Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/hxHzx3g-2dubH7SwLrlFg5PaNvs.roa
File:                     hxHzx3g-2dubH7SwLrlFg5PaNvs.roa (raw, json)
Hash identifier:          vKBNjAgvIY764qkYFSgpgaO/xSGTW1z4tc3CWJ/78o8=
Subject key identifier:   87:11:F3:C7:78:3E:D9:DB:9B:1F:B4:B0:2E:B9:45:83:93:DA:36:FB
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       01890CF56CDD35A9CD4D95F04E6A2015C02A
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/hxHzx3g-2dubH7SwLrlFg5PaNvs.roa
Signing time:             Fri 30 Jun 2023 15:39:18 +0000
ROA not before:           Fri 30 Jun 2023 15:39:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        77.81.79.0/24 maxlen: 24
                          188.214.232.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sat 22 Jul 2023 14:41:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:0c:f5:6c:dd:35:a9:cd:4d:95:f0:4e:6a:20:15:c0:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Jun 30 15:39:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8711f3c7783ed9db9b1fb4b02eb9458393da36fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:a9:54:90:e1:4f:37:09:8f:a2:52:ce:36:60:
                    24:77:49:38:3b:16:6a:5d:16:26:06:5a:f9:98:c3:
                    ee:4a:b8:c0:a1:cc:96:04:97:94:3f:bf:0b:61:50:
                    d0:1f:a2:60:a5:c9:88:ce:f5:91:45:83:03:32:f1:
                    de:e0:a2:14:42:82:f2:af:e8:6d:d0:15:57:34:88:
                    b5:4d:e4:d8:22:aa:4c:a5:2d:a7:58:b8:02:19:09:
                    8c:57:21:bc:07:c0:99:9c:c0:aa:0e:d6:b3:9f:98:
                    c3:8d:72:f7:a6:b2:ca:ac:c5:e1:10:dc:e4:db:ac:
                    67:70:e7:23:23:fa:74:a4:d2:75:2c:e1:33:c1:f3:
                    46:b7:00:34:b7:a6:e9:b4:2c:01:c0:2c:36:72:53:
                    5a:48:71:73:5f:28:e9:06:ea:12:11:75:a6:d7:d7:
                    cd:13:cd:44:a7:01:89:9d:7d:ce:2a:1c:5e:f2:3e:
                    f0:8e:5a:93:b8:9a:15:6b:47:4b:76:db:ee:35:f2:
                    53:67:38:2f:14:31:eb:34:4d:2c:61:80:94:97:08:
                    85:40:4f:1b:a4:6d:d7:40:8d:e6:99:38:d9:21:ce:
                    3a:4a:30:61:8b:f6:e3:6b:34:fe:45:e2:66:43:7c:
                    66:c5:18:72:66:ee:a8:4e:e1:3b:01:49:cd:4b:29:
                    d2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:11:F3:C7:78:3E:D9:DB:9B:1F:B4:B0:2E:B9:45:83:93:DA:36:FB
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/hxHzx3g-2dubH7SwLrlFg5PaNvs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.79.0/24
                  188.214.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:f8:8c:8f:e0:97:19:d6:53:ba:f1:95:17:c2:90:4a:ee:60:
         94:19:28:e9:42:0f:58:23:33:1d:44:cc:2b:ad:bb:13:41:f3:
         7b:5a:a4:36:56:a2:5f:06:31:b9:22:65:e1:d2:3a:a9:d8:55:
         18:ac:8e:e1:00:50:25:0d:f4:10:e1:c2:fb:8d:07:8c:42:e3:
         96:7a:e4:d8:89:93:ae:2c:ab:7b:cc:8e:fb:b1:53:02:34:45:
         cc:79:c7:43:c8:82:e5:23:99:85:d0:34:59:60:8b:45:16:31:
         b8:05:af:43:d6:6d:76:3b:08:1c:00:19:b0:03:11:bf:34:11:
         19:fc:a3:f7:88:67:fc:8a:9f:91:ab:73:f6:14:1c:86:03:02:
         8f:22:0c:40:b0:9a:ca:79:38:c8:37:68:c1:8b:2c:c9:10:1c:
         ff:d9:82:05:33:5a:51:b4:26:f5:01:ed:d1:84:a3:6f:1a:c9:
         19:2a:80:f2:e9:a9:02:02:c6:e1:9a:75:8c:8a:2d:00:cd:a3:
         bc:4f:46:22:fa:17:56:d3:22:36:08:5e:90:5b:34:4d:06:64:
         69:8b:c8:58:d7:ef:51:da:f3:a6:6d:a4:4a:50:0c:77:2c:cf:
         4c:2c:ce:38:02:74:d1:09:00:e3:75:ec:cb:d1:6d:10:54:bc:
         43:c8:13:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkM9WzdNanNTZXwTmogFcAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwNjMwMTUzOTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzExZjNjNzc4M2VkOWRiOWIxZmI0YjAyZWI5NDU4MzkzZGEzNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6lUkOFPNwmPolLONmAkd0k4OxZq
XRYmBlr5mMPuSrjAocyWBJeUP78LYVDQH6JgpcmIzvWRRYMDMvHe4KIUQoLyr+ht
0BVXNIi1TeTYIqpMpS2nWLgCGQmMVyG8B8CZnMCqDtazn5jDjXL3prLKrMXhENzk
26xncOcjI/p0pNJ1LOEzwfNGtwA0t6bptCwBwCw2clNaSHFzXyjpBuoSEXWm19fN
E81EpwGJnX3OKhxe8j7wjlqTuJoVa0dLdtvuNfJTZzgvFDHrNE0sYYCUlwiFQE8b
pG3XQI3mmTjZIc46SjBhi/bjazT+ReJmQ3xmxRhyZu6oTuE7AUnNSynS+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIcR88d4Ptnbmx+0sC65RYOT2jb7MB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvaHhIengzZy0yZHViSDdTd0xybEZnNVBhTnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVFPAwQB
vNboMA0GCSqGSIb3DQEBCwUAA4IBAQAk+IyP4JcZ1lO68ZUXwpBK7mCUGSjpQg9Y
IzMdRMwrrbsTQfN7WqQ2VqJfBjG5ImXh0jqp2FUYrI7hAFAlDfQQ4cL7jQeMQuOW
euTYiZOuLKt7zI77sVMCNEXMecdDyILlI5mF0DRZYItFFjG4Ba9D1m12OwgcABmw
AxG/NBEZ/KP3iGf8ip+Rq3P2FByGAwKPIgxAsJrKeTjIN2jBiyzJEBz/2YIFM1pR
tCb1Ae3RhKNvGskZKoDy6akCAsbhmnWMii0AzaO8T0Yi+hdW0yI2CF6QWzRNBmRp
i8hY1+9R2vOmbaRKUAx3LM9MLM44AnTRCQDjdezL0W0QVLxDyBNj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org