Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/zKG_tGT9hSR9sigQr6CsT_hau0E.roa
File:                     zKG_tGT9hSR9sigQr6CsT_hau0E.roa (raw, json)
Hash identifier:          e/46SH6eUcrHzxE6HqCapKN+RqT68ze/ulEZ3fzm91Y=
Subject key identifier:   CC:A1:BF:B4:64:FD:85:24:7D:B2:28:10:AF:A0:AC:4F:F8:5A:BB:41
Certificate issuer:       /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial:       0187B7DACD10ACA7260010B40E64D6DC373D
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/zKG_tGT9hSR9sigQr6CsT_hau0E.roa
Signing time:             Tue 25 Apr 2023 09:59:42 +0000
ROA not before:           Tue 25 Apr 2023 09:59:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39216
IP address blocks:        213.198.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b7:da:cd:10:ac:a7:26:00:10:b4:0e:64:d6:dc:37:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
        Validity
            Not Before: Apr 25 09:59:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cca1bfb464fd85247db22810afa0ac4ff85abb41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:88:a8:26:4c:32:69:b7:1c:08:a0:0f:4c:4c:
                    e8:e9:6d:47:d0:22:c8:ef:65:32:7c:10:f1:03:39:
                    d2:eb:df:07:4f:c9:93:3d:94:4d:aa:48:92:fd:d5:
                    3c:c7:a5:00:f5:68:8a:8f:ab:88:e7:4b:e2:62:7a:
                    76:a2:90:84:1c:31:be:e7:df:8e:72:d1:d3:d8:8a:
                    4e:d3:c9:77:9f:5c:59:c5:d7:cf:ca:09:86:65:93:
                    d5:a2:07:3c:04:7c:80:90:fa:9e:77:2e:58:9e:25:
                    82:de:de:2d:41:db:15:a9:82:70:0c:ed:ab:93:0b:
                    9f:ce:77:3b:18:74:9b:db:5b:b6:fb:2f:ac:b7:27:
                    61:54:86:ca:26:29:33:7b:4a:74:c2:6e:20:01:ba:
                    46:9b:01:1a:5f:28:1a:4b:d6:f5:5a:fb:3e:d3:af:
                    44:bf:c9:1c:64:0d:ac:4b:96:90:d7:00:54:45:d4:
                    ec:98:ee:61:0a:16:8a:c3:14:ae:1b:8d:92:9f:a3:
                    0e:2a:a8:b1:48:25:17:35:49:c6:35:e4:57:b2:a9:
                    b1:66:ab:ef:03:c4:72:d5:34:fc:08:38:a2:ec:0e:
                    5c:cf:8d:df:1e:70:63:19:1b:c9:c9:b5:c7:46:09:
                    87:2a:db:fe:c9:e0:0b:10:85:a4:06:80:c9:31:f2:
                    d4:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:A1:BF:B4:64:FD:85:24:7D:B2:28:10:AF:A0:AC:4F:F8:5A:BB:41
            X509v3 Authority Key Identifier:
                keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/zKG_tGT9hSR9sigQr6CsT_hau0E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.198.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:3f:63:f6:57:1f:54:db:24:37:6b:02:e8:42:5f:d4:71:24:
         73:85:68:84:e4:ff:07:7e:ba:ee:fe:26:dd:a4:eb:86:f1:1f:
         a5:e6:6e:0a:c8:53:12:0e:d1:60:13:7a:a9:8a:7e:10:64:97:
         d4:f4:40:72:c6:60:83:36:76:02:52:49:ef:30:e2:02:d3:43:
         ff:92:e6:17:b4:85:55:43:e7:30:51:a7:36:20:d5:bf:30:2c:
         49:8f:ee:1f:58:ef:6a:73:b9:f1:49:b8:82:cf:95:bb:a5:39:
         f4:5e:d0:c5:d0:d1:94:e0:0c:76:c6:94:88:c0:87:8b:41:ea:
         2d:80:c2:0e:3e:0f:da:e3:06:30:15:1a:51:b8:fe:d6:11:c0:
         0b:20:38:4b:1e:e3:3d:4a:dd:76:cf:18:68:28:69:fa:bf:dd:
         f2:24:58:fb:ca:78:4a:99:03:de:dd:27:11:77:82:2d:1c:01:
         b5:d8:c6:ef:ba:c8:ff:d6:70:a6:3d:14:9a:ec:cf:59:e2:9f:
         95:f4:7b:bb:d3:f7:e9:88:9d:48:ee:22:bc:0c:cc:f5:fa:49:
         6a:0d:f8:a1:62:68:da:80:2a:8d:a8:47:4e:e2:f4:e2:27:c5:
         0d:7c:dc:ac:9c:54:20:b4:88:a0:2e:56:c0:f4:97:a0:77:bf:
         4e:e8:6c:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe32s0QrKcmABC0DmTW3Dc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjMwNDI1MDk1OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2ExYmZiNDY0ZmQ4NTI0N2RiMjI4MTBhZmEwYWM0ZmY4NWFiYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIioJkwyabccCKAPTEzo6W1H0CLI
72UyfBDxAznS698HT8mTPZRNqkiS/dU8x6UA9WiKj6uI50viYnp2opCEHDG+59+O
ctHT2IpO08l3n1xZxdfPygmGZZPVogc8BHyAkPqedy5YniWC3t4tQdsVqYJwDO2r
kwufznc7GHSb21u2+y+stydhVIbKJikze0p0wm4gAbpGmwEaXygaS9b1Wvs+069E
v8kcZA2sS5aQ1wBURdTsmO5hChaKwxSuG42Sn6MOKqixSCUXNUnGNeRXsqmxZqvv
A8Ry1TT8CDii7A5cz43fHnBjGRvJybXHRgmHKtv+yeALEIWkBoDJMfLUpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMyhv7Rk/YUkfbIoEK+grE/4WrtBMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvektHX3RHVDloU1I5c2lnUXI2Q3NUX2hhdTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1cZZMA0G
CSqGSIb3DQEBCwUAA4IBAQANP2P2Vx9U2yQ3awLoQl/UcSRzhWiE5P8Hfrru/ibd
pOuG8R+l5m4KyFMSDtFgE3qpin4QZJfU9EByxmCDNnYCUknvMOIC00P/kuYXtIVV
Q+cwUac2INW/MCxJj+4fWO9qc7nxSbiCz5W7pTn0XtDF0NGU4Ax2xpSIwIeLQeot
gMIOPg/a4wYwFRpRuP7WEcALIDhLHuM9St12zxhoKGn6v93yJFj7ynhKmQPe3ScR
d4ItHAG12Mbvusj/1nCmPRSa7M9Z4p+V9Hu70/fpiJ1I7iK8DMz1+klqDfihYmja
gCqNqEdO4vTiJ8UNfNysnFQgtIigLlbA9Jegd79O6GzD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:40 2024 by rpki-client on console-fra.rpki-client.org