Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e36eb1-8af5-4910-8df4-ed2e136dc026/1/HTlCCujHtAuY8k3MoimY51gyTSU.roa
File:                     HTlCCujHtAuY8k3MoimY51gyTSU.roa (raw, json)
Hash identifier:          to1zcqbLWFSg7n03z4iLekZHL8tZ0oP7N0Dj9f64riw=
Subject key identifier:   1D:39:42:0A:E8:C7:B4:0B:98:F2:4D:CC:A2:29:98:E7:58:32:4D:25
Certificate issuer:       /CN=c04a3d80f6786f1791098d45ecd554f0660cce4f
Certificate serial:       018AD1F67ED2E1ADD50AEA7E98E490E9B50C
Authority key identifier: C0:4A:3D:80:F6:78:6F:17:91:09:8D:45:EC:D5:54:F0:66:0C:CE:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wEo9gPZ4bxeRCY1F7NVU8GYMzk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/e36eb1-8af5-4910-8df4-ed2e136dc026/1/HTlCCujHtAuY8k3MoimY51gyTSU.roa
Signing time:             Tue 26 Sep 2023 14:48:27 +0000
ROA not before:           Tue 26 Sep 2023 14:48:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50378
IP address blocks:        195.2.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Sep 2023 11:16:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d1:f6:7e:d2:e1:ad:d5:0a:ea:7e:98:e4:90:e9:b5:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c04a3d80f6786f1791098d45ecd554f0660cce4f
        Validity
            Not Before: Sep 26 14:48:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d39420ae8c7b40b98f24dcca22998e758324d25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:02:a5:a1:17:8a:17:1b:24:8d:a8:f4:2b:91:
                    8d:80:c3:0b:85:34:07:95:94:b6:af:7e:6e:10:7f:
                    67:33:41:e3:06:18:4f:ed:a4:df:f8:26:f2:9a:2f:
                    26:56:81:31:f4:5c:a8:4c:1a:1e:20:78:f3:f5:59:
                    40:ea:bb:0f:d3:29:69:70:d8:94:ca:ec:4c:22:7b:
                    29:7c:1a:14:42:b9:7c:41:65:47:e2:32:08:34:64:
                    d4:27:8c:a7:a4:f3:c0:43:f7:fa:78:05:fb:92:1e:
                    e8:8d:6d:a0:f2:49:5b:72:89:ed:74:13:62:b1:42:
                    7c:00:c8:a2:b1:44:9f:c9:b2:1f:ba:9b:70:b7:45:
                    90:0f:29:14:55:10:34:8c:36:18:b5:3f:e2:7c:24:
                    4c:05:f2:a9:92:9b:c0:db:9d:ac:38:fe:06:45:78:
                    74:34:fb:3b:35:7f:79:93:eb:f0:4e:ce:a9:0e:99:
                    b5:05:db:b6:b7:f1:02:9e:93:b1:68:bb:e7:a6:a9:
                    45:09:e0:89:6e:29:af:80:08:c1:1f:3e:a3:7d:98:
                    23:24:91:65:69:44:13:3c:80:4c:1b:62:dd:74:4d:
                    3b:28:8a:82:2f:86:de:1d:19:dc:80:e8:49:a8:34:
                    38:35:7e:ec:bf:6f:58:b3:e6:98:95:f7:76:c3:2e:
                    a5:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:39:42:0A:E8:C7:B4:0B:98:F2:4D:CC:A2:29:98:E7:58:32:4D:25
            X509v3 Authority Key Identifier:
