Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d4d519-e774-415a-93ab-3956e56c1835/1/HasnfR6m_f3i_QecJGU2gj52-F0.roa
File:                     HasnfR6m_f3i_QecJGU2gj52-F0.roa (raw, json)
Hash identifier:          6BoNSjM5ciRe/tkbJo6FSl97OoWwPIGmVlnDqdjvPvs=
Subject key identifier:   1D:AB:27:7D:1E:A6:FD:FD:E2:FD:07:9C:24:65:36:82:3E:76:F8:5D
Certificate issuer:       /CN=74a8d8472906c2038aaec84c7b3e56c2096be860
Certificate serial:       01856EC21CEE329CEB1CD14B388DF215A75D
Authority key identifier: 74:A8:D8:47:29:06:C2:03:8A:AE:C8:4C:7B:3E:56:C2:09:6B:E8:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dKjYRykGwgOKrshMez5Wwglr6GA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/d4d519-e774-415a-93ab-3956e56c1835/1/HasnfR6m_f3i_QecJGU2gj52-F0.roa
Signing time:             Sun 01 Jan 2023 19:14:53 +0000
ROA not before:           Sun 01 Jan 2023 19:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212493
IP address blocks:        193.163.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c2:1c:ee:32:9c:eb:1c:d1:4b:38:8d:f2:15:a7:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74a8d8472906c2038aaec84c7b3e56c2096be860
        Validity
            Not Before: Jan  1 19:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1dab277d1ea6fdfde2fd079c246536823e76f85d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:55:89:62:e0:a5:e5:57:00:a4:fa:21:73:d8:
                    ac:6b:19:14:a9:ca:94:1e:ff:5c:42:fe:fa:2a:7a:
                    26:6a:c5:97:24:0d:98:d2:58:c0:8e:d4:cb:48:64:
                    63:ee:76:38:bd:2e:cb:aa:a1:bb:62:93:aa:d3:69:
                    07:02:94:ad:07:e0:b0:ce:42:7c:ec:dd:dd:a5:ea:
                    85:44:d6:c0:4b:cb:dc:5e:e1:06:b4:f9:02:7f:4e:
                    af:94:07:f4:b5:72:b1:f4:fb:2b:ed:58:3f:4d:55:
                    21:38:4e:40:26:2e:7e:14:fa:3f:89:4b:8a:83:74:
                    82:6f:a9:50:41:de:a1:7c:b6:a0:02:31:91:2e:5d:
                    90:0d:48:23:f5:bd:81:a7:52:87:5f:e0:ea:79:32:
                    06:e8:64:dc:d6:92:7d:2d:00:71:8e:85:05:12:87:
                    8e:94:87:79:d7:68:74:92:3e:51:a5:44:fe:86:d2:
                    77:f4:a7:f0:3a:13:51:0b:0e:40:41:bb:8b:b3:7e:
                    5a:c6:19:e1:ce:47:63:8a:46:84:a6:96:e6:f3:79:
                    c3:de:80:00:0f:9f:87:37:a2:e3:f4:b0:2d:ab:60:
                    99:a7:52:c4:95:79:6c:12:d7:e6:19:28:27:b5:80:
                    7d:95:61:96:8a:af:e8:89:33:d3:e1:08:bb:8d:b6:
                    73:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:AB:27:7D:1E:A6:FD:FD:E2:FD:07:9C:24:65:36:82:3E:76:F8:5D
            X509v3 Authority Key Identifier:
