Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/2HyQi718HbAD-TGbb96wDstJda0.roa
File:                     2HyQi718HbAD-TGbb96wDstJda0.roa (raw, json)
Hash identifier:          R/XFhA5DoKE0DejbtbKY759T/DIFzmJtznyOX+mU4io=
Subject key identifier:   D8:7C:90:8B:BD:7C:1D:B0:03:F9:31:9B:6F:DE:B0:0E:CB:49:75:AD
Certificate issuer:       /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial:       018F0A5F9AD9A08E459255AE25908AD7E243
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/2HyQi718HbAD-TGbb96wDstJda0.roa
Signing time:             Tue 23 Apr 2024 09:53:08 +0000
ROA not before:           Tue 23 Apr 2024 09:53:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        194.143.214.0/24 maxlen: 24
                          195.114.192.0/24 maxlen: 24
                          195.114.193.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 May 2024 06:05:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:0a:5f:9a:d9:a0:8e:45:92:55:ae:25:90:8a:d7:e2:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
        Validity
            Not Before: Apr 23 09:53:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d87c908bbd7c1db003f9319b6fdeb00ecb4975ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:62:f0:25:ac:d9:fe:30:e6:a2:8f:76:38:06:
                    63:29:95:0e:58:b2:ff:28:c0:6e:67:1f:68:6d:ad:
                    ff:b6:d0:eb:19:bd:c8:0d:98:19:76:5e:7b:44:02:
                    f7:d9:5f:86:ab:7b:de:15:f2:55:a8:0f:96:03:0b:
                    0d:be:36:36:2d:eb:70:b0:1e:27:1b:80:97:3a:7f:
                    0e:d1:0f:78:43:b0:6a:fc:30:e9:56:b4:59:e9:48:
                    a0:2d:1a:ca:75:b8:5a:10:23:15:bd:aa:28:21:5b:
                    7c:fc:58:3e:1a:fd:f9:6b:e6:e2:a3:77:a7:c4:7e:
                    ae:dc:27:87:15:c6:01:84:83:ff:a3:20:ba:51:25:
                    2a:98:de:9b:fb:77:78:7a:35:0a:f9:42:17:97:23:
                    8e:d5:06:f9:78:cf:8d:c2:4e:95:bb:c1:bb:ee:0d:
                    1f:b5:dc:22:ca:c4:a8:35:56:87:48:93:71:49:1c:
                    73:ff:e4:c5:0d:00:34:47:b4:8b:13:18:b5:80:69:
                    3a:c9:7e:58:c7:6f:f3:4d:b0:e8:fa:d5:e0:fd:02:
                    ce:4c:30:e1:9f:5f:82:dc:8c:8d:78:c4:63:ed:76:
                    21:81:30:7f:75:06:9c:7c:71:ae:df:6c:43:9a:16:
                    9d:e9:6e:20:58:fd:c9:81:64:5c:6b:02:87:14:00:
                    64:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:7C:90:8B:BD:7C:1D:B0:03:F9:31:9B:6F:DE:B0:0E:CB:49:75:AD
            X509v3 Authority Key Identifier:
                keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/2HyQi718HbAD-TGbb96wDstJda0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.143.214.0/24
                  195.114.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:29:45:d1:07:92:39:04:fc:e7:aa:6e:ab:91:c6:b1:d9:f7:
         46:91:ad:5f:8e:23:66:c1:be:28:57:9e:2e:25:b3:f6:1f:54:
         b3:33:ff:e3:00:04:79:a3:86:2a:14:26:77:e9:cc:05:4e:2a:
         27:b0:3a:e8:59:ac:1f:af:00:85:54:0f:07:82:72:04:40:8d:
         53:2e:9f:0f:93:b8:88:5e:b5:a0:0e:bf:eb:f1:b3:37:a1:f9:
         08:a9:c9:fa:55:ff:c9:d3:88:a6:d7:81:7c:45:3d:20:57:d3:
         e5:15:3d:ad:fe:b7:35:4a:3d:06:e2:dc:35:2d:ee:c8:f5:d1:
         50:6a:a3:4c:9a:b3:c9:3e:bd:65:cb:b2:7b:a0:e7:d5:6d:b2:
         76:87:b5:5f:8f:8a:88:04:1d:4e:44:6d:3a:29:98:0b:c2:d5:
         b3:8e:f8:bb:b4:31:7a:97:e4:96:d5:c5:40:50:21:ea:7e:8a:
         b6:a3:84:d5:96:03:47:19:0f:02:50:39:ae:7f:87:14:9b:2b:
         3c:9c:3e:c1:a0:cb:82:ff:27:df:11:cb:8b:cf:6e:83:15:17:
         13:4a:92:e9:d7:5c:6d:8f:04:25:18:54:69:b9:fd:b8:18:3d:
         ee:77:c9:8a:5a:44:78:fe:04:32:a0:60:e1:35:c9:59:ea:f3:
         62:fa:59:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8KX5rZoI5FklWuJZCK1+JDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNDIzMDk1MzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODdjOTA4YmJkN2MxZGIwMDNmOTMxOWI2ZmRlYjAwZWNiNDk3NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWLwJazZ/jDmoo92OAZjKZUOWLL/
KMBuZx9oba3/ttDrGb3IDZgZdl57RAL32V+Gq3veFfJVqA+WAwsNvjY2LetwsB4n
G4CXOn8O0Q94Q7Bq/DDpVrRZ6UigLRrKdbhaECMVvaooIVt8/Fg+Gv35a+bio3en
xH6u3CeHFcYBhIP/oyC6USUqmN6b+3d4ejUK+UIXlyOO1Qb5eM+Nwk6Vu8G77g0f
tdwiysSoNVaHSJNxSRxz/+TFDQA0R7SLExi1gGk6yX5Yx2/zTbDo+tXg/QLOTDDh
n1+C3IyNeMRj7XYhgTB/dQacfHGu32xDmhad6W4gWP3JgWRcawKHFABkVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNh8kIu9fB2wA/kxm2/esA7LSXWtMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvMkh5UWk3MThIYkFELVRHYmI5NndEc3RKZGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwo/WAwQB
w3LAMA0GCSqGSIb3DQEBCwUAA4IBAQAoKUXRB5I5BPznqm6rkcax2fdGka1fjiNm
wb4oV54uJbP2H1SzM//jAAR5o4YqFCZ36cwFTionsDroWawfrwCFVA8HgnIEQI1T
Lp8Pk7iIXrWgDr/r8bM3ofkIqcn6Vf/J04im14F8RT0gV9PlFT2t/rc1Sj0G4tw1
Le7I9dFQaqNMmrPJPr1ly7J7oOfVbbJ2h7Vfj4qIBB1ORG06KZgLwtWzjvi7tDF6
l+SW1cVAUCHqfoq2o4TVlgNHGQ8CUDmuf4cUmys8nD7BoMuC/yffEcuLz26DFRcT
SpLp11xtjwQlGFRpuf24GD3ud8mKWkR4/gQyoGDhNclZ6vNi+lnW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:40 2024 by rpki-client on console-ams.rpki-client.org