Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/HQth4cuDD4kHbbDU8qxN_TImFKc.roa
File:                     HQth4cuDD4kHbbDU8qxN_TImFKc.roa (raw, json)
Hash identifier:          phQSlkmMv7SVANw8/yWQNMKeDOdQMTWA8hD3D0s4aEI=
Subject key identifier:   1D:0B:61:E1:CB:83:0F:89:07:6D:B0:D4:F2:AC:4D:FD:32:26:14:A7
Certificate issuer:       /CN=3ed42a0487705606015e5a30da1e70f407e59e99
Certificate serial:       01856E8B1A5BE909398491E2A7ABAB6DD896
Authority key identifier: 3E:D4:2A:04:87:70:56:06:01:5E:5A:30:DA:1E:70:F4:07:E5:9E:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtQqBIdwVgYBXlow2h5w9Aflnpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/HQth4cuDD4kHbbDU8qxN_TImFKc.roa
Signing time:             Sun 01 Jan 2023 18:14:48 +0000
ROA not before:           Sun 01 Jan 2023 18:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2848
IP address blocks:        93.180.0.0/18 maxlen: 18
                          188.44.32.0/19 maxlen: 19
                          89.249.160.0/20 maxlen: 20
                          2a00:f480::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:1a:5b:e9:09:39:84:91:e2:a7:ab:ab:6d:d8:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed42a0487705606015e5a30da1e70f407e59e99
        Validity
            Not Before: Jan  1 18:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d0b61e1cb830f89076db0d4f2ac4dfd322614a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f4:ef:6a:ce:f1:41:94:97:9b:21:15:84:cf:
                    0a:6a:eb:31:f4:77:ee:2b:0b:8d:38:16:87:a3:13:
                    c9:9c:86:db:f3:1c:e8:3e:20:69:22:e7:fa:6f:ba:
                    11:c0:cf:c4:0e:94:6e:d5:48:d3:a2:64:cb:3f:d3:
                    48:cd:5b:02:e5:66:05:44:46:24:13:2f:e9:2a:0d:
                    b6:22:86:f9:44:a0:de:f6:0f:f1:c7:6f:c5:f0:52:
                    bb:10:0e:70:c1:d3:33:aa:52:bb:69:bc:0c:f2:b6:
                    2b:49:a5:36:ed:92:82:0c:73:8c:4f:44:9c:6f:38:
                    09:0a:57:ee:3b:9d:e5:a4:7e:27:bf:1d:6a:62:56:
                    0b:02:45:91:95:31:60:23:52:be:ac:4c:6b:8c:9e:
                    63:8e:4d:51:3e:cb:b2:7a:08:f3:f8:f4:22:f0:d4:
                    79:fb:0f:25:00:24:fb:b5:e6:54:c1:a9:2e:b3:88:
                    32:92:d1:28:d3:ab:a1:e1:ce:ca:57:e9:6b:9c:f3:
                    8d:cc:29:e1:0d:e0:37:53:c3:76:74:2a:13:65:73:
                    21:84:ea:00:15:29:72:6d:86:3e:cf:71:e1:98:de:
                    e0:dd:3b:98:ae:39:4f:3e:14:bd:ef:dd:3f:8f:d0:
                    8e:16:75:2a:91:b3:22:01:79:26:59:43:3e:69:a4:
                    b3:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:0B:61:E1:CB:83:0F:89:07:6D:B0:D4:F2:AC:4D:FD:32:26:14:A7
            X509v3 Authority Key Identifier:
                keyid:3E:D4:2A:04:87:70:56:06:01:5E:5A:30:DA:1E:70:F4:07:E5:9E:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtQqBIdwVgYBXlow2h5w9Aflnpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/HQth4cuDD4kHbbDU8qxN_TImFKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/PtQqBIdwVgYBXlow2h5w9Aflnpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.249.160.0/20
