Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/h9ZHGjRZm837k4QmCiGrr6R4vKg.roa
File:                     h9ZHGjRZm837k4QmCiGrr6R4vKg.roa (raw, json)
Hash identifier:          YHnihhPRuCuErQvGtoN05ytFQBS8/Bn6DAGH5R15FUE=
Subject key identifier:   87:D6:47:1A:34:59:9B:CD:FB:93:84:26:0A:21:AB:AF:A4:78:BC:A8
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       0189C4A6451791E43D5D3F860A20ABD7D703
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/h9ZHGjRZm837k4QmCiGrr6R4vKg.roa
Signing time:             Sat 05 Aug 2023 07:42:58 +0000
ROA not before:           Sat 05 Aug 2023 07:42:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48359
IP address blocks:        89.44.240.0/24 maxlen: 24
                          185.3.200.0/24 maxlen: 24
                          89.42.44.0/22 maxlen: 22
                          45.94.214.0/24 maxlen: 24
                          89.46.217.0/24 maxlen: 24
                          188.212.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 07:49:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:c4:a6:45:17:91:e4:3d:5d:3f:86:0a:20:ab:d7:d7:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Aug  5 07:42:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87d6471a34599bcdfb9384260a21abafa478bca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:8f:88:61:59:13:98:ab:4a:86:81:c8:df:26:
                    36:fc:a4:59:72:91:26:c8:0f:95:0d:a0:42:8d:de:
                    66:b7:c3:f5:4c:39:12:82:8a:79:60:3b:5f:58:dc:
                    7b:f5:4d:d3:48:b3:79:57:86:91:21:1e:00:59:05:
                    99:71:98:6d:ef:db:6f:d4:7b:ff:11:ae:b3:f6:a4:
                    67:18:5c:c1:b0:0a:62:84:f7:9f:22:5d:cb:e0:c7:
                    12:8f:38:07:ea:40:be:60:7c:54:85:0e:ef:b3:3e:
                    e8:26:89:c3:24:df:eb:6f:07:59:7f:e3:af:16:86:
                    fe:75:03:aa:a4:d6:79:41:5b:27:41:02:b1:6f:44:
                    08:a9:74:15:fc:44:ae:5f:93:84:3d:44:d0:f8:e0:
                    fc:fa:d8:f4:c2:4b:e1:b4:6c:96:1b:5d:ad:18:c0:
                    45:ae:e8:7a:d1:80:39:06:b3:77:50:95:34:3a:ae:
                    5f:cf:2b:eb:8e:5d:c9:c6:80:9d:0c:d9:d4:da:ca:
                    c6:18:ac:71:65:60:d6:7c:ba:ae:56:46:bb:41:56:
                    d4:42:7c:eb:c6:4b:d2:c5:9f:95:75:e8:9f:9e:c2:
                    63:9e:ca:6d:1e:5c:09:dc:b8:5e:52:16:dc:cf:65:
                    01:c5:e4:04:3c:ee:03:0d:ce:68:ed:5d:c0:b7:6f:
                    b8:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:D6:47:1A:34:59:9B:CD:FB:93:84:26:0A:21:AB:AF:A4:78:BC:A8
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/h9ZHGjRZm837k4QmCiGrr6R4vKg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.214.0/24
                  89.42.44.0/22
                  89.44.240.0/24
                  89.46.217.0/24
                  185.3.200.0/24
                  188.212.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:29:fd:0f:90:22:44:f2:3d:42:fe:44:cb:46:75:ec:ef:63:
         66:58:95:b5:6f:35:84:7d:ce:30:6c:c2:30:86:42:95:a2:e7:
         55:87:96:3d:dd:3c:78:ba:90:fd:70:33:51:be:09:fd:0f:cd:
         ba:fe:91:f8:55:7a:d9:d7:9a:21:fd:4f:90:4e:2b:b6:fd:5d:
         6a:8b:fa:48:cd:1b:97:51:c9:3f:00:4c:43:66:12:91:40:2c:
         98:33:d5:c8:f1:ff:5e:b8:a6:c7:d3:1f:24:76:76:d3:05:d7:
         9b:e5:cd:66:28:84:91:21:74:85:62:cc:61:47:42:19:a5:41:
         1d:3e:e7:6f:31:90:ca:c8:4a:0b:73:dd:15:c5:1b:31:f8:dc:
         25:d5:50:4e:a0:5e:d3:60:08:04:75:1f:40:5d:5d:fd:c4:e4:
         28:0b:2f:55:68:13:8e:e1:ac:00:98:bc:1b:7c:13:75:9f:8d:
         08:b8:ef:16:58:9e:cf:9d:0b:65:99:54:75:39:7f:7e:92:e9:
         84:af:90:d9:52:a9:9b:65:29:af:98:6e:3c:7a:3c:23:b1:6c:
         64:59:0b:1b:02:15:ef:87:fd:29:4a:e5:6f:b1:ea:bf:a8:82:
         34:45:91:fa:4d:14:f7:e0:35:69:64:7a:19:75:5e:12:28:c0:
         ff:77:94:d8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYnEpkUXkeQ9XT+GCiCr19cDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwODA1MDc0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q2NDcxYTM0NTk5YmNkZmI5Mzg0MjYwYTIxYWJhZmE0NzhiY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo+IYVkTmKtKhoHI3yY2/KRZcpEm
yA+VDaBCjd5mt8P1TDkSgop5YDtfWNx79U3TSLN5V4aRIR4AWQWZcZht79tv1Hv/
Ea6z9qRnGFzBsApihPefIl3L4McSjzgH6kC+YHxUhQ7vsz7oJonDJN/rbwdZf+Ov
Fob+dQOqpNZ5QVsnQQKxb0QIqXQV/ESuX5OEPUTQ+OD8+tj0wkvhtGyWG12tGMBF
ruh60YA5BrN3UJU0Oq5fzyvrjl3JxoCdDNnU2srGGKxxZWDWfLquVka7QVbUQnzr
xkvSxZ+VdeifnsJjnsptHlwJ3LheUhbcz2UBxeQEPO4DDc5o7V3At2+4OQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIfWRxo0WZvN+5OEJgohq6+keLyoMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvaDlaSEdqUlptODM3azRRbUNpR3JyNlI0dktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALV7WAwQC
WSosAwQAWSzwAwQAWS7ZAwQAuQPIAwQAvNRgMA0GCSqGSIb3DQEBCwUAA4IBAQBI
Kf0PkCJE8j1C/kTLRnXs72NmWJW1bzWEfc4wbMIwhkKVoudVh5Y93Tx4upD9cDNR
vgn9D826/pH4VXrZ15oh/U+QTiu2/V1qi/pIzRuXUck/AExDZhKRQCyYM9XI8f9e
uKbH0x8kdnbTBdeb5c1mKISRIXSFYsxhR0IZpUEdPudvMZDKyEoLc90VxRsx+Nwl
1VBOoF7TYAgEdR9AXV39xOQoCy9VaBOO4awAmLwbfBN1n40IuO8WWJ7PnQtlmVR1
OX9+kumEr5DZUqmbZSmvmG48ejwjsWxkWQsbAhXvh/0pSuVvseq/qII0RZH6TRT3
4DVpZHoZdV4SKMD/d5TY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org