Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f80dd4-f184-45a8-b58d-66517a3ac19d/1/HPcIHqJYyOBY73rJdQ359Jm5_Rk.roa
File:                     HPcIHqJYyOBY73rJdQ359Jm5_Rk.roa (raw, json)
Hash identifier:          nX5EO5mmD97uoCqjdV2YCYeYNz838yezih4pG4lwI6s=
Subject key identifier:   1C:F7:08:1E:A2:58:C8:E0:58:EF:7A:C9:75:0D:F9:F4:99:B9:FD:19
Certificate issuer:       /CN=d330dcad1e35324549c1c9a19417ab6a4d09ade0
Certificate serial:       01856FC28F1D365E4715B76B53F3FA8AAA8D
Authority key identifier: D3:30:DC:AD:1E:35:32:45:49:C1:C9:A1:94:17:AB:6A:4D:09:AD:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0zDcrR41MkVJwcmhlBerak0JreA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/f80dd4-f184-45a8-b58d-66517a3ac19d/1/HPcIHqJYyOBY73rJdQ359Jm5_Rk.roa
Signing time:             Sun 01 Jan 2023 23:54:59 +0000
ROA not before:           Sun 01 Jan 2023 23:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51195
IP address blocks:        91.216.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:8f:1d:36:5e:47:15:b7:6b:53:f3:fa:8a:aa:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d330dcad1e35324549c1c9a19417ab6a4d09ade0
        Validity
            Not Before: Jan  1 23:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cf7081ea258c8e058ef7ac9750df9f499b9fd19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:20:bd:78:f0:b4:41:e6:b9:7b:32:a1:1a:5b:
                    49:90:d4:37:49:86:a0:8d:66:b1:5d:2d:76:32:91:
                    62:e9:39:a9:fd:4c:e8:04:b7:00:70:2d:a8:c6:51:
                    0a:8b:c8:89:de:c2:6c:f0:1f:2e:01:31:9a:82:7c:
                    b0:94:cc:51:06:f8:24:aa:c3:f2:38:52:70:db:8d:
                    db:fe:2a:f5:f8:e9:b7:ea:7c:c1:9e:50:47:2a:73:
                    91:fa:18:fc:1d:c4:36:10:8a:7c:7f:93:0c:b0:9b:
                    17:4d:8b:82:5e:61:48:6e:9b:56:ae:56:fb:83:c0:
                    f2:bb:bd:5b:11:a8:ae:13:a3:8e:f7:95:26:6b:2b:
                    d6:17:90:0a:88:b5:06:46:b5:4a:1e:60:aa:a1:81:
                    18:a9:56:d9:cd:1a:a1:e6:9a:d2:1f:53:92:30:88:
                    2e:d5:c8:4b:8e:f1:94:95:87:f7:92:f9:9d:c3:1e:
                    52:f9:4b:a5:27:98:2c:56:19:fc:22:64:de:bf:8b:
                    a6:61:b1:7c:44:63:ec:c0:9e:61:71:0b:1f:dc:b9:
                    db:66:8b:ba:b8:21:d0:f6:02:23:34:dd:be:1b:9f:
                    4a:07:77:ba:4e:d7:a0:23:25:90:20:4b:8f:a3:85:
                    e7:6b:54:6d:7c:e2:af:43:7e:c7:c9:21:4f:58:f3:
                    e0:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:F7:08:1E:A2:58:C8:E0:58:EF:7A:C9:75:0D:F9:F4:99:B9:FD:19
            X509v3 Authority Key Identifier:
