Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/bb6a7c-31a4-4d33-a853-07cc46e63b50/1/HtwktgawS9kU4817XxNB3GwiZsE.roa
File:                     HtwktgawS9kU4817XxNB3GwiZsE.roa (raw, json)
Hash identifier:          nDyNtxrzg9l75vn3GIkTbPZpzDWx+szYXjJ3OtX8sqE=
Subject key identifier:   1E:DC:24:B6:06:B0:4B:D9:14:E3:CD:7B:5F:13:41:DC:6C:22:66:C1
Certificate issuer:       /CN=e3786587ad47205a81128e578c90caee1e48828b
Certificate serial:       01856F0B3697F8D666E87180D4CA0BF895A9
Authority key identifier: E3:78:65:87:AD:47:20:5A:81:12:8E:57:8C:90:CA:EE:1E:48:82:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/43hlh61HIFqBEo5XjJDK7h5Igos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/bb6a7c-31a4-4d33-a853-07cc46e63b50/1/HtwktgawS9kU4817XxNB3GwiZsE.roa
Signing time:             Sun 01 Jan 2023 20:34:43 +0000
ROA not before:           Sun 01 Jan 2023 20:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200978
IP address blocks:        185.89.228.0/22 maxlen: 22
                          91.227.98.0/23 maxlen: 23
                          2a05:d980::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:36:97:f8:d6:66:e8:71:80:d4:ca:0b:f8:95:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3786587ad47205a81128e578c90caee1e48828b
        Validity
            Not Before: Jan  1 20:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1edc24b606b04bd914e3cd7b5f1341dc6c2266c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:13:03:9e:16:c5:31:8e:b2:88:5b:02:a1:73:
                    aa:c9:84:46:88:e9:ad:eb:6f:2d:e1:f0:b6:af:6e:
                    5a:00:b0:70:6a:8c:32:a1:e8:45:f6:71:5d:20:89:
                    3e:aa:53:71:9b:b1:3c:db:0f:cb:1d:ca:95:26:c3:
                    7c:0e:37:dc:4b:95:7e:d1:70:81:3b:6c:88:68:41:
                    79:c7:e0:5e:63:36:1d:d8:73:9d:f1:c4:f2:8f:32:
                    71:7b:45:d4:8c:ca:07:19:0e:bc:6e:45:31:a6:b6:
                    de:36:2a:73:6f:19:7d:90:a2:02:bc:be:15:eb:86:
                    ab:07:de:69:ec:23:53:f2:ac:b0:02:a5:df:b0:e5:
                    8c:3b:00:04:9f:c3:0e:de:b3:9f:ba:14:0d:5e:96:
                    d2:48:b5:5e:2b:db:e1:44:0e:ce:26:98:79:fe:9b:
                    0e:d0:86:07:60:74:9e:db:d5:f3:0d:7e:d8:6c:81:
                    f7:7c:5c:68:2c:0e:5e:8e:e9:80:55:6c:1d:22:2c:
                    0f:9a:df:02:17:51:62:29:64:2f:b9:41:33:bd:ec:
                    ff:ac:cd:20:3d:87:3e:8e:c2:58:d2:0b:9e:7a:ac:
                    62:9e:49:48:40:2d:a7:cd:1e:86:72:2a:50:e8:b5:
                    57:34:c3:16:e6:67:84:7b:77:4a:c9:b7:a2:f4:cd:
                    48:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:DC:24:B6:06:B0:4B:D9:14:E3:CD:7B:5F:13:41:DC:6C:22:66:C1
            X509v3 Authority Key Identifier:
                keyid:E3:78:65:87:AD:47:20:5A:81:12:8E:57:8C:90:CA:EE:1E:48:82:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43hlh61HIFqBEo5XjJDK7h5Igos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/bb6a7c-31a4-4d33-a853-07cc46e63b50/1/HtwktgawS9kU4817XxNB3GwiZsE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/bb6a7c-31a4-4d33-a853-07cc46e63b50/1/43hlh61HIFqBEo5XjJDK7h5Igos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.227.98.0/23
