Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Y4oyBFi8tE7xCshULhW3JMmtMOA.roa
File:                     Y4oyBFi8tE7xCshULhW3JMmtMOA.roa (raw, json)
Hash identifier:          ZItia/GHpRGwXnOq3az6Cc3Bs2Oo7b4Txmb2gPC2WK4=
Subject key identifier:   63:8A:32:04:58:BC:B4:4E:F1:0A:C8:54:2E:15:B7:24:C9:AD:30:E0
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       018B10C36A2866517B7C71EC0A1C414B75E0
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Y4oyBFi8tE7xCshULhW3JMmtMOA.roa
Signing time:             Sun 08 Oct 2023 19:28:43 +0000
ROA not before:           Sun 08 Oct 2023 19:28:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        89.23.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 20 Oct 2023 11:52:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:10:c3:6a:28:66:51:7b:7c:71:ec:0a:1c:41:4b:75:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Oct  8 19:28:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=638a320458bcb44ef10ac8542e15b724c9ad30e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:99:99:8c:b7:89:23:e0:fe:59:58:44:97:20:
                    fe:4c:0d:02:36:98:61:aa:62:61:25:5c:93:dc:e5:
                    d2:ee:f0:ed:0e:41:57:c9:a4:37:9a:46:10:e0:04:
                    d1:a5:3b:5a:e1:30:5b:2c:12:89:d8:07:e8:2b:18:
                    a6:2b:20:98:8e:9a:95:61:88:49:13:45:8f:00:0f:
                    b3:08:fb:8d:71:85:e1:ad:ce:cf:9a:70:83:dc:ff:
                    27:da:d5:2c:f7:b0:86:8e:2d:51:c8:4a:97:42:79:
                    ca:5e:dc:2b:68:62:76:26:4d:37:9e:1b:dd:91:76:
                    21:39:58:d1:04:23:33:a9:cd:4f:64:f2:bb:7b:34:
                    b9:dc:73:3c:4e:39:da:46:45:d4:a6:4e:9a:b1:b3:
                    8e:13:1c:d3:dd:c8:3d:7e:c5:6a:42:68:c0:2c:a6:
                    b9:5b:78:14:e6:54:23:df:55:c1:3c:d4:f5:aa:56:
                    c0:97:e2:f3:e3:9b:b2:68:6b:02:67:70:21:5f:92:
                    36:07:a9:37:e0:ac:57:6d:71:d9:7b:58:2e:ed:64:
                    55:d0:94:8b:2b:d7:0c:77:f6:04:7a:6d:6c:7b:e5:
                    e7:de:0a:21:ad:9b:38:12:cd:a5:1f:dc:f4:ec:7c:
                    f3:e7:66:c0:89:a5:a0:9a:b1:d4:70:17:bc:22:b6:
                    7f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:8A:32:04:58:BC:B4:4E:F1:0A:C8:54:2E:15:B7:24:C9:AD:30:E0
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Y4oyBFi8tE7xCshULhW3JMmtMOA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.23.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:da:81:34:b1:56:af:43:d8:6a:dd:a0:47:19:61:93:5e:03:
         71:58:a5:2a:cb:8f:93:5b:12:ec:76:36:84:e1:14:80:49:55:
         03:3b:ba:d7:2a:e7:f0:ce:79:7d:a7:4e:d6:bb:f8:f8:37:c5:
         9e:a7:86:1d:6e:1b:f1:11:f3:4e:bc:46:ab:2d:c5:82:4a:d0:
         9f:99:34:90:52:81:1c:49:2e:44:e7:72:04:38:9a:73:29:55:
         5e:c6:3e:ca:53:4e:b3:da:75:fb:14:0a:b5:09:0d:80:dc:2b:
         d9:40:e0:1a:29:37:0d:8b:86:bb:22:0e:e8:32:f5:08:c5:b0:
         ea:ea:6e:92:a3:6b:64:e2:3f:f7:04:b2:ff:de:69:ad:0c:cc:
         15:5f:09:97:bb:5e:9d:d8:c8:4b:23:04:43:51:d2:ee:99:e2:
         d9:8a:41:98:6b:62:66:b8:a5:ac:81:f3:fb:19:af:07:2d:d5:
         24:05:9c:ca:2e:04:d9:a7:a0:18:80:81:d9:2c:4e:1f:aa:90:
         8c:5b:67:fc:8b:d7:65:6f:ec:0d:8e:ca:70:90:15:3e:54:f9:
         77:44:70:48:cd:a4:a9:55:eb:84:41:1e:a8:4b:cc:7b:d7:19:
         af:d4:9d:9a:78:77:55:ee:be:5c:2c:e6:fc:18:71:40:e6:44:
         8d:98:1e:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsQw2ooZlF7fHHsChxBS3XgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMxMDA4MTkyODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzhhMzIwNDU4YmNiNDRlZjEwYWM4NTQyZTE1YjcyNGM5YWQzMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpmZjLeJI+D+WVhElyD+TA0CNphh
qmJhJVyT3OXS7vDtDkFXyaQ3mkYQ4ATRpTta4TBbLBKJ2AfoKximKyCYjpqVYYhJ
E0WPAA+zCPuNcYXhrc7PmnCD3P8n2tUs97CGji1RyEqXQnnKXtwraGJ2Jk03nhvd
kXYhOVjRBCMzqc1PZPK7ezS53HM8TjnaRkXUpk6asbOOExzT3cg9fsVqQmjALKa5
W3gU5lQj31XBPNT1qlbAl+Lz45uyaGsCZ3AhX5I2B6k34KxXbXHZe1gu7WRV0JSL
K9cMd/YEem1se+Xn3gohrZs4Es2lH9z07Hzz52bAiaWgmrHUcBe8IrZ/0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOKMgRYvLRO8QrIVC4VtyTJrTDgMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvWTRveUJGaTh0RTd4Q3NoVUxoVzNKTW10TU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdbMA0G
CSqGSIb3DQEBCwUAA4IBAQAL2oE0sVavQ9hq3aBHGWGTXgNxWKUqy4+TWxLsdjaE
4RSASVUDO7rXKufwznl9p07Wu/j4N8Wep4YdbhvxEfNOvEarLcWCStCfmTSQUoEc
SS5E53IEOJpzKVVexj7KU06z2nX7FAq1CQ2A3CvZQOAaKTcNi4a7Ig7oMvUIxbDq
6m6So2tk4j/3BLL/3mmtDMwVXwmXu16d2MhLIwRDUdLumeLZikGYa2JmuKWsgfP7
Ga8HLdUkBZzKLgTZp6AYgIHZLE4fqpCMW2f8i9dlb+wNjspwkBU+VPl3RHBIzaSp
VeuEQR6oS8x71xmv1J2aeHdV7r5cLOb8GHFA5kSNmB77
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:41 2024 by rpki-client on console-ams.rpki-client.org