Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2ad44-fe7d-46d9-913e-c794b5f87804/1/hmX9USGnM1y3sq6YmQiRne90ETk.roa
File:                     hmX9USGnM1y3sq6YmQiRne90ETk.roa (raw, json)
Hash identifier:          VixLAoNAVz+D8fX2mnQ4FuAiUN5hGV2DYnKUCibs67Y=
Subject key identifier:   86:65:FD:51:21:A7:33:5C:B7:B2:AE:98:99:08:91:9D:EF:74:11:39
Certificate issuer:       /CN=8df3df971aa7cb25dfb7cb55b29c87bcbe320829
Certificate serial:       01856D8AE7428E8E0881096BB04685E9CEA3
Authority key identifier: 8D:F3:DF:97:1A:A7:CB:25:DF:B7:CB:55:B2:9C:87:BC:BE:32:08:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jfPflxqnyyXft8tVspyHvL4yCCk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/c2ad44-fe7d-46d9-913e-c794b5f87804/1/hmX9USGnM1y3sq6YmQiRne90ETk.roa
Signing time:             Sun 01 Jan 2023 13:34:57 +0000
ROA not before:           Sun 01 Jan 2023 13:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199155
IP address blocks:        193.236.32.0/19 maxlen: 20
                          193.236.64.0/19 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:8a:e7:42:8e:8e:08:81:09:6b:b0:46:85:e9:ce:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8df3df971aa7cb25dfb7cb55b29c87bcbe320829
        Validity
            Not Before: Jan  1 13:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8665fd5121a7335cb7b2ae989908919def741139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:88:61:cc:69:e3:af:01:91:50:b8:59:ec:fd:
                    9b:d8:88:3d:9c:81:78:40:e1:f4:cf:c7:8b:3f:97:
                    76:bc:03:85:41:8a:e4:f2:d6:03:42:c2:0c:3b:c0:
                    d8:8f:99:6e:7f:38:ea:b1:f8:f1:4e:ac:2d:47:5a:
                    dc:4f:2e:c7:19:00:0a:9c:24:d7:09:3b:46:07:34:
                    50:10:a4:57:98:36:17:61:33:5f:53:39:d8:28:61:
                    8d:2d:22:bd:ec:9e:90:29:09:d9:75:db:28:86:df:
                    79:ca:8a:8a:51:43:a7:b5:a1:32:ce:81:64:e0:4d:
                    24:23:68:65:6c:ec:ea:eb:6e:2f:05:a4:1b:ba:7b:
                    16:9f:bd:f6:32:c5:89:79:e8:9e:f2:35:84:69:ed:
                    d3:c0:5c:d3:0d:45:26:a7:e6:ef:c3:bc:fe:af:06:
                    89:e0:09:f8:18:b1:29:d6:8b:c8:e4:3c:b0:89:21:
                    40:f1:b5:93:39:39:56:18:4f:28:70:fd:c4:d0:0a:
                    e7:d2:f3:81:7c:47:c8:ce:fb:ff:04:07:0f:06:08:
                    9e:60:e8:4e:d4:7c:5f:7f:64:cd:5e:12:54:15:ec:
                    83:0f:eb:fe:60:59:cb:c6:94:2d:b4:dd:33:1c:c4:
                    8d:ba:a2:80:24:21:87:92:57:c7:28:56:a7:62:05:
                    0e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:65:FD:51:21:A7:33:5C:B7:B2:AE:98:99:08:91:9D:EF:74:11:39
            X509v3 Authority Key Identifier:
                keyid:8D:F3:DF:97:1A:A7:CB:25:DF:B7:CB:55:B2:9C:87:BC:BE:32:08:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfPflxqnyyXft8tVspyHvL4yCCk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ad44-fe7d-46d9-913e-c794b5f87804/1/hmX9USGnM1y3sq6YmQiRne90ETk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ad44-fe7d-46d9-913e-c794b5f87804/1/jfPflxqnyyXft8tVspyHvL4yCCk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.236.32.0-193.236.95.255

