Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/0JhXh3UN0fiYe9pXPnc3J4n_f2s.roa
File:                     0JhXh3UN0fiYe9pXPnc3J4n_f2s.roa (raw, json)
Hash identifier:          xwbJRyUTWdgM/HQsuOBnBanB+rANh6RqsB0F4YFf3XQ=
Subject key identifier:   D0:98:57:87:75:0D:D1:F8:98:7B:DA:57:3E:77:37:27:89:FF:7F:6B
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       0188959D4B6C48B7140199867C719189244D
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/0JhXh3UN0fiYe9pXPnc3J4n_f2s.roa
Signing time:             Wed 07 Jun 2023 11:28:13 +0000
ROA not before:           Wed 07 Jun 2023 11:28:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212669
IP address blocks:        89.23.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:95:9d:4b:6c:48:b7:14:01:99:86:7c:71:91:89:24:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Jun  7 11:28:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0985787750dd1f8987bda573e77372789ff7f6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ae:18:ed:66:10:46:af:66:cd:b6:8f:c4:0c:
                    83:00:ab:9e:37:a7:35:08:f3:fc:ed:9f:69:bf:af:
                    ae:0e:df:95:cd:e3:9e:27:86:70:a3:64:42:7d:7f:
                    2c:f6:5d:d1:cb:1f:56:9b:9c:7f:d9:28:71:e6:72:
                    5f:92:53:65:3f:5b:0a:12:33:2f:a7:55:14:a9:62:
                    52:0a:d7:fa:fa:0a:00:65:0e:75:d8:d1:3d:62:9e:
                    55:bd:fc:e2:0b:7d:af:15:8d:a7:c6:c4:c7:52:4e:
                    6d:9b:75:69:7f:ea:b8:f2:dd:7f:6d:cb:7a:36:7d:
                    93:97:0f:7b:e3:32:69:95:1c:7b:01:a2:49:5e:75:
                    ea:53:a9:3f:db:f7:38:fc:a6:38:78:cf:3c:31:ef:
                    23:0e:4f:25:c0:8d:92:3f:d8:1a:78:b2:0b:31:a0:
                    fc:c0:ca:d0:7b:91:fe:de:a2:5b:2e:61:84:c3:78:
                    7a:97:1e:f6:8c:30:9b:31:3d:7d:f6:39:05:4c:5d:
                    bb:f3:59:25:73:f5:3e:61:61:cd:4d:bf:8e:18:a5:
                    6c:7f:8d:72:5a:23:45:28:67:b1:12:5c:50:f2:12:
                    74:ec:c8:c6:91:42:84:76:0a:7c:c1:fc:ca:f3:15:
                    7f:fb:60:d2:6d:d0:76:5d:0b:74:ca:f2:bf:ed:2f:
                    67:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:98:57:87:75:0D:D1:F8:98:7B:DA:57:3E:77:37:27:89:FF:7F:6B
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/0JhXh3UN0fiYe9pXPnc3J4n_f2s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.23.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:81:1d:c3:27:a8:52:93:d2:27:8a:38:49:28:d9:f2:2a:0b:
         d4:0d:c5:5b:48:c0:6a:2b:4f:0c:f4:36:d0:23:16:29:a9:aa:
         f2:9b:35:d0:5a:de:94:e7:4c:34:39:59:67:33:7f:bf:2c:6f:
         91:dc:47:27:0c:cb:3c:f3:9d:f0:b3:9e:15:70:f4:cb:5b:d6:
         5d:f9:af:5b:7e:31:55:62:98:99:12:64:a5:58:89:18:6b:51:
         44:86:b2:4a:52:4a:e2:fc:b6:86:80:88:53:44:a8:b6:ea:b1:
         73:aa:14:7d:04:e2:a5:ab:ef:8f:63:93:05:36:f1:2e:ef:d6:
         32:00:1e:4e:72:f6:de:47:e0:98:96:cb:2c:0d:3c:be:40:56:
         1c:fb:25:80:0e:0f:86:52:33:a9:bb:27:a7:3e:35:16:85:90:
         0d:bb:d5:db:a2:25:78:0d:88:b4:e0:44:38:b3:d5:2e:34:b9:
         a5:5a:3f:3f:db:ef:6a:f9:b5:2e:63:58:27:c5:c7:5c:1d:04:
         4e:95:c3:15:3b:83:b8:35:d0:ba:38:d7:56:59:8e:81:e4:a1:
         4f:ba:7f:f7:ab:78:dc:40:e7:07:08:6a:21:8f:93:34:27:e6:
         37:5d:fe:e6:91:3f:c8:eb:05:2b:fe:77:9c:3f:8e:5b:50:68:
         d3:05:b7:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiVnUtsSLcUAZmGfHGRiSRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjA3MTEyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk4NTc4Nzc1MGRkMWY4OTg3YmRhNTczZTc3MzcyNzg5ZmY3ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK4Y7WYQRq9mzbaPxAyDAKueN6c1
CPP87Z9pv6+uDt+VzeOeJ4Zwo2RCfX8s9l3Ryx9Wm5x/2Shx5nJfklNlP1sKEjMv
p1UUqWJSCtf6+goAZQ512NE9Yp5VvfziC32vFY2nxsTHUk5tm3Vpf+q48t1/bct6
Nn2Tlw974zJplRx7AaJJXnXqU6k/2/c4/KY4eM88Me8jDk8lwI2SP9gaeLILMaD8
wMrQe5H+3qJbLmGEw3h6lx72jDCbMT199jkFTF2781klc/U+YWHNTb+OGKVsf41y
WiNFKGexElxQ8hJ07MjGkUKEdgp8wfzK8xV/+2DSbdB2XQt0yvK/7S9nEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCYV4d1DdH4mHvaVz53NyeJ/39rMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvMEpoWGgzVU4wZmlZZTlwWFBuYzNKNG5fZjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdMMA0G
CSqGSIb3DQEBCwUAA4IBAQB2gR3DJ6hSk9InijhJKNnyKgvUDcVbSMBqK08M9DbQ
IxYpqarymzXQWt6U50w0OVlnM3+/LG+R3EcnDMs8853ws54VcPTLW9Zd+a9bfjFV
YpiZEmSlWIkYa1FEhrJKUkri/LaGgIhTRKi26rFzqhR9BOKlq++PY5MFNvEu79Yy
AB5OcvbeR+CYlsssDTy+QFYc+yWADg+GUjOpuyenPjUWhZANu9XboiV4DYi04EQ4
s9UuNLmlWj8/2+9q+bUuY1gnxcdcHQROlcMVO4O4NdC6ONdWWY6B5KFPun/3q3jc
QOcHCGohj5M0J+Y3Xf7mkT/I6wUr/necP45bUGjTBbfs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org