                  185.89.228.0/22
                IPv6:
                  2a05:d980::/29

    Signature Algorithm: sha256WithRSAEncryption
         a4:d9:e4:ec:4e:ea:6a:2d:21:31:ac:0d:98:54:d0:07:a6:8e:
         60:56:a9:ec:f3:37:fc:38:fb:1a:57:c9:99:10:cb:82:a2:37:
         76:b3:90:5d:8d:9f:9e:75:6d:2c:48:c7:17:82:29:b3:8e:ba:
         71:8e:22:90:61:e4:31:d3:9e:84:e8:d4:d8:97:a6:88:65:17:
         00:5b:79:f3:56:02:fc:36:e7:d4:19:7f:69:16:44:9a:27:9a:
         0f:20:43:11:72:09:93:dd:05:c2:d9:f9:75:1a:db:71:1c:c1:
         a8:0c:37:60:dd:7f:e6:7f:dc:ee:51:d7:27:72:f1:d2:35:e1:
         d3:6c:ea:13:44:17:ae:6b:70:21:6c:23:cd:1f:86:b9:71:da:
         d5:37:ff:cd:e4:b4:cf:01:dd:49:a0:6e:9b:6f:cf:a8:71:ed:
         e6:4c:7e:7b:ec:ae:b9:ad:41:ff:5c:1e:29:19:54:bd:74:e6:
         c0:0e:40:90:32:19:ea:3a:da:ee:35:03:6c:c4:40:db:a0:63:
         ac:08:c3:7b:9a:74:a2:f9:c1:38:ec:f4:f7:d0:fa:3e:5b:e3:
         df:95:6f:34:e3:26:96:de:79:99:0c:56:29:60:6a:1c:e7:10:
         6c:73:49:65:be:9c:99:f7:1b:6e:b0:30:82:b0:74:da:6b:a6:
         80:e4:ad:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvCzaX+NZm6HGA1MoL+JWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzg2NTg3YWQ0NzIwNWE4MTEyOGU1NzhjOTBjYWVlMWU0
ODgyOGIwHhcNMjMwMTAxMjAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRjMjRiNjA2YjA0YmQ5MTRlM2NkN2I1ZjEzNDFkYzZjMjI2NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBMDnhbFMY6yiFsCoXOqyYRGiOmt
628t4fC2r25aALBwaowyoehF9nFdIIk+qlNxm7E82w/LHcqVJsN8DjfcS5V+0XCB
O2yIaEF5x+BeYzYd2HOd8cTyjzJxe0XUjMoHGQ68bkUxprbeNipzbxl9kKICvL4V
64arB95p7CNT8qywAqXfsOWMOwAEn8MO3rOfuhQNXpbSSLVeK9vhRA7OJph5/psO
0IYHYHSe29XzDX7YbIH3fFxoLA5ejumAVWwdIiwPmt8CF1FiKWQvuUEzvez/rM0g
PYc+jsJY0gueeqxinklIQC2nzR6GcipQ6LVXNMMW5meEe3dKybei9M1IhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB7cJLYGsEvZFOPNe18TQdxsImbBMB8GA1UdIwQY
MBaAFON4ZYetRyBagRKOV4yQyu4eSIKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNobGg2MUhJRnFCRW81WGpKREs3aDVJZ29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9iYjZhN2MtMzFhNC00ZDMzLWE4NTMt
MDdjYzQ2ZTYzYjUwLzEvSHR3a3RnYXdTOWtVNDgxN1h4TkIzR3dpWnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9iYjZhN2MtMzFhNC00ZDMzLWE4NTMtMDdjYzQ2ZTYzYjUw
LzEvNDNobGg2MUhJRnFCRW81WGpKREs3aDVJZ29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+NiAwQC
uVnkMA0EAgACMAcDBQMqBdmAMA0GCSqGSIb3DQEBCwUAA4IBAQCk2eTsTupqLSEx
rA2YVNAHpo5gVqns8zf8OPsaV8mZEMuCojd2s5BdjZ+edW0sSMcXgimzjrpxjiKQ
YeQx056E6NTYl6aIZRcAW3nzVgL8NufUGX9pFkSaJ5oPIEMRcgmT3QXC2fl1Gttx
HMGoDDdg3X/mf9zuUdcncvHSNeHTbOoTRBeua3AhbCPNH4a5cdrVN//N5LTPAd1J
oG6bb8+oce3mTH577K65rUH/XB4pGVS9dObADkCQMhnqOtruNQNsxEDboGOsCMN7
mnSi+cE47PT30Po+W+PflW804yaW3nmZDFYpYGoc5xBsc0llvpyZ9xtusDCCsHTa
a6aA5K3d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:20 2024 by rpki-client on console-ams.rpki-client.org