
HCXXSsZzroQek6rruZLCRNej0HCKHB+lcTakUDRp8rayq/IVsDnWsMyYl6tbwBE5
nz/K+BNEXQFGzgaOEfhMsqs/SonywfW06JD/83xeIfDV51pw5EA91nGxaPQz+Pbf
MrV1ivSb7AHC7YNKLQeHxSCV95s4c5QCcYuc3bad0b89Bcw8lTkYdxcq7VeBslb/
qkKvyiOUpOk9jqX+0ugSOrGgteATz5oNlP0ZPkYXmoUNChDfBOC3yv3mNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIZchYGZde1OT8qvpz2mIseW60laMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvaGx5RmdabDE3VTVQeXEtblBhWWl4NWJyU1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7HmAwQB
w7JoMA0GCSqGSIb3DQEBCwUAA4IBAQB7rUsoOI5ivCWCYbm0V9DXLxp5ZXbEr5S/
/svkAH+qE2Xe3PjZIkQvhHMfdSlJfSo7hkopCwKSbdG9vuIh7r/O8PQgmCTQhhAQ
ew39t3ElXSqKPB62V7M12YMNFWYmljy3tD2ZUunmYV9D084FK9syvaDK7yfFGkmw
T41KjxTrG96VzO9hystDdMVwKX5jfIHT4zFM11867yt9w4FyqOmuUF8mcP2bmz3W
0t9hXh0gMKOhKUeo/rtsxwwuQRq+dLxZSKJBE2JOgKjnw/LZKtofXi0s/XEnQaWi
yqQfd6RFD5QmaKxqLKP08P/x7Igk3IZXc97KvOaxKuzlqFWUeJ+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org