Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/HzIj5CRTXAoMCKzi7XvnOTIRHjE.roa
File:                     HzIj5CRTXAoMCKzi7XvnOTIRHjE.roa (raw, json)
Hash identifier:          IIk2oBLGgY0974qAW58oiSnADyZRz0UkNQ836wJ+O0c=
Subject key identifier:   1F:32:23:E4:24:53:5C:0A:0C:08:AC:E2:ED:7B:E7:39:32:11:1E:31
Certificate issuer:       /CN=a07dcb6db9a75c1017fee672f73b961771b77ca1
Certificate serial:       01856F66D75680F68B485627F9A4DB13E472
Authority key identifier: A0:7D:CB:6D:B9:A7:5C:10:17:FE:E6:72:F7:3B:96:17:71:B7:7C:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oH3LbbmnXBAX_uZy9zuWF3G3fKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/HzIj5CRTXAoMCKzi7XvnOTIRHjE.roa
Signing time:             Sun 01 Jan 2023 22:14:48 +0000
ROA not before:           Sun 01 Jan 2023 22:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212472
IP address blocks:        213.163.252.0/23 maxlen: 24
                          2a12:acc0::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 07 Mar 2023 20:05:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:d7:56:80:f6:8b:48:56:27:f9:a4:db:13:e4:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a07dcb6db9a75c1017fee672f73b961771b77ca1
        Validity
            Not Before: Jan  1 22:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f3223e424535c0a0c08ace2ed7be73932111e31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:38:64:4c:fd:32:01:ea:76:47:b2:ef:7d:cd:
                    e5:d6:c3:36:1f:c3:33:61:8b:38:3d:25:6f:db:5f:
                    67:5b:f3:cf:92:1e:29:1a:8b:51:2f:33:ee:29:81:
                    8f:2c:a2:96:87:b8:97:a1:60:32:3a:6d:40:f4:49:
                    40:c0:6a:bd:57:0c:64:97:b4:db:7f:22:33:bc:64:
                    f7:e4:a2:04:b7:25:03:ad:aa:8f:be:e1:cd:6b:06:
                    43:24:4e:72:d4:8a:ec:35:e2:27:dd:b0:a7:8e:c5:
                    ee:cb:26:f8:07:75:38:77:ab:8f:66:3a:56:74:59:
                    be:61:9f:88:3d:56:1f:38:84:87:8e:f8:b5:fb:44:
                    46:62:29:91:a5:66:0e:f3:2c:eb:31:8c:9f:c2:0d:
                    2a:e5:7c:1f:bd:a0:58:6d:78:5b:94:6b:f8:75:8b:
                    99:69:63:89:80:a2:dc:13:f8:22:c5:7a:6d:5f:39:
                    8f:6b:e8:74:f5:ec:8f:7b:1b:e6:7c:87:9b:ac:62:
                    0b:d1:9b:e6:11:b9:57:43:b8:14:74:54:ca:cd:57:
                    b3:03:ee:18:e1:05:e1:fc:6a:c4:b3:39:3c:d1:90:
                    76:72:e2:01:d3:22:e6:bf:9c:8e:a8:2f:f7:e2:b9:
                    6d:b2:d8:fd:54:0f:43:72:60:20:c3:dc:96:29:df:
                    1f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:32:23:E4:24:53:5C:0A:0C:08:AC:E2:ED:7B:E7:39:32:11:1E:31
            X509v3 Authority Key Identifier:
                keyid:A0:7D:CB:6D:B9:A7:5C:10:17:FE:E6:72:F7:3B:96:17:71:B7:7C:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oH3LbbmnXBAX_uZy9zuWF3G3fKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/HzIj5CRTXAoMCKzi7XvnOTIRHjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/oH3LbbmnXBAX_uZy9zuWF3G3fKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.163.252.0/23