                keyid:C0:4A:3D:80:F6:78:6F:17:91:09:8D:45:EC:D5:54:F0:66:0C:CE:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wEo9gPZ4bxeRCY1F7NVU8GYMzk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e36eb1-8af5-4910-8df4-ed2e136dc026/1/HTlCCujHtAuY8k3MoimY51gyTSU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e36eb1-8af5-4910-8df4-ed2e136dc026/1/wEo9gPZ4bxeRCY1F7NVU8GYMzk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.2.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:f3:3e:2b:66:7c:c9:dd:6f:f8:c2:dd:ae:45:86:f8:f2:a6:
         74:02:a7:1f:0f:07:dd:00:3f:a1:f1:d5:f9:1c:bc:d1:a2:fe:
         eb:4c:01:64:d5:f9:de:3d:d6:18:7a:ef:1a:52:cc:75:7d:0d:
         02:f6:fd:91:46:fb:18:74:e2:0e:75:64:86:30:db:ea:6c:1f:
         bc:b7:eb:d0:fd:9a:f7:83:bb:e0:02:eb:41:b6:b0:c4:aa:89:
         fd:3c:64:77:eb:2b:82:e5:b3:66:66:d6:64:42:df:d3:7e:ec:
         03:67:d9:4e:40:40:0d:e3:fd:d8:cc:45:a7:4b:5a:ba:17:44:
         32:9d:1a:76:a0:cd:e8:4e:3e:d2:98:63:12:1e:1e:34:e6:0c:
         45:40:a6:81:f2:f6:fa:df:a8:0a:50:ba:55:ca:3a:32:f0:10:
         d0:2d:22:69:a8:fb:f9:06:64:d7:b8:be:4f:6b:95:d4:a2:30:
         e8:e4:c5:61:de:c7:62:37:46:d4:87:f4:fb:dc:06:f7:d6:03:
         e9:f2:3b:7c:01:6c:66:53:31:a1:b5:03:24:49:b6:ed:f3:2f:
         7b:9a:f8:54:9d:d0:d2:61:ce:4b:ec:94:18:87:a7:f7:1a:51:
         98:b7:6e:27:e3:03:6f:f9:d5:5b:48:bb:e4:e6:e6:50:cd:ac:
         9f:0a:aa:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrR9n7S4a3VCup+mOSQ6bUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGEzZDgwZjY3ODZmMTc5MTA5OGQ0NWVjZDU1NGYwNjYw
Y2NlNGYwHhcNMjMwOTI2MTQ0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDM5NDIwYWU4YzdiNDBiOThmMjRkY2NhMjI5OThlNzU4MzI0ZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAKloReKFxskjaj0K5GNgMMLhTQH
lZS2r35uEH9nM0HjBhhP7aTf+Cbymi8mVoEx9FyoTBoeIHjz9VlA6rsP0ylpcNiU
yuxMInspfBoUQrl8QWVH4jIINGTUJ4ynpPPAQ/f6eAX7kh7ojW2g8klbcontdBNi
sUJ8AMiisUSfybIfuptwt0WQDykUVRA0jDYYtT/ifCRMBfKpkpvA252sOP4GRXh0
NPs7NX95k+vwTs6pDpm1Bdu2t/ECnpOxaLvnpqlFCeCJbimvgAjBHz6jfZgjJJFl
aUQTPIBMG2LddE07KIqCL4beHRncgOhJqDQ4NX7sv29Ys+aYlfd2wy6ljQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB05Qgrox7QLmPJNzKIpmOdYMk0lMB8GA1UdIwQY
MBaAFMBKPYD2eG8XkQmNRezVVPBmDM5PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0VvOWdQWjRieGVSQ1kxRjdOVlU4R1lNems4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMzZlYjEtOGFmNS00OTEwLThkZjQt
ZWQyZTEzNmRjMDI2LzEvSFRsQ0N1akh0QXVZOGszTW9pbVk1MWd5VFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMzZlYjEtOGFmNS00OTEwLThkZjQtZWQyZTEzNmRjMDI2
LzEvd0VvOWdQWjRieGVSQ1kxRjdOVlU4R1lNems4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwLjMA0G
CSqGSIb3DQEBCwUAA4IBAQAr8z4rZnzJ3W/4wt2uRYb48qZ0AqcfDwfdAD+h8dX5
HLzRov7rTAFk1fnePdYYeu8aUsx1fQ0C9v2RRvsYdOIOdWSGMNvqbB+8t+vQ/Zr3
g7vgAutBtrDEqon9PGR36yuC5bNmZtZkQt/TfuwDZ9lOQEAN4/3YzEWnS1q6F0Qy
nRp2oM3oTj7SmGMSHh405gxFQKaB8vb636gKULpVyjoy8BDQLSJpqPv5BmTXuL5P
a5XUojDo5MVh3sdiN0bUh/T73Ab31gPp8jt8AWxmUzGhtQMkSbbt8y97mvhUndDS
Yc5L7JQYh6f3GlGYt24n4wNv+dVbSLvk5uZQzayfCqqN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org