Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YE9ip28uGwoRAcDaL5pLGZ0qvZw.roa
File:                     YE9ip28uGwoRAcDaL5pLGZ0qvZw.roa (raw, json)
Hash identifier:          FF+Hh1YVo4YdCFeTBIRmr3c+umBMpysL+Fvr/Flzk1g=
Subject key identifier:   60:4F:62:A7:6F:2E:1B:0A:11:01:C0:DA:2F:9A:4B:19:9D:2A:BD:9C
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0189731BC762B53D02818A65B80DCE0F53DB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YE9ip28uGwoRAcDaL5pLGZ0qvZw.roa
Signing time:             Thu 20 Jul 2023 11:42:27 +0000
ROA not before:           Thu 20 Jul 2023 11:42:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206776
IP address blocks:        45.89.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 06:26:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:73:1b:c7:62:b5:3d:02:81:8a:65:b8:0d:ce:0f:53:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jul 20 11:42:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=604f62a76f2e1b0a1101c0da2f9a4b199d2abd9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:96:e4:80:3c:c6:0f:d3:63:63:80:e5:97:b6:
                    39:9d:72:b5:41:d0:0e:06:e7:6b:6f:21:92:5e:65:
                    a2:8b:4d:b1:2c:8b:09:8b:e3:f7:19:56:a5:46:ad:
                    ae:df:9e:76:65:7c:7f:6a:c8:ee:4a:57:f7:bf:95:
                    f3:b3:46:bb:b6:5b:c3:db:b3:fe:30:84:2d:d0:df:
                    b2:79:3a:42:f6:b8:13:ec:a1:6b:5a:39:55:73:9a:
                    29:f0:0b:96:d8:be:f0:be:eb:18:72:2d:38:f1:16:
                    16:8c:76:68:02:67:92:29:64:bb:cb:da:e8:dc:ac:
                    68:c4:bf:93:cf:59:03:10:66:e4:c2:ce:69:23:d0:
                    44:c1:96:07:ac:d1:62:3a:de:1f:17:f1:6c:de:14:
                    0c:fb:09:aa:d4:9e:41:73:01:36:65:f7:54:6a:c8:
                    a9:e6:e3:98:ec:19:fa:e6:4d:d2:ff:30:73:0e:ec:
                    29:ff:21:87:e9:0f:50:16:f4:37:e2:0e:bb:48:68:
                    02:d6:f4:64:06:79:ad:ac:5c:01:cb:87:c1:0e:11:
                    81:07:1b:99:db:13:10:d8:36:35:6b:7f:f4:b3:5a:
                    13:8c:aa:85:c3:0b:93:50:be:f5:58:ab:5c:80:82:
                    d8:42:ac:3f:89:cd:04:9c:12:43:a6:f8:0d:bf:9a:
                    90:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:4F:62:A7:6F:2E:1B:0A:11:01:C0:DA:2F:9A:4B:19:9D:2A:BD:9C
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YE9ip28uGwoRAcDaL5pLGZ0qvZw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:34:27:f7:21:ed:07:6e:d5:b8:35:83:10:af:af:91:cb:2e:
         db:d8:12:3a:18:c1:ea:61:9b:9e:f6:69:de:bc:93:e9:b4:4c:
         ec:49:10:ab:07:9d:35:20:ca:c1:90:b6:82:7d:a5:bc:21:c1:
         7a:98:4c:4a:f4:1d:55:3b:e8:7f:99:f7:bb:67:62:9a:15:a6:
         71:75:3f:bf:5e:14:c9:ec:a7:30:b5:51:48:d8:af:6c:21:a1:
         ae:68:82:d9:5f:62:95:45:aa:91:0f:d1:49:a1:39:91:5e:65:
         47:e3:21:33:22:fb:0c:30:5a:b6:21:75:e6:28:af:a5:bd:e7:
         b4:a6:59:51:02:7c:db:71:df:f5:eb:56:08:37:2c:9f:39:61:
         df:f6:c8:3a:ee:46:9d:37:f8:6d:39:d2:e9:7b:11:05:93:18:
         5e:aa:16:01:8a:bd:72:c4:0f:69:af:44:c4:da:26:61:0f:a4:
         fa:05:1e:56:5e:7e:76:19:8d:53:86:a8:23:4d:e5:80:ff:7c:
         5b:42:09:c5:1e:9b:0b:da:a7:fb:25:e4:74:d4:c0:f3:e5:14:
         e1:74:c2:e3:09:fb:fd:74:9d:8f:48:d0:c4:cd:da:e4:0a:05:
         4a:8b:3f:ee:4e:57:45:72:28:59:e9:5a:c6:34:9d:91:f3:88:
         fa:9f:90:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlzG8ditT0CgYpluA3OD1PbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzIwMTE0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDRmNjJhNzZmMmUxYjBhMTEwMWMwZGEyZjlhNGIxOTlkMmFiZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJbkgDzGD9NjY4Dll7Y5nXK1QdAO
BudrbyGSXmWii02xLIsJi+P3GValRq2u3552ZXx/asjuSlf3v5Xzs0a7tlvD27P+
MIQt0N+yeTpC9rgT7KFrWjlVc5op8AuW2L7wvusYci048RYWjHZoAmeSKWS7y9ro
3KxoxL+Tz1kDEGbkws5pI9BEwZYHrNFiOt4fF/Fs3hQM+wmq1J5BcwE2ZfdUasip
5uOY7Bn65k3S/zBzDuwp/yGH6Q9QFvQ34g67SGgC1vRkBnmtrFwBy4fBDhGBBxuZ
2xMQ2DY1a3/0s1oTjKqFwwuTUL71WKtcgILYQqw/ic0EnBJDpvgNv5qQOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBPYqdvLhsKEQHA2i+aSxmdKr2cMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWUU5aXAyOHVHd29SQWNEYUw1cExHWjBxdlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVn0MA0G
CSqGSIb3DQEBCwUAA4IBAQCsNCf3Ie0HbtW4NYMQr6+Ryy7b2BI6GMHqYZue9mne
vJPptEzsSRCrB501IMrBkLaCfaW8IcF6mExK9B1VO+h/mfe7Z2KaFaZxdT+/XhTJ
7KcwtVFI2K9sIaGuaILZX2KVRaqRD9FJoTmRXmVH4yEzIvsMMFq2IXXmKK+lvee0
pllRAnzbcd/161YINyyfOWHf9sg67kadN/htOdLpexEFkxheqhYBir1yxA9pr0TE
2iZhD6T6BR5WXn52GY1ThqgjTeWA/3xbQgnFHpsL2qf7JeR01MDz5RThdMLjCfv9
dJ2PSNDEzdrkCgVKiz/uTldFcihZ6VrGNJ2R84j6n5Bf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org