                IPv6:
                  2a12:acc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         4a:ec:57:36:8c:83:9b:c3:ad:36:3e:49:45:8a:84:50:07:f1:
         aa:f7:37:69:6b:9d:85:29:20:79:c0:d5:e7:8f:6e:73:1c:fb:
         da:28:f0:6f:bf:a0:24:d4:78:7d:e3:d8:31:39:f6:c6:ff:4b:
         23:f4:f3:fa:f3:b5:cd:f8:4a:4a:ce:ea:51:25:1c:70:7e:c4:
         dd:0a:53:8c:7f:3b:bc:41:45:01:61:74:57:e6:a8:64:55:38:
         fc:ae:2c:2b:1e:8f:5a:e5:06:15:4a:5b:d3:f4:96:37:15:0b:
         5c:9b:f2:4b:9d:d8:36:cc:70:62:15:96:d7:d0:76:06:bf:28:
         68:9b:95:5f:05:53:4d:a9:35:99:90:79:d3:b9:a3:33:e8:01:
         66:74:3c:f0:8c:43:61:0b:fc:15:cf:e5:3e:72:8b:14:f3:a0:
         8a:0d:89:ea:0a:6c:7e:60:1b:56:2f:6c:3c:97:97:07:82:b6:
         c2:1b:0b:d5:f3:41:cd:8f:56:1e:16:18:81:a4:b3:7d:e2:c8:
         15:66:88:52:ef:87:57:2b:85:53:14:80:59:8f:d7:85:70:9d:
         72:91:aa:fb:79:63:b2:75:65:77:0b:3c:4d:1d:84:ee:01:25:
         c0:0a:c6:94:b1:06:60:3d:01:f1:c5:0b:84:6e:a8:cf:92:5e:
         ac:b4:68:9c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvZtdWgPaLSFYn+aTbE+RyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwN2RjYjZkYjlhNzVjMTAxN2ZlZTY3MmY3M2I5NjE3NzFi
NzdjYTEwHhcNMjMwMTAxMjIxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjMyMjNlNDI0NTM1YzBhMGMwOGFjZTJlZDdiZTczOTMyMTExZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljhkTP0yAep2R7Lvfc3l1sM2H8Mz
YYs4PSVv219nW/PPkh4pGotRLzPuKYGPLKKWh7iXoWAyOm1A9ElAwGq9Vwxkl7Tb
fyIzvGT35KIEtyUDraqPvuHNawZDJE5y1IrsNeIn3bCnjsXuyyb4B3U4d6uPZjpW
dFm+YZ+IPVYfOISHjvi1+0RGYimRpWYO8yzrMYyfwg0q5XwfvaBYbXhblGv4dYuZ
aWOJgKLcE/gixXptXzmPa+h09eyPexvmfIebrGIL0ZvmEblXQ7gUdFTKzVezA+4Y
4QXh/GrEszk80ZB2cuIB0yLmv5yOqC/34rltstj9VA9DcmAgw9yWKd8fwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB8yI+QkU1wKDAis4u175zkyER4xMB8GA1UdIwQY
MBaAFKB9y225p1wQF/7mcvc7lhdxt3yhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0gzTGJibW5YQkFYX3VaeTl6dVdGM0czZktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zMDMxMDUtZTdjOC00YTQ0LWExODEt
Y2I0MGVlMDQ4ZGMwLzEvSHpJajVDUlRYQW9NQ0t6aTdYdm5PVElSSGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zMDMxMDUtZTdjOC00YTQ0LWExODEtY2I0MGVlMDQ4ZGMw
LzEvb0gzTGJibW5YQkFYX3VaeTl6dVdGM0czZktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB1aP8MA0E
AgACMAcDBQMqEqzAMA0GCSqGSIb3DQEBCwUAA4IBAQBK7Fc2jIObw602PklFioRQ
B/Gq9zdpa52FKSB5wNXnj25zHPvaKPBvv6Ak1Hh949gxOfbG/0sj9PP687XN+EpK
zupRJRxwfsTdClOMfzu8QUUBYXRX5qhkVTj8riwrHo9a5QYVSlvT9JY3FQtcm/JL
ndg2zHBiFZbX0HYGvyhom5VfBVNNqTWZkHnTuaMz6AFmdDzwjENhC/wVz+U+cosU
86CKDYnqCmx+YBtWL2w8l5cHgrbCGwvV80HNj1YeFhiBpLN94sgVZohS74dXK4VT
FIBZj9eFcJ1ykar7eWOydWV3CzxNHYTuASXACsaUsQZgPQHxxQuEbqjPkl6stGic
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:44 2024 by rpki-client on console-ams.rpki-client.org