Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/zxIJQO2sgKNYi8j_W3Z6aEjrNsc.roa
File:                     zxIJQO2sgKNYi8j_W3Z6aEjrNsc.roa (raw, json)
Hash identifier:          fL1KdQsvpIb+RM2h29WettQ4wT9bX/vzrqLpfTJ5zGo=
Subject key identifier:   CF:12:09:40:ED:AC:80:A3:58:8B:C8:FF:5B:76:7A:68:48:EB:36:C7
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       01856EA6BD594B46FF57A8982B2461B2811F
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/zxIJQO2sgKNYi8j_W3Z6aEjrNsc.roa
Signing time:             Sun 01 Jan 2023 18:44:59 +0000
ROA not before:           Sun 01 Jan 2023 18:44:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42614
IP address blocks:        89.43.200.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:bd:59:4b:46:ff:57:a8:98:2b:24:61:b2:81:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jan  1 18:44:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf120940edac80a3588bc8ff5b767a6848eb36c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:cd:57:dd:0c:95:e0:ff:c6:50:41:91:13:10:
                    ab:25:9b:aa:7f:b1:2a:40:2f:1b:c9:d2:e3:83:b4:
                    df:ff:30:c9:e0:46:2c:0e:8d:68:06:8f:23:3e:53:
                    6e:2c:00:af:8f:b6:8a:90:44:3d:37:a2:ca:6e:7f:
                    69:17:12:7c:5c:cf:9e:ae:da:9b:e5:7f:ef:5b:f1:
                    67:ee:a5:30:fe:d6:0b:d7:1a:7c:b9:c9:c5:61:8b:
                    ad:2c:f5:64:7d:58:10:3d:17:a3:8a:36:69:31:c1:
                    43:6d:13:76:39:43:fc:86:5e:44:8a:75:71:6a:87:
                    be:ab:36:d2:ee:7b:4e:af:ac:4c:a1:ab:08:a4:c7:
                    cc:9e:6b:83:30:73:bc:8b:a5:65:e5:e4:f2:05:bf:
                    da:bd:fd:8c:9a:c7:b2:78:6c:52:e0:34:03:6e:11:
                    fa:fc:c4:6b:44:09:e6:b9:47:7b:59:d8:57:da:17:
                    5b:bb:cf:e2:37:68:21:f5:32:e0:8c:a9:f5:be:38:
                    fd:7e:4a:34:b6:12:3e:99:62:fc:1d:88:1f:49:a5:
                    51:b6:86:ab:f9:9f:15:06:3c:11:41:db:3d:d5:a9:
                    1e:b3:99:77:59:f0:80:e6:92:07:83:6a:b2:cf:ab:
                    4b:e8:bb:04:8a:12:d3:7c:38:ae:03:1c:8f:3b:ca:
                    98:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:12:09:40:ED:AC:80:A3:58:8B:C8:FF:5B:76:7A:68:48:EB:36:C7
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/zxIJQO2sgKNYi8j_W3Z6aEjrNsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.43.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d3:98:18:3c:f6:37:34:c1:bc:4d:36:0f:9b:46:fb:80:c2:33:
         b0:23:27:d5:0e:5e:00:a0:8b:5a:94:a9:9e:f9:03:ff:2a:7e:
         62:ed:95:25:28:20:82:f5:ab:67:57:e1:1c:63:2f:e5:67:3c:
         2c:50:49:db:5d:e3:76:c6:06:a7:ed:1f:41:5b:f6:2d:f3:7d:
         10:9f:c1:b5:68:c5:f4:6a:52:6a:ed:0d:86:9e:a9:1b:d8:71:
         47:dc:7f:cb:81:ba:95:f3:f9:00:89:06:82:4a:42:ce:87:98:
         77:04:45:18:22:57:6a:6b:1e:8d:35:f5:78:0a:9d:11:1c:92:
         52:c2:0f:a1:10:c5:f1:3c:c0:33:0a:f4:e5:ad:3d:80:42:26:
         94:b1:cb:15:f9:8b:0d:5b:73:a4:ad:b7:f7:8a:ee:1a:d6:5e:
         b3:ab:99:5f:c7:4b:2a:e1:c8:21:7d:d5:72:65:79:44:03:2b:
         a3:bc:f9:1d:0e:ef:f2:73:4a:27:1a:5b:cc:b8:35:ad:0f:a9:
         3e:e7:11:a3:ed:2c:03:c1:68:44:5c:37:2d:d7:a2:de:d6:31:
         b1:42:09:e7:39:47:b7:0f:c1:11:bb:c3:84:25:c3:0f:98:42:
         f3:80:1d:4d:49:a5:ea:f5:e6:99:96:c5:d0:c7:a0:4b:5e:28:
         a0:40:a2:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupr1ZS0b/V6iYKyRhsoEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjEyMDk0MGVkYWM4MGEzNTg4YmM4ZmY1Yjc2N2E2ODQ4ZWIzNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM1X3QyV4P/GUEGRExCrJZuqf7Eq
QC8bydLjg7Tf/zDJ4EYsDo1oBo8jPlNuLACvj7aKkEQ9N6LKbn9pFxJ8XM+ertqb
5X/vW/Fn7qUw/tYL1xp8ucnFYYutLPVkfVgQPRejijZpMcFDbRN2OUP8hl5EinVx
aoe+qzbS7ntOr6xMoasIpMfMnmuDMHO8i6Vl5eTyBb/avf2MmseyeGxS4DQDbhH6
/MRrRAnmuUd7WdhX2hdbu8/iN2gh9TLgjKn1vjj9fko0thI+mWL8HYgfSaVRtoar
+Z8VBjwRQds91akes5l3WfCA5pIHg2qyz6tL6LsEihLTfDiuAxyPO8qYcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8SCUDtrICjWIvI/1t2emhI6zbHMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvenhJSlFPMnNnS05ZaThqX1czWjZhRWpyTnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSvIMA0G
CSqGSIb3DQEBCwUAA4IBAQDTmBg89jc0wbxNNg+bRvuAwjOwIyfVDl4AoItalKme
+QP/Kn5i7ZUlKCCC9atnV+EcYy/lZzwsUEnbXeN2xgan7R9BW/Yt830Qn8G1aMX0
alJq7Q2Gnqkb2HFH3H/LgbqV8/kAiQaCSkLOh5h3BEUYIldqax6NNfV4Cp0RHJJS
wg+hEMXxPMAzCvTlrT2AQiaUscsV+YsNW3Okrbf3iu4a1l6zq5lfx0sq4cghfdVy
ZXlEAyujvPkdDu/yc0onGlvMuDWtD6k+5xGj7SwDwWhEXDct16Le1jGxQgnnOUe3
D8ERu8OEJcMPmELzgB1NSaXq9eaZlsXQx6BLXiigQKI2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org