Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/Q200MQSrxTT3gmlJd_0iaHzQDbk.roa
File:                     Q200MQSrxTT3gmlJd_0iaHzQDbk.roa (raw, json)
Hash identifier:          /BOFGNjTyvp6mwF7CsANNxGM5rL9IY8x8PiZ6g6j4Oc=
Subject key identifier:   43:6D:34:31:04:AB:C5:34:F7:82:69:49:77:FD:22:68:7C:D0:0D:B9
Certificate issuer:       /CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Certificate serial:       018E76933E928558122E2F29C94E06B17E3C
Authority key identifier: 8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/Q200MQSrxTT3gmlJd_0iaHzQDbk.roa
Signing time:             Mon 25 Mar 2024 17:05:45 +0000
ROA not before:           Mon 25 Mar 2024 17:05:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     137509
IP address blocks:        89.28.237.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 07:58:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:76:93:3e:92:85:58:12:2e:2f:29:c9:4e:06:b1:7e:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
        Validity
            Not Before: Mar 25 17:05:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=436d343104abc534f782694977fd22687cd00db9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:23:87:b4:61:6d:ed:0c:e8:23:de:43:29:66:
                    d7:c8:60:4d:0b:97:57:cf:d4:e5:ad:97:6c:25:91:
                    fb:27:bc:7b:31:4b:87:a8:8a:d6:55:05:5f:c0:28:
                    3f:69:f4:2a:a8:d7:92:47:81:15:27:93:9b:2c:15:
                    6b:eb:03:05:27:cb:3c:e9:dc:26:7f:03:4a:ec:d0:
                    43:55:1b:88:75:d4:54:c6:af:6e:ca:74:9d:e7:08:
                    a0:2b:54:7e:f5:a7:b4:9b:3f:99:b7:fc:4e:3e:1f:
                    98:39:d1:41:61:73:64:3e:ed:53:82:b2:f9:4f:57:
                    bb:39:1c:d8:6d:d3:2a:e2:e0:5e:c5:40:83:ac:a1:
                    09:c2:7b:f7:5a:f4:de:41:63:a8:2a:22:50:de:4c:
                    fe:ed:88:5b:10:ea:00:f4:72:29:3a:7d:b2:f5:8e:
                    d0:56:f9:91:33:53:14:ad:60:14:e1:0a:af:cf:d2:
                    99:1d:99:1e:ad:49:e8:3a:e3:e2:2a:a6:1b:83:bd:
                    d4:14:2c:2a:52:38:75:2d:e3:da:ab:56:e7:11:3e:
                    b9:7f:ea:6b:2c:ec:a8:4a:89:aa:8d:a5:01:c0:54:
                    8b:9c:49:15:b4:c9:6a:7b:ae:b1:54:37:0e:43:a0:
                    f0:03:2a:3b:f3:a4:e2:56:cc:95:c1:2a:77:f3:67:
                    ab:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:6D:34:31:04:AB:C5:34:F7:82:69:49:77:FD:22:68:7C:D0:0D:B9
            X509v3 Authority Key Identifier:
                keyid:8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/Q200MQSrxTT3gmlJd_0iaHzQDbk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.28.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:4c:44:58:61:3a:4a:98:ac:44:aa:50:fe:4a:a4:b0:b3:a9:
         58:31:ea:ae:99:67:68:01:64:fc:5c:95:c1:a6:3b:5d:33:ef:
         9c:7a:36:cc:53:57:06:9f:10:b1:8c:77:ee:a5:7f:7f:5a:2a:
         e0:a2:da:78:30:53:e8:e7:e5:d7:bd:18:9c:05:81:37:13:5b:
         10:06:3d:c6:0c:96:35:2d:bf:e6:a4:d3:74:e2:07:a1:61:b2:
         50:e8:5f:d8:fc:d8:cf:aa:13:46:88:ba:1f:6e:95:e9:e2:0a:
         bb:25:65:d6:96:20:ed:31:9d:d0:4f:a2:3d:30:ae:67:47:1e:
         34:42:b9:76:b1:59:f2:c9:73:d8:a5:af:ef:51:b3:3a:8c:4d:
         0b:39:73:49:96:ed:77:c2:13:fa:54:c7:e3:90:43:6e:88:0f:
         5d:86:c4:d6:ee:d5:c7:de:ba:8f:7b:48:a4:ee:da:53:c9:c3:
         5a:43:ac:05:8b:4e:97:f5:30:76:55:91:da:7a:3f:28:f2:01:
         e5:7d:ac:e8:ae:d0:de:76:92:b6:0d:18:4a:14:e4:a3:e9:6d:
         81:ec:2d:cc:fe:1e:ad:54:1a:ed:a5:3f:3f:24:f4:c1:c5:2b:
         db:1a:ec:71:eb:f5:42:92:64:80:27:ee:f7:64:8d:49:78:e6:
         4e:a1:81:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY52kz6ShVgSLi8pyU4GsX48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWEzNDE3ZmJlMjVjMmU0NjdjMTg0ODVjMTgxYTc3NzZm
OTZmZjQwHhcNMjQwMzI1MTcwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzZkMzQzMTA0YWJjNTM0Zjc4MjY5NDk3N2ZkMjI2ODdjZDAwZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliOHtGFt7QzoI95DKWbXyGBNC5dX
z9TlrZdsJZH7J7x7MUuHqIrWVQVfwCg/afQqqNeSR4EVJ5ObLBVr6wMFJ8s86dwm
fwNK7NBDVRuIddRUxq9uynSd5wigK1R+9ae0mz+Zt/xOPh+YOdFBYXNkPu1TgrL5
T1e7ORzYbdMq4uBexUCDrKEJwnv3WvTeQWOoKiJQ3kz+7YhbEOoA9HIpOn2y9Y7Q
VvmRM1MUrWAU4Qqvz9KZHZkerUnoOuPiKqYbg73UFCwqUjh1LePaq1bnET65f+pr
LOyoSomqjaUBwFSLnEkVtMlqe66xVDcOQ6DwAyo786TiVsyVwSp382er6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFENtNDEEq8U094JpSXf9Imh80A25MB8GA1UdIwQY
MBaAFIpaNBf74lwuRnwYSFwYGnd2+W/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYt
ZDdhYmNkMGVmNjRhLzEvUTIwME1RU3J4VFQzZ21sSmRfMGlhSHpRRGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYtZDdhYmNkMGVmNjRh
LzEvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRztMA0G
CSqGSIb3DQEBCwUAA4IBAQAuTERYYTpKmKxEqlD+SqSws6lYMequmWdoAWT8XJXB
pjtdM++cejbMU1cGnxCxjHfupX9/Wirgotp4MFPo5+XXvRicBYE3E1sQBj3GDJY1
Lb/mpNN04gehYbJQ6F/Y/NjPqhNGiLofbpXp4gq7JWXWliDtMZ3QT6I9MK5nRx40
Qrl2sVnyyXPYpa/vUbM6jE0LOXNJlu13whP6VMfjkENuiA9dhsTW7tXH3rqPe0ik
7tpTycNaQ6wFi06X9TB2VZHaej8o8gHlfazortDedpK2DRhKFOSj6W2B7C3M/h6t
VBrtpT8/JPTBxSvbGuxx6/VCkmSAJ+73ZI1JeOZOoYGT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org