Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/HFPuiGdxbFTj3gLO2n0aemL9mSE.roa
File:                     HFPuiGdxbFTj3gLO2n0aemL9mSE.roa (raw, json)
Hash identifier:          Q1g2vD1c2bVaIr6TX9Cj7XFJ2+opJE/ZbJuWHiOHn5g=
Subject key identifier:   1C:53:EE:88:67:71:6C:54:E3:DE:02:CE:DA:7D:1A:7A:62:FD:99:21
Certificate issuer:       /CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Certificate serial:       018CC3B71FC709F61714E5A2E03A6F94EC0D
Authority key identifier: D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/HFPuiGdxbFTj3gLO2n0aemL9mSE.roa
Signing time:             Mon 01 Jan 2024 06:30:07 +0000
ROA not before:           Mon 01 Jan 2024 06:30:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     32787
IP address blocks:        89.147.32.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 04 Jan 2024 11:27:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:1f:c7:09:f6:17:14:e5:a2:e0:3a:6f:94:ec:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
        Validity
            Not Before: Jan  1 06:30:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1c53ee8867716c54e3de02ceda7d1a7a62fd9921
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f9:76:f2:3b:8a:30:34:80:9d:0a:3d:16:6e:
                    c7:ac:87:1d:53:76:37:0e:4c:e5:8a:94:dd:c5:5b:
                    be:6a:96:b3:d3:6d:75:73:6c:e8:58:58:32:90:17:
                    74:b2:1a:26:e1:2d:4b:8d:9f:cc:d9:df:35:d1:eb:
                    df:f2:ea:90:2c:2a:4c:ad:d7:9e:92:0a:04:04:9e:
                    5c:11:6e:29:23:4c:13:f5:d5:62:b5:2c:cf:b5:1f:
                    36:59:3e:a4:f6:26:d8:35:2e:e1:a8:fc:32:da:45:
                    a7:79:f0:b1:2a:4e:8a:11:c1:4f:ad:de:ca:da:1c:
                    9e:5b:a6:43:6e:fb:cc:20:d8:6e:12:eb:3e:f5:d5:
                    2e:79:9e:ef:6a:ae:1d:b1:4e:bb:83:4f:2c:39:ba:
                    84:0a:8d:0a:69:a2:4b:09:89:3c:22:2e:fd:f7:4d:
                    37:66:b0:41:49:33:b5:c8:75:c8:5a:91:e6:66:bb:
                    24:12:d8:1a:b9:46:23:d7:66:b9:3b:93:39:2b:8f:
                    34:08:21:b2:82:96:29:bf:28:27:06:a6:14:fe:35:
                    a5:47:00:d0:95:36:2a:79:1e:29:77:11:78:80:ac:
                    be:88:52:e2:fe:20:57:e0:e3:b9:3d:2e:c3:a0:a6:
                    ba:c6:8b:22:d2:27:98:2b:d1:1f:72:47:98:6c:42:
                    0a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:53:EE:88:67:71:6C:54:E3:DE:02:CE:DA:7D:1A:7A:62:FD:99:21
            X509v3 Authority Key Identifier:
                keyid:D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/HFPuiGdxbFTj3gLO2n0aemL9mSE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.147.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0b:f4:ec:19:ce:2c:97:ad:b9:a9:14:df:02:94:6a:fd:04:cd:
         15:41:59:20:3e:5f:a8:02:c3:f2:dd:4a:c5:2e:a9:ae:f5:13:
         64:69:26:97:98:52:d0:64:f5:c4:e5:dc:79:7a:6b:a0:79:70:
         16:02:c5:86:6d:8f:c9:92:89:cd:f6:a9:52:2c:e6:23:ab:8b:
         74:a1:fc:b0:3a:8c:82:60:e3:52:0e:21:84:ec:ea:ea:7c:1e:
         00:be:50:f3:59:3f:00:ff:95:73:20:3f:40:60:23:fd:33:bf:
         52:0d:30:8a:6e:ad:80:01:c8:d1:2f:2d:98:d2:9d:8e:dc:04:
         8b:14:76:de:86:56:3c:9d:7c:90:33:fe:d8:8e:1f:8b:35:38:
         5f:c4:df:83:f7:4f:be:2b:26:21:9d:5a:e5:7e:9b:33:b5:e4:
         bc:56:2b:58:37:01:a3:cc:42:f5:0a:ae:19:d6:0e:51:ff:30:
         84:78:a4:24:9a:6f:9c:c1:ce:d3:cc:30:b9:8c:1d:21:27:a6:
         9a:9b:1a:0a:65:37:29:ea:cc:48:07:24:2f:8e:d7:86:49:09:
         31:f0:ca:a9:01:cc:ae:3d:21:7a:2e:26:70:4a:51:d3:54:b1:
         e6:76:70:7c:65:c0:ab:30:94:7e:17:31:90:ad:b7:21:b0:87:
         06:e8:7c:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtx/HCfYXFOWi4DpvlOwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZDA2NzRiZDZmMGNjOTE3NTIxOWEzMjhjOGIzOTY4Mjlm
NmMwYWYwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzUzZWU4ODY3NzE2YzU0ZTNkZTAyY2VkYTdkMWE3YTYyZmQ5OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvl28juKMDSAnQo9Fm7HrIcdU3Y3
DkzlipTdxVu+apaz0211c2zoWFgykBd0shom4S1LjZ/M2d810evf8uqQLCpMrdee
kgoEBJ5cEW4pI0wT9dVitSzPtR82WT6k9ibYNS7hqPwy2kWnefCxKk6KEcFPrd7K
2hyeW6ZDbvvMINhuEus+9dUueZ7vaq4dsU67g08sObqECo0KaaJLCYk8Ii799003
ZrBBSTO1yHXIWpHmZrskEtgauUYj12a5O5M5K480CCGygpYpvygnBqYU/jWlRwDQ
lTYqeR4pdxF4gKy+iFLi/iBX4OO5PS7DoKa6xosi0ieYK9EfckeYbEIKbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxT7ohncWxU494Cztp9Gnpi/ZkhMB8GA1UdIwQY
MBaAFNfQZ0vW8MyRdSGaMoyLOWgp9sCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2It
ODIzMmZhM2U2MjlkLzEvSEZQdWlHZHhiRlRqM2dMTzJuMGFlbUw5bVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2ItODIzMmZhM2U2Mjlk
LzEvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWZMgMA0G
CSqGSIb3DQEBCwUAA4IBAQAL9OwZziyXrbmpFN8ClGr9BM0VQVkgPl+oAsPy3UrF
Lqmu9RNkaSaXmFLQZPXE5dx5emugeXAWAsWGbY/JkonN9qlSLOYjq4t0ofywOoyC
YONSDiGE7OrqfB4AvlDzWT8A/5VzID9AYCP9M79SDTCKbq2AAcjRLy2Y0p2O3ASL
FHbehlY8nXyQM/7Yjh+LNThfxN+D90++KyYhnVrlfpszteS8VitYNwGjzEL1Cq4Z
1g5R/zCEeKQkmm+cwc7TzDC5jB0hJ6aamxoKZTcp6sxIByQvjteGSQkx8MqpAcyu
PSF6LiZwSlHTVLHmdnB8ZcCrMJR+FzGQrbchsIcG6Hy+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:21 2024 by rpki-client on console-fra.rpki-client.org