Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/HNB52NHPMAKni_Jn6YEI9_y7iMA.roa
File:                     HNB52NHPMAKni_Jn6YEI9_y7iMA.roa (raw, json)
Hash identifier:          6AvpfFjo5u97KHp8OHXO19qTF28m4fMGj4PwabAWAL8=
Subject key identifier:   1C:D0:79:D8:D1:CF:30:02:A7:8B:F2:67:E9:81:08:F7:FC:BB:88:C0
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       018570FBCF0C390B2F972C6C46002243A55F
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/HNB52NHPMAKni_Jn6YEI9_y7iMA.roa
Signing time:             Mon 02 Jan 2023 05:37:08 +0000
ROA not before:           Mon 02 Jan 2023 05:37:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210311
IP address blocks:        2a09:e1c1:eff0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:cf:0c:39:0b:2f:97:2c:6c:46:00:22:43:a5:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jan  2 05:37:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cd079d8d1cf3002a78bf267e98108f7fcbb88c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:05:ed:06:d2:d1:80:b0:2c:3c:de:14:e6:66:
                    86:7c:e8:a5:06:65:cb:04:29:4b:0b:5d:51:9e:d6:
                    84:55:c3:3b:49:b1:91:d1:4a:b5:a1:1b:a8:fc:fd:
                    25:9c:8e:7e:0e:26:0c:64:bf:ba:64:ea:1f:ca:9f:
                    e0:a1:a3:14:bc:ce:ae:39:8c:30:ef:a1:a7:5a:e2:
                    e9:c1:b0:c2:35:7d:e3:a0:1c:d1:2f:fc:88:c3:85:
                    58:5b:13:d9:15:57:1a:56:67:c5:66:bc:03:a0:83:
                    c1:18:7b:22:b5:f6:46:26:c9:62:a9:14:3a:42:a6:
                    44:77:19:45:56:0e:0e:3f:4a:40:fa:13:14:06:51:
                    30:ca:9c:73:ce:8d:b8:c0:0e:88:72:8a:b8:39:3f:
                    43:cc:ff:1b:ba:8d:49:06:e1:b5:fc:22:46:21:17:
                    e7:92:c2:92:6a:8f:5d:77:0f:01:bb:2e:c9:43:bc:
                    cc:d3:e3:a5:7b:9c:ed:8b:fa:8d:29:e7:ab:48:e9:
                    7f:63:59:ef:52:50:04:a6:ce:b1:4d:d6:d6:04:3e:
                    7a:e1:10:4c:e9:1f:25:8b:df:e8:a3:98:61:e7:84:
                    37:37:ea:4d:77:5b:64:19:35:89:50:a9:d3:a6:45:
                    32:c4:0d:04:8c:8a:56:ff:b3:cd:88:d2:bb:bb:54:
                    3b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:D0:79:D8:D1:CF:30:02:A7:8B:F2:67:E9:81:08:F7:FC:BB:88:C0
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/HNB52NHPMAKni_Jn6YEI9_y7iMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:e1c1:eff0::/44

    Signature Algorithm: sha256WithRSAEncryption
         6d:90:1a:77:86:13:27:ed:1e:15:78:cf:4d:da:32:9b:5c:0a:
         c3:ad:04:88:54:2f:18:8e:70:6f:e2:db:5f:0c:2f:61:c4:eb:
         4e:9e:aa:8a:48:48:3d:8f:37:61:0f:2a:06:a1:7a:78:f3:5c:
         71:5e:28:6a:1a:34:90:b5:af:9a:ba:47:db:8e:34:c4:8a:4d:
         37:a2:47:aa:ac:4e:d5:8b:1d:81:88:60:61:cf:31:06:3f:f8:
         4a:9c:33:e1:e3:56:6c:fe:18:20:e0:0b:7d:f3:7c:95:04:d8:
         8a:19:7e:90:74:a3:89:6d:a9:f0:e3:ad:ea:cb:1a:b1:8b:4c:
         a5:b6:1a:a2:76:8f:9b:7c:de:b2:dd:96:06:e8:1c:7d:d6:bc:
         64:14:da:35:18:a5:a3:38:9a:34:6a:12:72:0c:52:0a:13:3a:
         fc:8a:42:5d:0e:7c:c2:8e:a3:9a:0e:8f:05:c3:0b:3a:11:7d:
         20:9b:ef:c2:03:9e:42:22:54:a9:79:58:ef:f3:99:92:35:5e:
         4a:3c:34:48:b4:be:1b:f8:8d:45:da:c5:51:e1:8b:f4:12:18:
         77:0d:4b:23:4f:2e:9f:85:30:49:47:6f:47:08:43:62:dd:14:
         43:0b:4d:9d:7f:96:1d:e4:94:69:e0:00:1a:07:d3:06:f3:be:
         49:82:02:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw+88MOQsvlyxsRgAiQ6VfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2QwNzlkOGQxY2YzMDAyYTc4YmYyNjdlOTgxMDhmN2ZjYmI4OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAXtBtLRgLAsPN4U5maGfOilBmXL
BClLC11RntaEVcM7SbGR0Uq1oRuo/P0lnI5+DiYMZL+6ZOofyp/goaMUvM6uOYww
76GnWuLpwbDCNX3joBzRL/yIw4VYWxPZFVcaVmfFZrwDoIPBGHsitfZGJsliqRQ6
QqZEdxlFVg4OP0pA+hMUBlEwypxzzo24wA6Icoq4OT9DzP8buo1JBuG1/CJGIRfn
ksKSao9ddw8Buy7JQ7zM0+Ole5zti/qNKeerSOl/Y1nvUlAEps6xTdbWBD564RBM
6R8li9/oo5hh54Q3N+pNd1tkGTWJUKnTpkUyxA0EjIpW/7PNiNK7u1Q7TQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBzQedjRzzACp4vyZ+mBCPf8u4jAMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvSE5CNTJOSFBNQUtuaV9KbjZZRUk5X3k3aU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnhwe/w
MA0GCSqGSIb3DQEBCwUAA4IBAQBtkBp3hhMn7R4VeM9N2jKbXArDrQSIVC8YjnBv
4ttfDC9hxOtOnqqKSEg9jzdhDyoGoXp481xxXihqGjSQta+aukfbjjTEik03okeq
rE7Vix2BiGBhzzEGP/hKnDPh41Zs/hgg4At983yVBNiKGX6QdKOJbanw463qyxqx
i0ylthqido+bfN6y3ZYG6Bx91rxkFNo1GKWjOJo0ahJyDFIKEzr8ikJdDnzCjqOa
Do8Fwws6EX0gm+/CA55CIlSpeVjv85mSNV5KPDRItL4b+I1F2sVR4Yv0Ehh3DUsj
Ty6fhTBJR29HCENi3RRDC02df5Yd5JRp4AAaB9MG875JggLV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org