                  93.180.0.0/18
                  188.44.32.0/19
                IPv6:
                  2a00:f480::/32

    Signature Algorithm: sha256WithRSAEncryption
         5b:c2:e8:13:59:25:71:8f:a7:72:f7:b3:39:b4:5d:6e:1a:56:
         06:cf:e2:92:f7:8b:40:d8:3e:98:82:94:2f:ed:52:13:a5:ee:
         87:fa:6c:99:8a:44:62:1f:f9:90:2e:be:71:6d:82:85:5d:d7:
         1e:59:4c:6e:78:a0:2d:f6:31:55:49:27:f6:ff:75:98:99:1b:
         94:87:14:98:bc:0a:1b:01:4f:8b:9e:b1:f0:3b:be:98:55:28:
         70:c3:b0:f7:b1:ab:85:f5:2a:60:a7:8b:93:cf:f2:f1:17:72:
         99:d1:ac:81:61:1c:25:bc:12:bc:70:42:1d:46:40:30:84:73:
         ac:5b:ec:34:c7:74:45:34:ca:3b:95:98:b8:7d:e9:ce:3a:76:
         eb:1d:ea:b7:bd:b5:e1:52:b5:9e:a0:5d:2c:72:a6:34:71:03:
         ba:29:4b:d7:76:12:6b:9e:06:b6:8f:16:fb:66:5a:33:04:59:
         4d:84:33:17:82:c2:89:b5:cd:74:c4:e4:2b:b4:08:7f:27:d1:
         57:31:bc:ca:c0:8d:8e:1b:a8:cb:f1:45:07:5c:6d:bc:e4:c6:
         5b:57:8b:59:62:a9:2a:62:e5:4c:02:aa:e8:3e:80:33:21:83:
         5e:4d:2d:d9:b4:a0:43:d3:48:8e:5f:fa:81:51:ff:35:a5:5f:
         08:b2:c8:3a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuixpb6Qk5hJHip6urbdiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDQyYTA0ODc3MDU2MDYwMTVlNWEzMGRhMWU3MGY0MDdl
NTllOTkwHhcNMjMwMTAxMTgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBiNjFlMWNiODMwZjg5MDc2ZGIwZDRmMmFjNGRmZDMyMjYxNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPTvas7xQZSXmyEVhM8Kausx9Hfu
KwuNOBaHoxPJnIbb8xzoPiBpIuf6b7oRwM/EDpRu1UjTomTLP9NIzVsC5WYFREYk
Ey/pKg22Iob5RKDe9g/xx2/F8FK7EA5wwdMzqlK7abwM8rYrSaU27ZKCDHOMT0Sc
bzgJClfuO53lpH4nvx1qYlYLAkWRlTFgI1K+rExrjJ5jjk1RPsuyegjz+PQi8NR5
+w8lACT7teZUwakus4gyktEo06uh4c7KV+lrnPONzCnhDeA3U8N2dCoTZXMhhOoA
FSlybYY+z3HhmN7g3TuYrjlPPhS9790/j9COFnUqkbMiAXkmWUM+aaSzJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB0LYeHLgw+JB22w1PKsTf0yJhSnMB8GA1UdIwQY
MBaAFD7UKgSHcFYGAV5aMNoecPQH5Z6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRRcUJJZHdWZ1lCWGxvdzJoNXc5QWZsbnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mYzkzYjEtMDY0ZS00NGFiLTkwZGEt
ODI2MjUzOWRlNDZmLzEvSFF0aDRjdURENGtIYmJEVThxeE5fVEltRktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mYzkzYjEtMDY0ZS00NGFiLTkwZGEtODI2MjUzOWRlNDZm
LzEvUHRRcUJJZHdWZ1lCWGxvdzJoNXc5QWZsbnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEWfmgAwQG
XbQAAwQFvCwgMA0EAgACMAcDBQAqAPSAMA0GCSqGSIb3DQEBCwUAA4IBAQBbwugT
WSVxj6dy97M5tF1uGlYGz+KS94tA2D6YgpQv7VITpe6H+myZikRiH/mQLr5xbYKF
XdceWUxueKAt9jFVSSf2/3WYmRuUhxSYvAobAU+LnrHwO76YVShww7D3sauF9Spg
p4uTz/LxF3KZ0ayBYRwlvBK8cEIdRkAwhHOsW+w0x3RFNMo7lZi4fenOOnbrHeq3
vbXhUrWeoF0scqY0cQO6KUvXdhJrnga2jxb7ZlozBFlNhDMXgsKJtc10xOQrtAh/
J9FXMbzKwI2OG6jL8UUHXG285MZbV4tZYqkqYuVMAqroPoAzIYNeTS3ZtKBD00iO
X/qBUf81pV8Issg6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:30 2024 by rpki-client on console-fra.rpki-client.org