                keyid:74:A8:D8:47:29:06:C2:03:8A:AE:C8:4C:7B:3E:56:C2:09:6B:E8:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKjYRykGwgOKrshMez5Wwglr6GA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d4d519-e774-415a-93ab-3956e56c1835/1/HasnfR6m_f3i_QecJGU2gj52-F0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d4d519-e774-415a-93ab-3956e56c1835/1/dKjYRykGwgOKrshMez5Wwglr6GA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.163.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:c1:1f:81:b4:c2:e4:27:67:23:37:36:72:a4:30:58:64:85:
         67:ef:a3:1b:95:d0:07:72:1c:dd:86:26:53:03:c5:0c:c2:dc:
         c0:47:1c:83:b1:d6:2b:50:92:ef:6f:ee:3c:25:19:9c:8e:23:
         ae:26:97:81:9e:2e:20:55:35:b7:cd:03:4d:dd:30:18:63:41:
         01:04:ec:e8:db:68:a4:fa:82:2b:7d:67:17:20:85:db:d0:a7:
         f2:ae:d4:76:05:93:80:7f:32:d2:69:92:47:e5:3a:24:fc:33:
         fe:74:8a:7a:23:16:ec:2c:5a:32:b6:80:60:2b:ff:ff:43:c3:
         01:ef:8c:8d:77:cc:9e:6a:ef:68:be:22:64:24:6b:fe:f0:39:
         14:a8:6f:db:14:00:7c:8d:3c:15:ce:78:bd:89:81:7a:ff:ec:
         c2:30:c4:f8:35:01:67:87:48:d3:2b:6e:0a:52:2c:1c:c9:71:
         59:9f:8f:26:00:31:84:1b:92:25:59:59:86:ff:09:d4:25:c1:
         95:31:1c:f1:24:5a:a8:c0:78:24:91:16:e2:0f:5c:4b:77:65:
         16:75:1f:e3:fa:bc:ff:92:1e:a5:2b:05:1e:39:be:55:3a:89:
         2d:5a:b3:1a:0b:54:57:47:e6:af:1c:4b:a8:9f:44:af:00:ef:
         fc:94:3c:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwhzuMpzrHNFLOI3yFaddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YThkODQ3MjkwNmMyMDM4YWFlYzg0YzdiM2U1NmMyMDk2
YmU4NjAwHhcNMjMwMTAxMTkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFiMjc3ZDFlYTZmZGZkZTJmZDA3OWMyNDY1MzY4MjNlNzZmODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVWJYuCl5VcApPohc9isaxkUqcqU
Hv9cQv76KnomasWXJA2Y0ljAjtTLSGRj7nY4vS7LqqG7YpOq02kHApStB+CwzkJ8
7N3dpeqFRNbAS8vcXuEGtPkCf06vlAf0tXKx9Psr7Vg/TVUhOE5AJi5+FPo/iUuK
g3SCb6lQQd6hfLagAjGRLl2QDUgj9b2Bp1KHX+DqeTIG6GTc1pJ9LQBxjoUFEoeO
lId512h0kj5RpUT+htJ39KfwOhNRCw5AQbuLs35axhnhzkdjikaEppbm83nD3oAA
D5+HN6Lj9LAtq2CZp1LElXlsEtfmGSgntYB9lWGWiq/oiTPT4Qi7jbZzXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2rJ30epv394v0HnCRlNoI+dvhdMB8GA1UdIwQY
MBaAFHSo2EcpBsIDiq7ITHs+VsIJa+hgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtqWVJ5a0d3Z09LcnNoTWV6NVd3Z2xyNkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kNGQ1MTktZTc3NC00MTVhLTkzYWIt
Mzk1NmU1NmMxODM1LzEvSGFzbmZSNm1fZjNpX1FlY0pHVTJnajUyLUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kNGQ1MTktZTc3NC00MTVhLTkzYWItMzk1NmU1NmMxODM1
LzEvZEtqWVJ5a0d3Z09LcnNoTWV6NVd3Z2xyNkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaMxMA0G
CSqGSIb3DQEBCwUAA4IBAQCwwR+BtMLkJ2cjNzZypDBYZIVn76MbldAHchzdhiZT
A8UMwtzARxyDsdYrUJLvb+48JRmcjiOuJpeBni4gVTW3zQNN3TAYY0EBBOzo22ik
+oIrfWcXIIXb0KfyrtR2BZOAfzLSaZJH5Tok/DP+dIp6IxbsLFoytoBgK///Q8MB
74yNd8yeau9oviJkJGv+8DkUqG/bFAB8jTwVzni9iYF6/+zCMMT4NQFnh0jTK24K
UiwcyXFZn48mADGEG5IlWVmG/wnUJcGVMRzxJFqowHgkkRbiD1xLd2UWdR/j+rz/
kh6lKwUeOb5VOoktWrMaC1RXR+avHEuon0SvAO/8lDxw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:41 2024 by rpki-client on console-ams.rpki-client.org