Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/dd59d9-eadf-4713-8977-42fa3cfbb503/1/H7zWk-fNQDI85NP2-uUMhZSNUXc.roa
File:                     H7zWk-fNQDI85NP2-uUMhZSNUXc.roa (raw, json)
Hash identifier:          +QH59sOaRAo1d2w50+cA6vtPmQKzI5yVMBNqF9X9+EI=
Subject key identifier:   1F:BC:D6:93:E7:CD:40:32:3C:E4:D3:F6:FA:E5:0C:85:94:8D:51:77
Certificate issuer:       /CN=c82bedbcf7b5360fee245b7a255f6640b7276968
Certificate serial:       018B1979D2CEA1A184B9E521CF9AE7A4D2DA
Authority key identifier: C8:2B:ED:BC:F7:B5:36:0F:EE:24:5B:7A:25:5F:66:40:B7:27:69:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yCvtvPe1Ng_uJFt6JV9mQLcnaWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/dd59d9-eadf-4713-8977-42fa3cfbb503/1/H7zWk-fNQDI85NP2-uUMhZSNUXc.roa
Signing time:             Tue 10 Oct 2023 12:04:56 +0000
ROA not before:           Tue 10 Oct 2023 12:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43756
IP address blocks:        194.37.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:19:79:d2:ce:a1:a1:84:b9:e5:21:cf:9a:e7:a4:d2:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c82bedbcf7b5360fee245b7a255f6640b7276968
        Validity
            Not Before: Oct 10 12:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1fbcd693e7cd40323ce4d3f6fae50c85948d5177
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:58:b0:ea:4a:c6:ae:ab:18:bd:99:16:da:60:
                    7d:59:e0:0d:6c:bb:be:53:0c:d7:01:0f:85:4a:fa:
                    ba:3f:f9:b8:cc:42:d7:a1:4e:8b:2e:58:44:3c:45:
                    1b:b7:cc:b7:c9:dc:58:f4:78:7d:62:a8:fb:56:58:
                    2c:58:fd:82:ef:12:db:e5:a2:18:d7:b0:4b:8c:1e:
                    ea:86:50:0d:28:01:e2:1e:aa:22:07:48:11:3a:79:
                    73:a3:69:13:0c:54:ac:8a:45:b1:54:90:c4:db:c0:
                    13:e3:b3:43:ba:4b:21:54:78:34:03:c9:22:03:f4:
                    ac:cd:c3:6d:f0:d6:7b:91:b9:1f:fa:c2:40:9f:14:
                    7f:7c:f9:d0:b2:52:8d:a9:f0:ce:d7:37:90:cc:e2:
                    9f:c2:5e:2d:28:a4:fe:e7:5e:8f:0d:dc:e2:b2:4c:
                    89:0e:16:56:87:0c:28:5e:03:bc:f6:93:1f:4c:12:
                    33:42:ed:9b:67:12:48:94:ea:21:2d:32:44:c5:7a:
                    9a:d5:0a:d0:ab:bd:ce:78:9d:ed:4a:9b:fc:cc:ca:
                    ca:03:55:2c:f2:22:ad:aa:75:e0:72:88:69:69:35:
                    f9:3f:d5:ca:93:14:71:5d:45:f6:d8:57:74:75:b6:
                    a1:d0:96:3d:e7:19:37:3d:b3:63:6f:eb:51:78:2a:
                    ce:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:BC:D6:93:E7:CD:40:32:3C:E4:D3:F6:FA:E5:0C:85:94:8D:51:77
            X509v3 Authority Key Identifier:
