Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/HN_cTy8CdCa70oNA3lGFQ6UTtH8.roa
File:                     HN_cTy8CdCa70oNA3lGFQ6UTtH8.roa (raw, json)
Hash identifier:          GmkLVnrOXXH++Qgk1gGM45j19k1x7D07GjVS4LadnLQ=
Subject key identifier:   1C:DF:DC:4F:2F:02:74:26:BB:D2:83:40:DE:51:85:43:A5:13:B4:7F
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       018E308F0CD69DFB9DDBD8D2CBFEA193417D
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/HN_cTy8CdCa70oNA3lGFQ6UTtH8.roa
Signing time:             Tue 12 Mar 2024 02:47:45 +0000
ROA not before:           Tue 12 Mar 2024 02:47:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        128.65.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 03:41:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:30:8f:0c:d6:9d:fb:9d:db:d8:d2:cb:fe:a1:93:41:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Mar 12 02:47:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1cdfdc4f2f027426bbd28340de518543a513b47f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d5:98:be:ae:36:5f:a7:c7:21:fb:e5:67:84:
                    6b:59:33:06:40:d5:7c:e1:38:81:cb:f4:12:64:7d:
                    5e:8f:12:2a:aa:33:69:7d:c6:41:ac:3f:e9:bc:2d:
                    85:38:91:8d:f2:b3:29:7c:8b:f3:7d:ab:82:32:9d:
                    f6:f4:59:f6:98:1d:b7:41:2a:24:a7:63:41:d1:84:
                    9e:43:3c:91:57:58:b7:11:7b:62:64:8e:67:6f:95:
                    7a:4e:42:e6:7d:de:11:32:8e:41:ac:3b:08:c7:ba:
                    57:83:9d:bf:7f:2b:d0:6c:4b:0a:97:b2:d5:aa:62:
                    49:ed:a0:dc:c8:d8:cb:c4:54:68:3f:32:55:ed:98:
                    59:2d:b9:cc:54:23:6b:5a:a2:48:c6:9e:e1:49:f8:
                    f3:03:e1:5b:ba:e3:b2:d5:fb:5a:76:ea:50:f1:32:
                    41:6f:25:22:15:e8:ac:11:f1:e2:86:8b:75:aa:9e:
                    b5:e5:db:52:33:fe:50:80:33:7e:34:02:8a:d6:6b:
                    c6:98:2c:a4:a9:36:c2:2d:c4:f9:65:7a:3b:a1:0c:
                    74:fb:34:11:42:91:c8:b2:1a:dd:90:01:bf:d6:d0:
                    4d:66:df:2e:4f:52:0f:7f:8a:01:94:0b:8f:b9:bb:
                    0b:f9:e3:a9:2e:ee:d0:1e:72:f3:de:cf:09:78:b9:
                    56:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:DF:DC:4F:2F:02:74:26:BB:D2:83:40:DE:51:85:43:A5:13:B4:7F
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/HN_cTy8CdCa70oNA3lGFQ6UTtH8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.65.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:6f:dc:52:be:42:54:75:98:88:f4:f9:a8:13:80:4e:26:11:
         3c:d3:aa:f4:e1:f8:8b:8b:2e:dc:6d:21:b6:db:e0:52:90:2e:
         6a:dd:aa:79:ce:81:6e:5e:11:78:61:af:b6:8e:78:eb:fc:d3:
         7b:8e:1d:3c:f2:16:7b:ed:4d:d1:09:6f:ff:2d:67:ac:fe:8a:
         65:e2:68:1a:86:66:1e:6b:83:d5:57:b6:81:3c:97:ca:c2:60:
         1a:20:96:65:dc:a5:59:fe:9f:a4:f9:8a:d2:b1:ea:07:e2:29:
         74:ac:94:e4:8a:f9:5b:bc:7e:8f:55:59:73:1e:4b:8a:75:1b:
         09:7f:cc:c4:3b:7a:9d:8a:27:36:d0:f3:10:6c:f1:d6:a5:da:
         51:18:c1:14:08:97:b6:27:42:02:ed:15:23:1e:8f:73:72:21:
         f6:4f:7a:6d:48:b2:bb:ea:77:3a:b4:77:0f:bc:f1:86:93:69:
         fb:a8:21:78:33:ff:91:8d:6e:3a:9e:84:cc:de:2e:e4:38:39:
         bd:0d:5d:2e:eb:a7:80:e5:7d:91:32:7a:8a:a9:ac:8a:b9:c4:
         09:67:b6:2f:a3:48:f9:c2:db:9b:b7:f8:f9:f6:f9:98:3b:eb:
         af:4b:ba:60:fa:d4:2d:12:27:ae:52:7c:53:21:ee:a5:65:ac:
         79:e4:b4:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4wjwzWnfud29jSy/6hk0F9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMzEyMDI0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RmZGM0ZjJmMDI3NDI2YmJkMjgzNDBkZTUxODU0M2E1MTNiNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldWYvq42X6fHIfvlZ4RrWTMGQNV8
4TiBy/QSZH1ejxIqqjNpfcZBrD/pvC2FOJGN8rMpfIvzfauCMp329Fn2mB23QSok
p2NB0YSeQzyRV1i3EXtiZI5nb5V6TkLmfd4RMo5BrDsIx7pXg52/fyvQbEsKl7LV
qmJJ7aDcyNjLxFRoPzJV7ZhZLbnMVCNrWqJIxp7hSfjzA+FbuuOy1ftadupQ8TJB
byUiFeisEfHihot1qp615dtSM/5QgDN+NAKK1mvGmCykqTbCLcT5ZXo7oQx0+zQR
QpHIshrdkAG/1tBNZt8uT1IPf4oBlAuPubsL+eOpLu7QHnLz3s8JeLlWfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzf3E8vAnQmu9KDQN5RhUOlE7R/MB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvSE5fY1R5OENkQ2E3MG9OQTNsR0ZRNlVUdEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgEGoMA0G
CSqGSIb3DQEBCwUAA4IBAQABb9xSvkJUdZiI9PmoE4BOJhE806r04fiLiy7cbSG2
2+BSkC5q3ap5zoFuXhF4Ya+2jnjr/NN7jh088hZ77U3RCW//LWes/opl4mgahmYe
a4PVV7aBPJfKwmAaIJZl3KVZ/p+k+YrSseoH4il0rJTkivlbvH6PVVlzHkuKdRsJ
f8zEO3qdiic20PMQbPHWpdpRGMEUCJe2J0IC7RUjHo9zciH2T3ptSLK76nc6tHcP
vPGGk2n7qCF4M/+RjW46noTM3i7kODm9DV0u66eA5X2RMnqKqayKucQJZ7Yvo0j5
wtubt/j59vmYO+uvS7pg+tQtEieuUnxTIe6lZax55LQE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org