Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/aZSQJ5ua0DItfQNnUIHRchoucAk.roa
File:                     aZSQJ5ua0DItfQNnUIHRchoucAk.roa (raw, json)
Hash identifier:          wWqzJuTvJr9OwVgkYKXP1H//MI2fWfye/wwcj/y4dvE=
Subject key identifier:   69:94:90:27:9B:9A:D0:32:2D:7D:03:67:50:81:D1:72:1A:2E:70:09
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       01856EA6B8AEE64695FA99B2CAE4BCE443A8
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/aZSQJ5ua0DItfQNnUIHRchoucAk.roa
Signing time:             Sun 01 Jan 2023 18:44:58 +0000
ROA not before:           Sun 01 Jan 2023 18:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39205
IP address blocks:        89.33.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:b8:ae:e6:46:95:fa:99:b2:ca:e4:bc:e4:43:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jan  1 18:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=699490279b9ad0322d7d03675081d1721a2e7009
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:55:c2:5e:3d:99:03:10:f3:01:58:21:9f:40:
                    56:0d:bc:04:1a:82:f4:cb:c2:1e:ff:9c:43:ff:78:
                    23:6a:37:8c:79:2c:56:25:0a:db:f3:1e:10:34:41:
                    7d:f0:9b:a5:18:31:f1:06:e9:6f:0b:98:61:a0:a5:
                    37:e2:5f:5d:56:dd:ba:95:c9:3f:05:e9:8f:d4:49:
                    ae:46:c6:4c:af:45:c6:a5:08:de:1c:00:b4:2f:66:
                    9d:2e:8c:5a:2e:50:4c:d2:09:a4:30:cd:e7:74:a2:
                    a9:4f:3e:85:c4:2c:17:01:08:c4:e5:29:33:85:f2:
                    86:31:8c:18:06:68:18:36:b6:9e:1a:9b:9a:30:1a:
                    75:ea:c9:5c:07:f5:07:fa:df:5d:3c:ce:b3:2f:1b:
                    8b:ed:af:98:70:a7:32:a3:02:8f:62:80:3f:ca:fb:
                    82:33:3f:f7:59:da:8e:d2:82:c8:0e:2c:9f:56:ef:
                    50:54:90:22:a4:b9:69:37:d6:8b:52:14:88:9b:4b:
                    18:82:72:ae:5d:2b:10:dd:d0:38:ac:9b:b2:c4:99:
                    b9:b8:17:48:4d:88:8e:6e:bd:c1:31:9a:09:75:fb:
                    23:66:81:bc:df:10:2a:8b:fe:ef:0d:87:b9:d6:ab:
                    cf:4a:c3:7d:47:94:b7:78:b9:5f:9a:6e:b7:4c:af:
                    4c:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:94:90:27:9B:9A:D0:32:2D:7D:03:67:50:81:D1:72:1A:2E:70:09
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/aZSQJ5ua0DItfQNnUIHRchoucAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:0e:c5:87:43:f5:54:d4:51:c8:b1:26:95:a0:e2:0c:fb:ba:
         84:14:57:8b:d5:1e:46:4c:9b:5f:92:fe:43:2f:81:25:6b:2c:
         df:15:88:bc:8d:15:f5:4a:28:7c:14:1b:f8:f3:13:61:ea:1b:
         6c:b0:db:98:f0:3e:44:8e:3c:80:08:d9:08:ab:43:e4:b6:bd:
         f6:3f:7d:36:f5:1a:65:93:55:56:46:e0:de:2c:17:e4:a4:7e:
         1b:7f:dd:ec:ad:60:61:35:e6:9f:ae:30:75:c4:ea:44:12:65:
         ad:cc:03:30:a5:e9:a9:91:38:9a:89:ad:d2:ee:e9:3e:75:a2:
         98:df:2c:3b:e5:36:19:30:1b:09:1b:a8:62:5e:ac:f9:7c:97:
         e3:a4:12:93:d0:52:bf:08:73:ca:58:d1:0d:a4:2e:45:87:ed:
         50:9f:c7:57:97:a1:4a:de:78:3d:91:ac:78:31:f0:6b:19:b2:
         6e:02:14:2b:9e:ef:c3:ea:4d:07:26:5b:43:90:bd:21:54:09:
         28:a9:40:9f:c4:84:63:c1:90:15:cf:59:16:a4:fc:a8:2b:a5:
         5e:e0:30:49:88:aa:e8:a0:4d:11:30:6a:49:6b:da:cc:6b:af:
         ca:e1:de:ba:d5:bc:85:1d:1f:5e:b6:b4:37:4a:9b:fd:fb:61:
         d1:dc:15:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupriu5kaV+pmyyuS85EOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTk0OTAyNzliOWFkMDMyMmQ3ZDAzNjc1MDgxZDE3MjFhMmU3MDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglXCXj2ZAxDzAVghn0BWDbwEGoL0
y8Ie/5xD/3gjajeMeSxWJQrb8x4QNEF98JulGDHxBulvC5hhoKU34l9dVt26lck/
BemP1EmuRsZMr0XGpQjeHAC0L2adLoxaLlBM0gmkMM3ndKKpTz6FxCwXAQjE5Skz
hfKGMYwYBmgYNraeGpuaMBp16slcB/UH+t9dPM6zLxuL7a+YcKcyowKPYoA/yvuC
Mz/3WdqO0oLIDiyfVu9QVJAipLlpN9aLUhSIm0sYgnKuXSsQ3dA4rJuyxJm5uBdI
TYiObr3BMZoJdfsjZoG83xAqi/7vDYe51qvPSsN9R5S3eLlfmm63TK9MTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmUkCebmtAyLX0DZ1CB0XIaLnAJMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvYVpTUUo1dWEwREl0ZlFOblVJSFJjaG91Y0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSH9MA0G
CSqGSIb3DQEBCwUAA4IBAQAbDsWHQ/VU1FHIsSaVoOIM+7qEFFeL1R5GTJtfkv5D
L4ElayzfFYi8jRX1Sih8FBv48xNh6htssNuY8D5EjjyACNkIq0Pktr32P3029Rpl
k1VWRuDeLBfkpH4bf93srWBhNeafrjB1xOpEEmWtzAMwpempkTiaia3S7uk+daKY
3yw75TYZMBsJG6hiXqz5fJfjpBKT0FK/CHPKWNENpC5Fh+1Qn8dXl6FK3ng9kax4
MfBrGbJuAhQrnu/D6k0HJltDkL0hVAkoqUCfxIRjwZAVz1kWpPyoK6Ve4DBJiKro
oE0RMGpJa9rMa6/K4d661byFHR9etrQ3Spv9+2HR3BXo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org