Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/h0ukmRZ8Uv8-1daLg8CbwVdjTF4.roa
File:                     h0ukmRZ8Uv8-1daLg8CbwVdjTF4.roa (raw, json)
Hash identifier:          XFZsUFFg4lpCiET14goZNHBxbsWWkp/XxqC52g5SxZ0=
Subject key identifier:   87:4B:A4:99:16:7C:52:FF:3E:D5:D6:8B:83:C0:9B:C1:57:63:4C:5E
Certificate issuer:       /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial:       01902FDBD4FD3D387604AF47E90E2C854196
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/h0ukmRZ8Uv8-1daLg8CbwVdjTF4.roa
Signing time:             Wed 19 Jun 2024 09:37:34 +0000
ROA not before:           Wed 19 Jun 2024 09:37:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215672
IP address blocks:        80.93.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 23 Jun 2024 08:54:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:2f:db:d4:fd:3d:38:76:04:af:47:e9:0e:2c:85:41:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
        Validity
            Not Before: Jun 19 09:37:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=874ba499167c52ff3ed5d68b83c09bc157634c5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c8:05:03:54:c7:1d:76:d3:8b:86:fb:5a:49:
                    27:9a:d6:22:cd:16:25:17:32:97:dc:bc:c5:4a:4e:
                    96:98:8a:95:68:b6:33:ab:8b:06:5d:c5:de:a3:05:
                    f4:f2:7f:03:d4:73:e9:a7:31:d0:01:c9:ae:cb:29:
                    83:63:72:22:95:65:df:90:76:04:07:ed:85:93:4a:
                    50:ca:e4:30:91:ef:c5:ce:bb:f1:ae:da:fd:dc:f4:
                    4b:86:94:8b:0c:cc:af:8e:0d:06:94:e3:08:7e:29:
                    50:35:07:f8:63:2e:a5:ef:96:51:25:bd:85:39:64:
                    93:02:e7:e0:6c:21:63:f0:d3:a7:e7:66:07:49:3b:
                    dd:2f:1b:95:29:cf:12:df:3c:65:ef:c6:59:0b:4b:
                    0b:11:25:82:af:06:d0:50:b2:92:d3:de:ea:b4:de:
                    0e:9b:ea:7a:46:54:2c:2e:ef:82:97:87:59:52:a3:
                    a9:db:b4:0a:ed:dd:7f:f9:f1:8e:28:4d:d9:dd:a2:
                    35:4f:0d:20:12:ac:70:b2:40:d4:7f:1e:d5:6d:03:
                    90:09:26:67:72:ff:7c:a2:70:60:e0:0f:83:30:90:
                    15:c2:47:e2:18:92:ff:f3:b5:dd:20:ef:a2:7e:04:
                    b3:ca:01:74:36:48:9d:75:8f:88:c0:c7:7c:80:13:
                    9d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:4B:A4:99:16:7C:52:FF:3E:D5:D6:8B:83:C0:9B:C1:57:63:4C:5E
            X509v3 Authority Key Identifier:
                keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/h0ukmRZ8Uv8-1daLg8CbwVdjTF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.93.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:bf:53:5e:d5:48:73:a5:42:1e:f2:94:3b:05:9c:f5:00:73:
         9f:6a:11:83:81:f0:a8:03:9d:6c:5f:ac:d4:8a:0b:8d:83:a3:
         c7:50:ea:d7:53:54:c5:b0:dc:1a:4d:85:b9:b8:67:9c:23:31:
         7e:58:42:3d:1d:eb:f1:a8:ab:ee:03:fe:ec:2e:c2:79:de:ca:
         0f:13:27:fd:9d:06:2d:52:e4:5b:33:b6:bf:06:40:55:a8:32:
         1d:e1:52:9f:ba:18:d8:e9:cd:d1:93:1f:ee:b6:78:a2:8f:9a:
         04:a6:67:30:40:0c:03:da:a6:c4:93:9c:05:56:3b:36:36:b0:
         f6:64:b0:96:41:dd:23:18:32:20:80:e6:7f:0a:11:8a:5d:8c:
         f5:32:7e:44:bc:e5:f4:99:ff:8d:e1:76:5c:bc:54:83:06:5c:
         7f:3a:f9:d5:a4:e2:11:c1:0e:28:91:91:d2:59:6f:2c:1a:f7:
         0d:a1:11:49:89:ab:ab:97:aa:d2:cf:ce:34:84:1f:c6:9a:bc:
         34:bf:85:61:dc:c8:68:ee:cc:07:44:f2:00:c8:8b:7c:8c:09:
         d6:6a:13:99:de:88:d8:58:8e:48:6d:db:ca:88:d0:23:7d:21:
         a5:25:a4:84:02:e0:14:61:f8:29:a5:2b:c4:eb:b7:43:a8:76:
         0c:56:65:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAv29T9PTh2BK9H6Q4shUGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjQwNjE5MDkzNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzRiYTQ5OTE2N2M1MmZmM2VkNWQ2OGI4M2MwOWJjMTU3NjM0YzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8gFA1THHXbTi4b7WkknmtYizRYl
FzKX3LzFSk6WmIqVaLYzq4sGXcXeowX08n8D1HPppzHQAcmuyymDY3IilWXfkHYE
B+2Fk0pQyuQwke/Fzrvxrtr93PRLhpSLDMyvjg0GlOMIfilQNQf4Yy6l75ZRJb2F
OWSTAufgbCFj8NOn52YHSTvdLxuVKc8S3zxl78ZZC0sLESWCrwbQULKS097qtN4O
m+p6RlQsLu+Cl4dZUqOp27QK7d1/+fGOKE3Z3aI1Tw0gEqxwskDUfx7VbQOQCSZn
cv98onBg4A+DMJAVwkfiGJL/87XdIO+ifgSzygF0NkiddY+IwMd8gBOdkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdLpJkWfFL/PtXWi4PAm8FXY0xeMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvaDB1a21SWjhVdjgtMWRhTGc4Q2J3VmRqVEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUF3LMA0G
CSqGSIb3DQEBCwUAA4IBAQBXv1Ne1UhzpUIe8pQ7BZz1AHOfahGDgfCoA51sX6zU
iguNg6PHUOrXU1TFsNwaTYW5uGecIzF+WEI9HevxqKvuA/7sLsJ53soPEyf9nQYt
UuRbM7a/BkBVqDId4VKfuhjY6c3Rkx/utniij5oEpmcwQAwD2qbEk5wFVjs2NrD2
ZLCWQd0jGDIggOZ/ChGKXYz1Mn5EvOX0mf+N4XZcvFSDBlx/OvnVpOIRwQ4okZHS
WW8sGvcNoRFJiaurl6rSz840hB/Gmrw0v4Vh3Mho7swHRPIAyIt8jAnWahOZ3ojY
WI5IbdvKiNAjfSGlJaSEAuAUYfgppSvE67dDqHYMVmVh
-----END CERTIFICATE-----
Generated at Sun Jun 23 11:06:51 2024 by rpki-client on console-fra.rpki-client.org