Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/yXavzJNqhYSusnYXTARUdQEq-q4.roa
File:                     yXavzJNqhYSusnYXTARUdQEq-q4.roa (raw, json)
Hash identifier:          zJodvtLmxRx9j7Vhko4upzUuQhUyIbevpBgSkk2Egfo=
Subject key identifier:   C9:76:AF:CC:93:6A:85:84:AE:B2:76:17:4C:04:54:75:01:2A:FA:AE
Certificate issuer:       /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial:       01857139B060B0437A623C329756092156A0
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/yXavzJNqhYSusnYXTARUdQEq-q4.roa
Signing time:             Mon 02 Jan 2023 06:44:44 +0000
ROA not before:           Mon 02 Jan 2023 06:44:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204958
IP address blocks:        152.89.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:b0:60:b0:43:7a:62:3c:32:97:56:09:21:56:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
        Validity
            Not Before: Jan  2 06:44:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c976afcc936a8584aeb276174c045475012afaae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:91:7c:87:ef:f9:29:b9:c2:21:d8:d2:d5:c4:
                    58:48:7f:57:e6:f1:38:d1:1d:62:0c:ea:c9:b2:c3:
                    4c:c8:c8:21:4d:73:af:2e:b8:41:3d:a9:1e:a1:ac:
                    82:fa:58:eb:5b:59:83:b1:bc:33:83:7b:27:1b:d6:
                    9d:a1:c2:4e:be:5f:83:23:c4:f5:57:e9:90:2c:37:
                    5a:ae:ab:a3:2b:78:da:36:ff:30:96:3c:df:ff:c7:
                    d8:3a:18:0b:cc:e4:a1:6d:9d:74:6b:49:c8:70:e3:
                    da:eb:95:f8:e3:91:ca:5c:9c:ac:90:c0:ff:10:f9:
                    32:0d:d2:c8:a6:34:6b:bd:cf:f0:51:48:e1:72:02:
                    ae:ac:7a:28:ee:41:51:4a:9a:b6:4c:75:a4:f2:aa:
                    1a:fb:93:3a:8b:41:c6:55:12:4e:cc:8c:37:32:ca:
                    9e:32:8a:d3:65:ea:3f:05:ce:59:bd:e4:38:bf:23:
                    9a:52:cd:6c:85:f8:4d:59:e6:81:bb:a4:41:3d:ae:
                    16:1b:5f:59:99:08:db:e1:ba:3c:5a:db:cb:13:7f:
                    7c:a9:4c:bd:e6:a8:39:14:f8:f2:7b:49:fb:4a:41:
                    21:80:80:29:2d:d3:86:cb:46:81:28:c8:e9:ea:6c:
                    df:b0:f3:60:9d:5c:db:62:5d:db:f8:7d:b4:56:53:
                    04:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:76:AF:CC:93:6A:85:84:AE:B2:76:17:4C:04:54:75:01:2A:FA:AE
            X509v3 Authority Key Identifier:
                keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/yXavzJNqhYSusnYXTARUdQEq-q4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:70:88:2b:c5:8a:0a:81:c6:cd:bb:a0:0b:b4:5d:4b:4d:73:
         12:a0:61:b2:20:64:76:25:b0:ed:a6:ff:c7:0d:38:f3:9d:b4:
         cb:3f:f6:82:d0:9e:db:a5:a0:31:34:a6:88:14:de:3d:7f:b4:
         55:ab:95:83:96:66:a9:cf:54:9d:39:c1:84:bb:c6:67:5a:a6:
         e0:d7:4d:5c:89:db:7f:c2:6b:da:b1:bf:11:d0:d9:a2:a2:a0:
         41:5c:6b:2a:04:06:5c:40:10:b0:bb:fe:f2:84:e8:af:d4:80:
         c3:5c:4a:4e:88:51:ed:bc:d8:38:78:06:b9:6b:b7:14:18:ab:
         a7:ce:9c:24:2a:81:25:02:1c:d6:1a:b4:0e:23:a3:b3:47:dc:
         a3:b1:96:64:69:e7:87:63:78:16:a3:27:da:72:97:ab:93:12:
         25:b9:7a:4d:2b:1d:17:80:5a:eb:29:63:d9:69:bc:cf:ee:24:
         63:64:ee:63:f2:48:64:05:cf:c5:4a:2c:8c:11:41:fe:fe:24:
         c9:2e:4c:9b:31:fb:80:b7:8a:3b:56:38:bf:74:27:34:d9:fd:
         ae:42:dc:cb:99:93:68:f6:a3:28:d2:16:b1:0b:56:82:da:cb:
         d5:59:fe:8d:0f:e5:f1:ca:85:5c:07:58:51:66:eb:c5:eb:dc:
         de:24:0d:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxObBgsEN6Yjwyl1YJIVagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjMwMTAyMDY0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc2YWZjYzkzNmE4NTg0YWViMjc2MTc0YzA0NTQ3NTAxMmFmYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5F8h+/5KbnCIdjS1cRYSH9X5vE4
0R1iDOrJssNMyMghTXOvLrhBPakeoayC+ljrW1mDsbwzg3snG9adocJOvl+DI8T1
V+mQLDdarqujK3jaNv8wljzf/8fYOhgLzOShbZ10a0nIcOPa65X445HKXJyskMD/
EPkyDdLIpjRrvc/wUUjhcgKurHoo7kFRSpq2THWk8qoa+5M6i0HGVRJOzIw3Msqe
MorTZeo/Bc5ZveQ4vyOaUs1shfhNWeaBu6RBPa4WG19ZmQjb4bo8WtvLE398qUy9
5qg5FPjye0n7SkEhgIApLdOGy0aBKMjp6mzfsPNgnVzbYl3b+H20VlMERQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMl2r8yTaoWErrJ2F0wEVHUBKvquMB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEveVhhdnpKTnFoWVN1c25ZWFRBUlVkUUVxLXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmrMA0G
CSqGSIb3DQEBCwUAA4IBAQBjcIgrxYoKgcbNu6ALtF1LTXMSoGGyIGR2JbDtpv/H
DTjznbTLP/aC0J7bpaAxNKaIFN49f7RVq5WDlmapz1SdOcGEu8ZnWqbg101cidt/
wmvasb8R0NmioqBBXGsqBAZcQBCwu/7yhOiv1IDDXEpOiFHtvNg4eAa5a7cUGKun
zpwkKoElAhzWGrQOI6OzR9yjsZZkaeeHY3gWoyfacperkxIluXpNKx0XgFrrKWPZ
abzP7iRjZO5j8khkBc/FSiyMEUH+/iTJLkybMfuAt4o7Vji/dCc02f2uQtzLmZNo
9qMo0haxC1aC2svVWf6ND+XxyoVcB1hRZuvF69zeJA1C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:34 2024 by rpki-client on console-fra.rpki-client.org