Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/abtw3iymg_XBPR4ZB2to9ulXKnY.roa
File:                     abtw3iymg_XBPR4ZB2to9ulXKnY.roa (raw, json)
Hash identifier:          JIFCjsM8phLR15Z4x2dPx4lUVw2IthBZNx2mlUZV2XQ=
Subject key identifier:   69:BB:70:DE:2C:A6:83:F5:C1:3D:1E:19:07:6B:68:F6:E9:57:2A:76
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       0188959D4538DCC747F627BB885C20776418
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/abtw3iymg_XBPR4ZB2to9ulXKnY.roa
Signing time:             Wed 07 Jun 2023 11:28:12 +0000
ROA not before:           Wed 07 Jun 2023 11:28:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        89.23.78.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:95:9d:45:38:dc:c7:47:f6:27:bb:88:5c:20:77:64:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Jun  7 11:28:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69bb70de2ca683f5c13d1e19076b68f6e9572a76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7e:b4:c6:71:41:72:5e:b2:c0:e0:f7:d4:c4:
                    7f:b4:30:03:ca:6d:00:a2:3d:92:dc:16:e5:6f:78:
                    a7:2f:ec:45:f8:ca:7b:6f:88:8e:62:35:51:08:03:
                    19:af:4a:8a:51:7c:1d:63:33:98:60:95:4c:52:19:
                    00:73:16:31:62:fb:b8:19:1f:0c:60:94:80:3e:01:
                    eb:e4:de:c6:36:9c:fa:a8:aa:5e:cb:45:1d:e2:ba:
                    be:eb:f8:fb:e4:13:d2:0e:8c:73:75:7c:2c:f0:35:
                    e3:25:3b:8a:aa:8b:5a:62:18:01:15:36:e1:82:09:
                    93:2f:46:96:b9:9f:f5:c2:ec:6d:8a:08:ca:df:77:
                    07:71:6c:ca:f7:1b:d1:e9:58:fd:b2:09:47:49:57:
                    02:26:6c:c2:29:d0:22:29:24:ce:d3:9c:fa:e4:fa:
                    1c:9e:d3:35:e4:ab:4e:8f:da:ef:c0:83:2f:f0:d4:
                    86:a9:69:ba:1e:58:99:7a:82:51:2a:de:f1:f0:61:
                    f9:36:86:06:fd:48:b6:ff:77:10:57:5c:39:5b:79:
                    5b:47:d2:52:49:d4:f4:86:b6:a3:d0:b5:d9:ac:ad:
                    b0:37:e9:9b:5c:06:dc:44:67:4e:20:e2:00:00:7c:
                    81:99:9c:cb:fa:d4:3c:8e:a9:dd:a1:fc:24:d1:69:
                    fb:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:BB:70:DE:2C:A6:83:F5:C1:3D:1E:19:07:6B:68:F6:E9:57:2A:76
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/abtw3iymg_XBPR4ZB2to9ulXKnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.23.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:fa:56:04:29:04:82:50:d6:67:60:0b:03:c1:91:36:47:c1:
         8e:cd:47:fd:4c:84:e7:c6:b8:91:74:6a:b4:77:f1:2e:03:b9:
         63:0b:d0:b1:e4:71:43:30:44:e5:f3:f5:6c:6b:63:91:8b:3d:
         aa:8d:ac:15:60:7d:11:fa:7e:a9:ce:87:c4:e3:12:55:8c:96:
         63:d4:df:ee:98:0c:31:f7:b9:66:b6:28:f9:cd:01:c4:e8:4e:
         91:e9:24:ab:4f:c7:9e:1c:65:91:dc:4f:9a:3c:9f:82:39:31:
         4a:14:3d:72:02:01:9b:f5:f4:1f:96:2f:e3:b8:7c:35:ae:83:
         f8:11:cf:cd:f6:06:79:3a:fa:ac:f6:82:c6:6b:16:49:79:e6:
         27:b6:9f:70:a9:62:0c:1f:8d:57:56:17:05:54:c7:89:a6:23:
         89:17:fd:e3:cc:96:3f:8b:dc:c9:fb:ec:cd:5d:2b:24:e9:31:
         c4:b3:d0:3f:82:3e:c1:89:7f:94:d9:a4:6e:60:16:e3:63:14:
         5e:83:91:58:03:c6:c3:5e:b7:52:d6:94:39:72:52:41:f2:d9:
         08:9a:e2:11:2d:8b:f8:4a:a0:23:4f:66:31:ef:4c:03:97:eb:
         d2:8d:86:e5:07:4d:8a:6d:02:58:03:04:6f:36:7f:f8:3e:27:
         94:3a:fb:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiVnUU43MdH9ie7iFwgd2QYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjA3MTEyODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJiNzBkZTJjYTY4M2Y1YzEzZDFlMTkwNzZiNjhmNmU5NTcyYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt360xnFBcl6ywOD31MR/tDADym0A
oj2S3Bblb3inL+xF+Mp7b4iOYjVRCAMZr0qKUXwdYzOYYJVMUhkAcxYxYvu4GR8M
YJSAPgHr5N7GNpz6qKpey0Ud4rq+6/j75BPSDoxzdXws8DXjJTuKqotaYhgBFTbh
ggmTL0aWuZ/1wuxtigjK33cHcWzK9xvR6Vj9sglHSVcCJmzCKdAiKSTO05z65Poc
ntM15KtOj9rvwIMv8NSGqWm6HliZeoJRKt7x8GH5NoYG/Ui2/3cQV1w5W3lbR9JS
SdT0hraj0LXZrK2wN+mbXAbcRGdOIOIAAHyBmZzL+tQ8jqndofwk0Wn7aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGm7cN4spoP1wT0eGQdraPbpVyp2MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvYWJ0dzNpeW1nX1hCUFI0WkIydG85dWxYS25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdOMA0G
CSqGSIb3DQEBCwUAA4IBAQAd+lYEKQSCUNZnYAsDwZE2R8GOzUf9TITnxriRdGq0
d/EuA7ljC9Cx5HFDMETl8/Vsa2ORiz2qjawVYH0R+n6pzofE4xJVjJZj1N/umAwx
97lmtij5zQHE6E6R6SSrT8eeHGWR3E+aPJ+COTFKFD1yAgGb9fQfli/juHw1roP4
Ec/N9gZ5Ovqs9oLGaxZJeeYntp9wqWIMH41XVhcFVMeJpiOJF/3jzJY/i9zJ++zN
XSsk6THEs9A/gj7BiX+U2aRuYBbjYxReg5FYA8bDXrdS1pQ5clJB8tkImuIRLYv4
SqAjT2Yx70wDl+vSjYblB02KbQJYAwRvNn/4PieUOvtz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:41 2024 by rpki-client on console-ams.rpki-client.org