Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/27a748-884d-4f19-b285-59199331ee09/1/tT89LV-76b2Ii9gOLl1eMAmWfMg.roa
File:                     tT89LV-76b2Ii9gOLl1eMAmWfMg.roa (raw, json)
Hash identifier:          hZecUO5aF6Ib6jorL1W3mCx8GdS4sFxPnuHvr8PxXs8=
Subject key identifier:   B5:3F:3D:2D:5F:BB:E9:BD:88:8B:D8:0E:2E:5D:5E:30:09:96:7C:C8
Certificate issuer:       /CN=5aa58d5f2712ccc0044b59efa7cbc3e98c5fc25c
Certificate serial:       018714F0EF1F14051B9E23DC7F1B04E4C338
Authority key identifier: 5A:A5:8D:5F:27:12:CC:C0:04:4B:59:EF:A7:CB:C3:E9:8C:5F:C2:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WqWNXycSzMAES1nvp8vD6Yxfwlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/27a748-884d-4f19-b285-59199331ee09/1/tT89LV-76b2Ii9gOLl1eMAmWfMg.roa
Signing time:             Fri 24 Mar 2023 18:45:46 +0000
ROA not before:           Fri 24 Mar 2023 18:45:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39910
IP address blocks:        185.203.90.0/24 maxlen: 24
                          2a10:7a40::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:14:f0:ef:1f:14:05:1b:9e:23:dc:7f:1b:04:e4:c3:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5aa58d5f2712ccc0044b59efa7cbc3e98c5fc25c
        Validity
            Not Before: Mar 24 18:45:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b53f3d2d5fbbe9bd888bd80e2e5d5e3009967cc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:8b:c6:a7:3d:90:49:02:b1:84:67:cf:74:6b:
                    95:af:1c:0f:52:00:a0:d6:32:9f:d6:91:bf:45:e0:
                    ea:32:b6:9b:72:a3:78:f2:ac:da:bf:c5:28:db:4c:
                    e0:05:ca:39:a3:39:d2:0a:8b:f0:a4:6b:c7:95:5a:
                    fc:c8:e7:d3:9a:f1:98:00:7e:08:4a:ad:56:85:c2:
                    95:e9:ff:3d:f6:bf:95:d0:65:4e:7e:aa:9a:a6:ba:
                    a1:4a:b9:a3:d9:6e:a8:3c:da:2a:e4:62:8b:0b:2a:
                    2e:c2:10:25:21:46:2a:f6:96:9f:6e:6c:2c:82:83:
                    1e:19:8e:26:72:a7:cd:15:e2:df:e0:07:6b:71:91:
                    ee:67:2d:cc:19:1c:db:83:e1:ac:65:12:da:76:b1:
                    e7:01:b2:e7:0b:af:26:68:bf:1b:32:d2:e9:a5:c1:
                    dd:48:f5:5b:fc:10:0d:00:d9:b0:99:06:94:08:b8:
                    24:20:4a:31:2b:e6:a0:14:4d:9e:49:99:68:20:36:
                    78:ca:c6:4d:84:be:82:8d:7f:a8:8b:27:95:a7:71:
                    1f:3b:e3:43:8d:90:08:21:82:3b:f9:ac:14:71:f0:
                    60:6e:54:80:03:b8:7b:60:b2:91:64:0b:d1:f7:36:
                    1a:ef:a9:98:0f:32:7e:a6:82:ff:bc:c7:93:f7:fb:
                    7b:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:3F:3D:2D:5F:BB:E9:BD:88:8B:D8:0E:2E:5D:5E:30:09:96:7C:C8
            X509v3 Authority Key Identifier:
                keyid:5A:A5:8D:5F:27:12:CC:C0:04:4B:59:EF:A7:CB:C3:E9:8C:5F:C2:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqWNXycSzMAES1nvp8vD6Yxfwlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/27a748-884d-4f19-b285-59199331ee09/1/tT89LV-76b2Ii9gOLl1eMAmWfMg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/27a748-884d-4f19-b285-59199331ee09/1/WqWNXycSzMAES1nvp8vD6Yxfwlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.203.90.0/24
