Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/U1BvvjxhB2wwngSy0p2rth3mZTA.roa
File:                     U1BvvjxhB2wwngSy0p2rth3mZTA.roa (raw, json)
Hash identifier:          YPwNlMQC9Lm66E9Gr7umCYGegVUMfb6PduZ5IgcdlCA=
Subject key identifier:   53:50:6F:BE:3C:61:07:6C:30:9E:04:B2:D2:9D:AB:B6:1D:E6:65:30
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018AF6555C004C46BC93BE9B3EC7084A2D8D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/U1BvvjxhB2wwngSy0p2rth3mZTA.roa
Signing time:             Tue 03 Oct 2023 16:18:23 +0000
ROA not before:           Tue 03 Oct 2023 16:18:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22781
IP address blocks:        89.251.8.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f6:55:5c:00:4c:46:bc:93:be:9b:3e:c7:08:4a:2d:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Oct  3 16:18:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53506fbe3c61076c309e04b2d29dabb61de66530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:54:58:91:f2:b8:52:82:70:78:72:2d:4c:2b:
                    17:18:73:fe:7d:54:43:ec:33:d9:f4:3b:d8:ee:62:
                    e1:c6:e5:7a:07:49:1b:c2:df:5c:e7:eb:4b:11:3e:
                    a3:06:a5:30:73:85:68:53:8e:00:2b:c1:cd:c2:36:
                    a1:9f:01:84:6f:ae:54:e0:ce:10:64:65:c1:da:f2:
                    42:a7:90:f0:71:01:44:88:43:1d:3f:02:06:bc:52:
                    8f:cc:3b:96:84:38:d0:80:2e:29:e3:56:91:7f:ce:
                    57:bc:0b:96:93:b1:9d:16:3c:1f:8a:42:84:84:f3:
                    02:e7:76:7d:17:80:25:3e:f4:5d:59:7e:57:d7:10:
                    e8:41:2f:69:73:25:ca:d9:e1:9c:a1:0b:90:94:eb:
                    0d:0a:38:c1:34:db:57:3e:97:0e:e5:4e:97:f5:6b:
                    3b:f1:a9:cd:d2:81:4b:35:85:1a:d1:84:bd:1a:98:
                    2c:93:fe:2d:0f:6f:e1:b0:46:85:e5:10:c9:62:d1:
                    a6:3f:85:cc:42:6d:c2:fe:97:65:5c:76:7e:d0:7b:
                    a2:96:90:0a:ee:c4:7a:37:e1:9b:8a:d2:3b:ae:93:
                    53:11:65:85:25:72:f1:b0:d1:0d:0b:00:e7:da:8e:
                    9b:a2:f5:fc:58:e6:b1:6f:f5:3a:1b:5a:3a:b2:4e:
                    d6:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:50:6F:BE:3C:61:07:6C:30:9E:04:B2:D2:9D:AB:B6:1D:E6:65:30
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/U1BvvjxhB2wwngSy0p2rth3mZTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.251.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:57:2a:c4:0f:56:28:7e:57:fd:da:1b:2f:85:b7:df:26:0c:
         e2:ff:e3:31:6e:c7:af:5c:1f:1d:ef:93:0d:0e:75:11:6b:a7:
         9e:e4:61:e8:be:3e:8b:e2:9d:14:86:1e:8f:7a:27:92:17:c0:
         1e:34:80:22:9c:dc:c6:58:0b:80:c0:5e:de:47:3a:a4:ca:33:
         62:f0:08:55:74:77:df:38:2f:d2:11:1c:f4:6b:f2:ee:49:d0:
         33:92:d3:67:61:89:c2:52:16:10:a1:82:e2:26:e2:55:53:28:
         56:fb:cc:27:bf:ea:c6:7f:c3:b5:3b:0c:2b:06:a6:5b:29:1f:
         28:6f:cf:20:d8:e5:31:3b:75:4f:a0:74:2a:ca:e3:d7:71:01:
         6a:9b:bd:fc:19:87:e3:e0:cc:49:f0:d5:83:a8:7a:bb:9c:bc:
         7f:21:43:09:17:95:67:90:7c:f7:a2:3f:d9:a9:1a:ce:3b:46:
         3e:53:90:a4:83:f9:94:9c:09:73:2d:88:5d:7c:e1:85:3a:84:
         a3:16:da:07:36:11:54:c4:1b:29:1f:bb:77:f7:e3:58:7a:cc:
         54:d5:91:d9:c5:20:e9:46:1d:81:76:f0:35:76:23:11:be:8f:
         c6:d4:07:95:04:9e:a4:48:93:ff:d3:23:24:7a:a3:ad:9f:bb:
         54:55:05:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr2VVwATEa8k76bPscISi2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDAzMTYxODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUwNmZiZTNjNjEwNzZjMzA5ZTA0YjJkMjlkYWJiNjFkZTY2NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1RYkfK4UoJweHItTCsXGHP+fVRD
7DPZ9DvY7mLhxuV6B0kbwt9c5+tLET6jBqUwc4VoU44AK8HNwjahnwGEb65U4M4Q
ZGXB2vJCp5DwcQFEiEMdPwIGvFKPzDuWhDjQgC4p41aRf85XvAuWk7GdFjwfikKE
hPMC53Z9F4AlPvRdWX5X1xDoQS9pcyXK2eGcoQuQlOsNCjjBNNtXPpcO5U6X9Ws7
8anN0oFLNYUa0YS9Gpgsk/4tD2/hsEaF5RDJYtGmP4XMQm3C/pdlXHZ+0HuilpAK
7sR6N+GbitI7rpNTEWWFJXLxsNENCwDn2o6bovX8WOaxb/U6G1o6sk7WOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNQb748YQdsMJ4EstKdq7Yd5mUwMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvVTFCdnZqeGhCMnd3bmdTeTBwMnJ0aDNtWlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWfsIMA0G
CSqGSIb3DQEBCwUAA4IBAQAWVyrED1Yoflf92hsvhbffJgzi/+MxbsevXB8d75MN
DnURa6ee5GHovj6L4p0Uhh6PeieSF8AeNIAinNzGWAuAwF7eRzqkyjNi8AhVdHff
OC/SERz0a/LuSdAzktNnYYnCUhYQoYLiJuJVUyhW+8wnv+rGf8O1OwwrBqZbKR8o
b88g2OUxO3VPoHQqyuPXcQFqm738GYfj4MxJ8NWDqHq7nLx/IUMJF5VnkHz3oj/Z
qRrOO0Y+U5Ckg/mUnAlzLYhdfOGFOoSjFtoHNhFUxBspH7t39+NYesxU1ZHZxSDp
Rh2BdvA1diMRvo/G1AeVBJ6kSJP/0yMkeqOtn7tUVQV6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org