                keyid:D3:30:DC:AD:1E:35:32:45:49:C1:C9:A1:94:17:AB:6A:4D:09:AD:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zDcrR41MkVJwcmhlBerak0JreA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f80dd4-f184-45a8-b58d-66517a3ac19d/1/HPcIHqJYyOBY73rJdQ359Jm5_Rk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f80dd4-f184-45a8-b58d-66517a3ac19d/1/0zDcrR41MkVJwcmhlBerak0JreA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:f2:49:e7:df:f4:a5:d2:01:46:99:d8:dd:a1:2d:77:82:6c:
         41:4a:26:2c:a3:56:84:30:9a:be:a6:63:d8:41:01:35:6f:aa:
         3a:7e:8a:1e:a3:4d:d5:50:03:f7:bf:50:77:2e:df:bc:aa:66:
         e5:a8:d6:78:9f:be:13:04:f6:6c:85:eb:3b:f8:c2:11:d5:d6:
         53:1e:01:34:f4:e6:ff:7b:5a:a1:d0:e4:6d:ec:aa:d2:0a:19:
         5f:e3:02:a8:98:72:b4:d5:c7:78:de:70:7b:94:46:95:45:36:
         e5:a7:ab:34:5c:8e:10:f9:50:0b:c1:38:9c:ac:25:1b:54:ca:
         ad:6b:84:99:fc:7d:45:a5:21:40:b9:e8:24:89:ee:78:19:3a:
         4f:ab:4a:28:87:0b:d6:a7:97:44:d1:38:97:48:12:ad:38:18:
         e7:b4:d6:3f:0d:8b:9f:88:2e:78:33:70:36:04:68:7d:1a:c8:
         88:70:c0:7d:2d:8e:6c:c5:6e:fd:51:53:2e:5d:3b:6c:eb:1e:
         8e:12:80:ff:6f:05:60:51:65:ac:bb:52:42:6c:db:1f:cf:45:
         41:23:30:5b:a7:f2:6b:d6:a8:d9:c2:93:92:4d:74:71:6b:1e:
         be:79:05:87:92:9c:d1:40:e6:41:5e:03:4b:ae:f7:7b:1a:43:
         1a:5f:5a:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwo8dNl5HFbdrU/P6iqqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMzBkY2FkMWUzNTMyNDU0OWMxYzlhMTk0MTdhYjZhNGQw
OWFkZTAwHhcNMjMwMTAxMjM1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Y3MDgxZWEyNThjOGUwNThlZjdhYzk3NTBkZjlmNDk5YjlmZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSC9ePC0Qea5ezKhGltJkNQ3SYag
jWaxXS12MpFi6Tmp/UzoBLcAcC2oxlEKi8iJ3sJs8B8uATGagnywlMxRBvgkqsPy
OFJw243b/ir1+Om36nzBnlBHKnOR+hj8HcQ2EIp8f5MMsJsXTYuCXmFIbptWrlb7
g8Dyu71bEaiuE6OO95UmayvWF5AKiLUGRrVKHmCqoYEYqVbZzRqh5prSH1OSMIgu
1chLjvGUlYf3kvmdwx5S+UulJ5gsVhn8ImTev4umYbF8RGPswJ5hcQsf3LnbZou6
uCHQ9gIjNN2+G59KB3e6TtegIyWQIEuPo4Xna1RtfOKvQ37HySFPWPPg4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBz3CB6iWMjgWO96yXUN+fSZuf0ZMB8GA1UdIwQY
MBaAFNMw3K0eNTJFScHJoZQXq2pNCa3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHpEY3JSNDFNa1ZKd2NtaGxCZXJhazBKcmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mODBkZDQtZjE4NC00NWE4LWI1OGQt
NjY1MTdhM2FjMTlkLzEvSFBjSUhxSll5T0JZNzNySmRRMzU5Sm01X1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mODBkZDQtZjE4NC00NWE4LWI1OGQtNjY1MTdhM2FjMTlk
LzEvMHpEY3JSNDFNa1ZKd2NtaGxCZXJhazBKcmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9jHMA0G
CSqGSIb3DQEBCwUAA4IBAQA58knn3/Sl0gFGmdjdoS13gmxBSiYso1aEMJq+pmPY
QQE1b6o6fooeo03VUAP3v1B3Lt+8qmblqNZ4n74TBPZshes7+MIR1dZTHgE09Ob/
e1qh0ORt7KrSChlf4wKomHK01cd43nB7lEaVRTblp6s0XI4Q+VALwTicrCUbVMqt
a4SZ/H1FpSFAuegkie54GTpPq0oohwvWp5dE0TiXSBKtOBjntNY/DYufiC54M3A2
BGh9GsiIcMB9LY5sxW79UVMuXTts6x6OEoD/bwVgUWWsu1JCbNsfz0VBIzBbp/Jr
1qjZwpOSTXRxax6+eQWHkpzRQOZBXgNLrvd7GkMaX1pq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:35 2024 by rpki-client on console-fra.rpki-client.org