                IPv6:
                  2a10:7a40::/29

    Signature Algorithm: sha256WithRSAEncryption
         c9:2b:b6:f7:8a:7e:ab:70:cf:5d:4e:95:11:95:77:43:95:15:
         64:a6:0f:60:6c:6a:2d:6c:45:a8:24:e9:c4:05:b1:9c:db:b6:
         1c:11:8f:58:83:a9:74:7e:79:d4:2d:82:7e:61:04:5e:31:c4:
         5f:5c:8f:09:d8:4c:dd:3c:4f:7f:74:68:d6:8d:50:a2:c9:5b:
         3e:fa:64:3e:68:93:58:1d:b9:d7:c6:89:7c:5b:53:77:73:d6:
         dd:8b:1a:21:cb:e9:70:bc:2c:ab:40:70:e5:f8:03:ee:2d:8f:
         5c:40:7f:72:dd:d3:d2:4a:84:d6:cc:65:2c:ca:f0:6d:4d:12:
         30:11:c2:30:00:04:27:cd:81:5a:ba:f9:3a:c3:60:77:77:87:
         a6:35:a0:5a:b8:c8:e2:7b:a6:bd:9c:1d:86:d4:d7:83:8c:41:
         d3:ff:26:01:e5:33:5e:ad:c0:47:5f:33:d2:e6:bd:a7:57:53:
         36:50:af:a0:dc:a0:18:44:b0:16:a3:b3:fc:8c:a5:e2:09:b3:
         bd:63:fc:5d:f2:fc:4b:41:f2:a6:ae:b1:40:3a:f2:0b:b3:d4:
         27:15:93:ca:9a:d9:49:94:48:30:3d:c8:5c:64:91:1d:9e:22:
         38:f1:59:1d:c1:96:9b:8b:c2:cf:a4:c6:ac:1a:68:f2:0e:fa:
         7a:d1:ab:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcU8O8fFAUbniPcfxsE5MM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTU4ZDVmMjcxMmNjYzAwNDRiNTllZmE3Y2JjM2U5OGM1
ZmMyNWMwHhcNMjMwMzI0MTg0NTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTNmM2QyZDVmYmJlOWJkODg4YmQ4MGUyZTVkNWUzMDA5OTY3Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIvGpz2QSQKxhGfPdGuVrxwPUgCg
1jKf1pG/ReDqMrabcqN48qzav8Uo20zgBco5oznSCovwpGvHlVr8yOfTmvGYAH4I
Sq1WhcKV6f899r+V0GVOfqqaprqhSrmj2W6oPNoq5GKLCyouwhAlIUYq9pafbmws
goMeGY4mcqfNFeLf4AdrcZHuZy3MGRzbg+GsZRLadrHnAbLnC68maL8bMtLppcHd
SPVb/BANANmwmQaUCLgkIEoxK+agFE2eSZloIDZ4ysZNhL6CjX+oiyeVp3EfO+ND
jZAIIYI7+awUcfBgblSAA7h7YLKRZAvR9zYa76mYDzJ+poL/vMeT9/t7fwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLU/PS1fu+m9iIvYDi5dXjAJlnzIMB8GA1UdIwQY
MBaAFFqljV8nEszABEtZ76fLw+mMX8JcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FXTlh5Y1N6TUFFUzFudnA4dkQ2WXhmd2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yN2E3NDgtODg0ZC00ZjE5LWIyODUt
NTkxOTkzMzFlZTA5LzEvdFQ4OUxWLTc2YjJJaTlnT0xsMWVNQW1XZk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yN2E3NDgtODg0ZC00ZjE5LWIyODUtNTkxOTkzMzFlZTA5
LzEvV3FXTlh5Y1N6TUFFUzFudnA4dkQ2WXhmd2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuctaMA0E
AgACMAcDBQMqEHpAMA0GCSqGSIb3DQEBCwUAA4IBAQDJK7b3in6rcM9dTpURlXdD
lRVkpg9gbGotbEWoJOnEBbGc27YcEY9Yg6l0fnnULYJ+YQReMcRfXI8J2EzdPE9/
dGjWjVCiyVs++mQ+aJNYHbnXxol8W1N3c9bdixohy+lwvCyrQHDl+APuLY9cQH9y
3dPSSoTWzGUsyvBtTRIwEcIwAAQnzYFauvk6w2B3d4emNaBauMjie6a9nB2G1NeD
jEHT/yYB5TNercBHXzPS5r2nV1M2UK+g3KAYRLAWo7P8jKXiCbO9Y/xd8vxLQfKm
rrFAOvILs9QnFZPKmtlJlEgwPchcZJEdniI48VkdwZabi8LPpMasGmjyDvp60ati
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:32 2024 by rpki-client on console-fra.rpki-client.org