Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/QVUCETzU8Tur7s-4vjkE4EsfHXc.roa
File:                     QVUCETzU8Tur7s-4vjkE4EsfHXc.roa (raw, json)
Hash identifier:          FZw5OGDJ/JxB/7hlvhs2msfl13xDwN1zzs/Zj/Gz/Bo=
Subject key identifier:   41:55:02:11:3C:D4:F1:3B:AB:EE:CF:B8:BE:39:04:E0:4B:1F:1D:77
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       018A2EC509F61075C7C2BB477B7AED909459
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/QVUCETzU8Tur7s-4vjkE4EsfHXc.roa
Signing time:             Fri 25 Aug 2023 22:16:19 +0000
ROA not before:           Fri 25 Aug 2023 22:16:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        89.23.92.0/24 maxlen: 24
                          89.23.77.0/24 maxlen: 24
                          89.23.84.0/24 maxlen: 24
                          89.23.85.0/24 maxlen: 24
                          89.23.80.0/24 maxlen: 24
                          89.23.81.0/24 maxlen: 24
                          89.23.79.0/24 maxlen: 24
                          89.23.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 10:36:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:2e:c5:09:f6:10:75:c7:c2:bb:47:7b:7a:ed:90:94:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Aug 25 22:16:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=415502113cd4f13babeecfb8be3904e04b1f1d77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b4:d6:4d:8f:e4:09:3a:85:c4:fd:25:50:bd:
                    01:69:a4:59:08:bd:5b:16:c8:6d:81:52:3f:34:34:
                    b9:fe:a4:78:79:3d:11:18:1e:4e:48:0f:fb:b9:bf:
                    65:f3:f1:94:99:67:c3:a0:4d:eb:d4:4b:49:e2:b8:
                    db:7d:e8:1c:86:87:ee:3b:54:ca:cb:d5:ef:db:c0:
                    82:c3:96:0b:22:86:94:66:d3:ab:82:c6:59:68:50:
                    8d:a3:d3:ea:58:cb:04:78:4b:3c:7d:c7:b0:29:3a:
                    6f:07:31:00:fb:d5:c8:5b:e9:4f:73:af:78:ce:f6:
                    48:e6:0d:d1:52:1d:02:e5:00:c6:74:4a:01:ba:01:
                    7f:82:09:57:04:bb:b6:c6:9f:7f:60:76:d1:35:b7:
                    de:a3:86:7b:9d:86:a3:f5:e8:08:cf:2e:94:c8:98:
                    0b:ff:33:47:36:06:a8:65:dd:92:1d:6e:4c:a3:2b:
                    1a:fa:b9:f8:d4:62:ad:69:47:27:c3:f2:ef:69:87:
                    57:e6:da:76:a4:66:ac:90:11:9f:4a:82:29:a0:c9:
                    f4:39:e7:64:00:77:43:70:47:41:7d:be:8e:84:26:
                    ab:b6:5a:8a:d5:5b:4e:f5:8d:43:32:91:78:61:ee:
                    4c:37:42:bf:e6:04:aa:76:55:5f:e9:6c:96:9e:65:
                    a1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:55:02:11:3C:D4:F1:3B:AB:EE:CF:B8:BE:39:04:E0:4B:1F:1D:77
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/QVUCETzU8Tur7s-4vjkE4EsfHXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.23.77.0/24
                  89.23.79.0-89.23.81.255
                  89.23.84.0/23
                  89.23.87.0/24
                  89.23.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:82:d6:02:79:24:95:51:d2:c9:bb:a2:2e:e1:fd:7b:8e:b7:
         26:45:87:c2:69:d7:5a:28:47:72:88:70:50:6f:65:29:a6:0c:
         a0:9d:9d:ec:f9:1f:b3:1c:24:77:aa:0a:6f:ad:1e:f3:94:9c:
         66:ca:b8:f4:ce:f7:98:c6:4d:56:25:ac:e2:d9:35:08:6e:b7:
         bb:18:a9:2e:8f:08:89:84:2b:d7:1f:de:5c:7b:c6:f6:06:87:
         30:e2:7d:69:32:45:51:ca:e7:0e:09:fa:82:46:b5:9b:f0:ca:
         13:76:f7:b4:bc:63:4c:db:a8:99:0b:0d:10:ff:54:40:92:73:
         bd:33:5a:1f:d9:67:18:7c:aa:05:74:7a:0e:33:e3:d4:db:07:
         fe:bb:fc:8f:bf:fe:8f:18:f3:9a:7d:00:e2:91:a2:85:77:a6:
         e2:b2:08:12:5f:8a:9f:12:40:78:c0:a2:db:ac:c6:e9:3c:3a:
         af:52:39:9e:b6:61:59:76:9f:6c:ef:24:43:7a:aa:96:bb:7e:
         37:73:2e:0c:5a:17:b8:27:03:8d:72:1b:db:bf:2d:76:ab:14:
         fe:4c:c6:e1:a1:35:e8:4b:f0:13:93:16:1e:01:53:cc:7b:cf:
         47:65:33:19:3d:08:b7:f1:c0:cb:18:75:f3:14:66:d7:bb:4d:
         6f:41:c1:04
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYouxQn2EHXHwrtHe3rtkJRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwODI1MjIxNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTU1MDIxMTNjZDRmMTNiYWJlZWNmYjhiZTM5MDRlMDRiMWYxZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbTWTY/kCTqFxP0lUL0BaaRZCL1b
FshtgVI/NDS5/qR4eT0RGB5OSA/7ub9l8/GUmWfDoE3r1EtJ4rjbfegchofuO1TK
y9Xv28CCw5YLIoaUZtOrgsZZaFCNo9PqWMsEeEs8fcewKTpvBzEA+9XIW+lPc694
zvZI5g3RUh0C5QDGdEoBugF/gglXBLu2xp9/YHbRNbfeo4Z7nYaj9egIzy6UyJgL
/zNHNgaoZd2SHW5Moysa+rn41GKtaUcnw/LvaYdX5tp2pGaskBGfSoIpoMn0Oedk
AHdDcEdBfb6OhCartlqK1VtO9Y1DMpF4Ye5MN0K/5gSqdlVf6WyWnmWhLwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEFVAhE81PE7q+7PuL45BOBLHx13MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvUVZVQ0VUelU4VHVyN3MtNHZqa0U0RXNmSFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWRdNMAwD
BABZF08DBAFZF1ADBAFZF1QDBABZF1cDBABZF1wwDQYJKoZIhvcNAQELBQADggEB
AFeC1gJ5JJVR0sm7oi7h/XuOtyZFh8Jp11ooR3KIcFBvZSmmDKCdnez5H7McJHeq
Cm+tHvOUnGbKuPTO95jGTVYlrOLZNQhut7sYqS6PCImEK9cf3lx7xvYGhzDifWky
RVHK5w4J+oJGtZvwyhN297S8Y0zbqJkLDRD/VECSc70zWh/ZZxh8qgV0eg4z49Tb
B/67/I+//o8Y85p9AOKRooV3puKyCBJfip8SQHjAotusxuk8Oq9SOZ62YVl2n2zv
JEN6qpa7fjdzLgxaF7gnA41yG9u/LXarFP5MxuGhNehL8BOTFh4BU8x7z0dlMxk9
CLfxwMsYdfMUZte7TW9BwQQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org