Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/I3M7VhgKtEu9NCShGXFkQGyl_xA.roa
File:                     I3M7VhgKtEu9NCShGXFkQGyl_xA.roa (raw, json)
Hash identifier:          2gfIv4n97IdM3e9kSobOGDz8/niDPz2/4j3c0n/sujE=
Subject key identifier:   23:73:3B:56:18:0A:B4:4B:BD:34:24:A1:19:71:64:40:6C:A5:FF:10
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE60A84C86C61D674BB616C1DCC98E7
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/I3M7VhgKtEu9NCShGXFkQGyl_xA.roa
Signing time:             Sun 01 Jan 2023 10:34:53 +0000
ROA not before:           Sun 01 Jan 2023 10:34:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3170
IP address blocks:        152.89.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:0a:84:c8:6c:61:d6:74:bb:61:6c:1d:cc:98:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:34:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23733b56180ab44bbd3424a1197164406ca5ff10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:64:b4:aa:e2:fa:ce:e4:4e:2d:dc:cf:b6:3e:
                    01:e3:f2:fe:08:05:62:03:06:e3:ec:8b:af:f6:15:
                    f1:5e:f3:aa:c1:50:3e:4e:b4:08:d4:4f:a0:76:43:
                    cf:c1:38:43:27:98:a1:bf:80:cb:c6:51:f1:d2:6d:
                    8f:66:5d:f8:d7:bd:5c:8e:cf:71:fd:19:ed:71:64:
                    db:cc:23:31:c2:95:88:f7:38:8d:42:9e:a3:5a:18:
                    df:bd:ac:8a:14:27:1a:84:d9:e6:1b:d9:b9:a9:dc:
                    15:b2:d3:85:35:3e:e4:04:a5:04:ee:23:88:c6:db:
                    79:d8:f3:6b:75:61:90:fb:da:f4:17:a4:f4:bd:62:
                    85:62:31:0b:2e:f5:4a:5a:2e:68:c3:6f:44:84:93:
                    4f:c5:e4:b9:01:23:81:8c:6c:8b:17:68:13:78:8f:
                    48:bc:39:b8:4c:50:ec:14:2a:b3:05:c9:6a:af:5e:
                    f8:70:34:5d:7e:06:11:d7:d3:91:ec:bc:55:98:54:
                    33:72:48:ee:25:5c:f8:d3:7b:fe:30:b5:11:1d:6b:
                    bf:f5:08:5c:be:a5:60:f7:4b:2b:23:a2:5a:de:fc:
                    37:5a:e3:81:64:c0:f5:20:e7:83:12:be:ac:21:10:
                    1d:8c:3d:7d:45:af:72:93:97:94:ba:bb:bc:44:67:
                    ee:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:73:3B:56:18:0A:B4:4B:BD:34:24:A1:19:71:64:40:6C:A5:FF:10
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/I3M7VhgKtEu9NCShGXFkQGyl_xA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:55:26:d0:46:6f:93:db:a4:44:5c:66:9c:fa:9d:19:d9:62:
         86:b7:91:6e:11:ac:61:25:73:3f:c1:66:70:4e:2b:47:4f:25:
         69:83:da:45:ac:b8:e4:ac:36:03:af:1e:c2:90:4e:77:5e:d3:
         36:fb:5f:ba:a3:72:dd:ed:58:0a:9d:db:7e:5a:25:b9:17:ac:
         7d:08:96:ab:cc:4c:f2:c2:1c:42:c5:99:5b:73:9f:79:d5:3c:
         ed:f8:a7:92:6b:dd:a8:57:f4:b6:0f:8e:b2:6b:26:a8:fe:6b:
         45:f7:30:53:0d:80:06:88:11:03:fa:12:77:18:5d:d6:4b:e7:
         ea:df:16:d1:31:2a:79:60:03:0f:05:c7:9c:d6:79:7b:26:8b:
         20:27:6b:9c:4d:69:6c:81:49:68:a3:77:2e:13:8d:e4:d4:df:
         06:46:8d:03:e6:9a:df:c9:1e:0d:eb:7a:65:40:56:72:eb:c8:
         17:ed:29:62:67:64:6b:5d:7f:39:28:29:00:23:87:72:5f:f2:
         ac:92:7b:16:c3:65:94:17:dc:be:03:11:ff:cc:4e:8a:c2:0c:
         37:93:d6:90:8e:9b:5e:23:93:17:2d:ed:29:37:32:e3:7c:82:
         a7:63:8a:d5:d4:90:8d:11:f2:54:83:fe:f9:84:e2:c3:bc:ca:
         eb:29:7b:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5gqEyGxh1nS7YWwdzJjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzczM2I1NjE4MGFiNDRiYmQzNDI0YTExOTcxNjQ0MDZjYTVmZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGS0quL6zuROLdzPtj4B4/L+CAVi
Awbj7Iuv9hXxXvOqwVA+TrQI1E+gdkPPwThDJ5ihv4DLxlHx0m2PZl34171cjs9x
/RntcWTbzCMxwpWI9ziNQp6jWhjfvayKFCcahNnmG9m5qdwVstOFNT7kBKUE7iOI
xtt52PNrdWGQ+9r0F6T0vWKFYjELLvVKWi5ow29EhJNPxeS5ASOBjGyLF2gTeI9I
vDm4TFDsFCqzBclqr174cDRdfgYR19OR7LxVmFQzckjuJVz403v+MLURHWu/9Qhc
vqVg90srI6Ja3vw3WuOBZMD1IOeDEr6sIRAdjD19Ra9yk5eUuru8RGfuVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNzO1YYCrRLvTQkoRlxZEBspf8QMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvSTNNN1ZoZ0t0RXU5TkNTaEdYRmtRR3lsX3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFn9MA0G
CSqGSIb3DQEBCwUAA4IBAQB3VSbQRm+T26REXGac+p0Z2WKGt5FuEaxhJXM/wWZw
TitHTyVpg9pFrLjkrDYDrx7CkE53XtM2+1+6o3Ld7VgKndt+WiW5F6x9CJarzEzy
whxCxZlbc5951Tzt+KeSa92oV/S2D46yayao/mtF9zBTDYAGiBED+hJ3GF3WS+fq
3xbRMSp5YAMPBcec1nl7JosgJ2ucTWlsgUloo3cuE43k1N8GRo0D5prfyR4N63pl
QFZy68gX7SliZ2RrXX85KCkAI4dyX/KsknsWw2WUF9y+AxH/zE6Kwgw3k9aQjpte
I5MXLe0pNzLjfIKnY4rV1JCNEfJUg/75hOLDvMrrKXso
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org