    Signature Algorithm: sha256WithRSAEncryption
         84:37:b7:fd:d9:23:29:d3:e9:5d:10:02:45:ee:23:cc:a7:d2:
         75:a6:ae:1a:ba:2b:fe:7f:ea:c3:29:4e:e2:09:1c:1e:fd:4d:
         a0:d9:be:32:33:c4:30:78:2a:08:9e:34:0c:b2:3c:84:c5:f4:
         47:9b:ad:2f:59:62:b0:33:8a:85:cf:1b:2e:ae:70:19:72:29:
         73:be:12:a9:06:d5:90:21:c3:37:96:43:dd:7a:1f:ce:2d:1f:
         33:76:bb:f2:f4:f2:a6:b5:f6:e0:ff:fa:06:66:19:0a:6c:60:
         f8:01:be:99:37:29:a0:ae:c7:63:50:42:03:be:44:a8:f2:16:
         f9:f3:d5:62:b7:78:34:87:8e:4c:5b:5e:b6:04:9c:92:5a:a6:
         2a:db:b1:f3:80:21:98:70:da:57:39:d9:b1:9b:60:a0:96:2d:
         30:36:9e:b4:98:b1:7d:17:79:c2:34:aa:7b:59:b4:db:f4:58:
         fe:7e:77:5f:84:ba:8b:7a:af:1f:84:71:7c:31:a5:83:87:77:
         d9:d2:dd:02:3d:02:78:49:eb:73:47:8d:b9:ee:d4:ae:06:80:
         cc:e9:cc:b7:8a:6a:83:d4:4a:3a:f3:4d:11:c7:bc:3d:8b:c5:
         be:29:ba:21:ec:fc:e3:95:30:fd:35:5c:b2:b5:d3:e2:ce:d7:
         64:39:ab:bb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtiudCjo4IgQlrsEaF6c6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjNkZjk3MWFhN2NiMjVkZmI3Y2I1NWIyOWM4N2JjYmUz
MjA4MjkwHhcNMjMwMTAxMTMzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY1ZmQ1MTIxYTczMzVjYjdiMmFlOTg5OTA4OTE5ZGVmNzQxMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIhhzGnjrwGRULhZ7P2b2Ig9nIF4
QOH0z8eLP5d2vAOFQYrk8tYDQsIMO8DYj5lufzjqsfjxTqwtR1rcTy7HGQAKnCTX
CTtGBzRQEKRXmDYXYTNfUznYKGGNLSK97J6QKQnZddsoht95yoqKUUOntaEyzoFk
4E0kI2hlbOzq624vBaQbunsWn732MsWJeeie8jWEae3TwFzTDUUmp+bvw7z+rwaJ
4An4GLEp1ovI5DywiSFA8bWTOTlWGE8ocP3E0Arn0vOBfEfIzvv/BAcPBgieYOhO
1Hxff2TNXhJUFeyDD+v+YFnLxpQttN0zHMSNuqKAJCGHklfHKFanYgUO6wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIZl/VEhpzNct7KumJkIkZ3vdBE5MB8GA1UdIwQY
MBaAFI3z35cap8sl37fLVbKch7y+MggpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZQZmx4cW55eVhmdDh0VnNweUh2TDR5Q0NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMmFkNDQtZmU3ZC00NmQ5LTkxM2Ut
Yzc5NGI1Zjg3ODA0LzEvaG1YOVVTR25NMXkzc3E2WW1RaVJuZTkwRVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMmFkNDQtZmU3ZC00NmQ5LTkxM2UtYzc5NGI1Zjg3ODA0
LzEvamZQZmx4cW55eVhmdDh0VnNweUh2TDR5Q0NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXB7CAD
BAXB7EAwDQYJKoZIhvcNAQELBQADggEBAIQ3t/3ZIynT6V0QAkXuI8yn0nWmrhq6
K/5/6sMpTuIJHB79TaDZvjIzxDB4KgieNAyyPITF9EebrS9ZYrAzioXPGy6ucBly
KXO+EqkG1ZAhwzeWQ916H84tHzN2u/L08qa19uD/+gZmGQpsYPgBvpk3KaCux2NQ
QgO+RKjyFvnz1WK3eDSHjkxbXrYEnJJapirbsfOAIZhw2lc52bGbYKCWLTA2nrSY
sX0XecI0qntZtNv0WP5+d1+Euot6rx+EcXwxpYOHd9nS3QI9AnhJ63NHjbnu1K4G
gMzpzLeKaoPUSjrzTRHHvD2Lxb4puiHs/OOVMP01XLK10+LO12Q5q7s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:09 2024 by rpki-client on console-ams.rpki-client.org