                keyid:C8:2B:ED:BC:F7:B5:36:0F:EE:24:5B:7A:25:5F:66:40:B7:27:69:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yCvtvPe1Ng_uJFt6JV9mQLcnaWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/dd59d9-eadf-4713-8977-42fa3cfbb503/1/H7zWk-fNQDI85NP2-uUMhZSNUXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/dd59d9-eadf-4713-8977-42fa3cfbb503/1/yCvtvPe1Ng_uJFt6JV9mQLcnaWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.37.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:2d:d0:33:25:2b:9d:90:9a:b5:4d:7b:60:5c:97:13:15:f5:
         eb:c1:4f:7a:72:f6:50:c8:d3:52:ef:16:61:80:a9:8e:00:53:
         4f:fe:4e:02:48:fa:fe:e2:b9:c9:df:6c:14:5c:f3:c3:a3:eb:
         64:31:43:31:1b:d3:f1:e4:37:38:32:40:cf:d3:7d:e7:9b:3f:
         ec:b2:c0:ab:57:da:d6:ed:e5:1f:c2:4d:23:b8:8f:86:9d:a8:
         1d:48:0e:a2:98:20:b2:f4:bb:8e:0b:58:2c:ec:8e:ff:7e:15:
         0e:2b:66:c3:75:78:36:57:37:56:4b:f8:b1:96:3a:9e:7d:37:
         fb:ac:29:48:d3:14:9d:b4:b9:03:67:69:91:e5:bc:9f:bb:8e:
         7e:09:40:9d:f1:4c:fc:10:5e:57:5c:61:84:ca:f1:57:d7:fa:
         db:f8:9e:1c:8c:6c:2e:ff:46:05:d0:f2:72:7a:dd:33:96:17:
         6c:be:ef:8a:5f:e4:82:03:ca:6f:dc:b7:08:3e:4e:a4:5e:22:
         68:5a:5c:b6:1e:6e:25:0c:a9:82:db:d9:2c:a9:f0:68:2b:73:
         1e:ab:c5:ce:fc:95:b7:a3:86:b3:29:61:d1:95:4e:80:11:39:
         1e:38:84:4f:b4:01:64:ae:e9:6a:1f:d5:be:f2:6b:aa:bd:92:
         e0:49:e9:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsZedLOoaGEueUhz5rnpNLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MmJlZGJjZjdiNTM2MGZlZTI0NWI3YTI1NWY2NjQwYjcy
NzY5NjgwHhcNMjMxMDEwMTIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmJjZDY5M2U3Y2Q0MDMyM2NlNGQzZjZmYWU1MGM4NTk0OGQ1MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjViw6krGrqsYvZkW2mB9WeANbLu+
UwzXAQ+FSvq6P/m4zELXoU6LLlhEPEUbt8y3ydxY9Hh9Yqj7VlgsWP2C7xLb5aIY
17BLjB7qhlANKAHiHqoiB0gROnlzo2kTDFSsikWxVJDE28AT47NDukshVHg0A8ki
A/SszcNt8NZ7kbkf+sJAnxR/fPnQslKNqfDO1zeQzOKfwl4tKKT+516PDdziskyJ
DhZWhwwoXgO89pMfTBIzQu2bZxJIlOohLTJExXqa1QrQq73OeJ3tSpv8zMrKA1Us
8iKtqnXgcohpaTX5P9XKkxRxXUX22Fd0dbah0JY95xk3PbNjb+tReCrOSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+81pPnzUAyPOTT9vrlDIWUjVF3MB8GA1UdIwQY
MBaAFMgr7bz3tTYP7iRbeiVfZkC3J2loMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUN2dHZQZTFOZ191SkZ0NkpWOW1RTGNuYVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9kZDU5ZDktZWFkZi00NzEzLTg5Nzct
NDJmYTNjZmJiNTAzLzEvSDd6V2stZk5RREk4NU5QMi11VU1oWlNOVVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9kZDU5ZDktZWFkZi00NzEzLTg5NzctNDJmYTNjZmJiNTAz
LzEveUN2dHZQZTFOZ191SkZ0NkpWOW1RTGNuYVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiX8MA0G
CSqGSIb3DQEBCwUAA4IBAQBULdAzJSudkJq1TXtgXJcTFfXrwU96cvZQyNNS7xZh
gKmOAFNP/k4CSPr+4rnJ32wUXPPDo+tkMUMxG9Px5Dc4MkDP033nmz/sssCrV9rW
7eUfwk0juI+GnagdSA6imCCy9LuOC1gs7I7/fhUOK2bDdXg2VzdWS/ixljqefTf7
rClI0xSdtLkDZ2mR5byfu45+CUCd8Uz8EF5XXGGEyvFX1/rb+J4cjGwu/0YF0PJy
et0zlhdsvu+KX+SCA8pv3LcIPk6kXiJoWly2Hm4lDKmC29ksqfBoK3Meq8XO/JW3
o4azKWHRlU6AETkeOIRPtAFkrulqH9W+8muqvZLgSekv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:49 2024 by rpki-client on console-ams.rpki-client.org