Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/_k7P-Y-buwRWIgEie7hWqao2Bmw.roa
File:                     _k7P-Y-buwRWIgEie7hWqao2Bmw.roa (raw, json)
Hash identifier:          YHqqrv6pkAuJNute2MqvB10IO91ZOdRkFzhG0O/IIkE=
Subject key identifier:   FE:4E:CF:F9:8F:9B:BB:04:56:22:01:22:7B:B8:56:A9:AA:36:06:6C
Certificate issuer:       /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial:       0185703990139074C2099B5C50C4B68D13B1
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/_k7P-Y-buwRWIgEie7hWqao2Bmw.roa
Signing time:             Mon 02 Jan 2023 02:04:58 +0000
ROA not before:           Mon 02 Jan 2023 02:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59643
IP address blocks:        188.95.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 21 Jan 2023 05:57:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:90:13:90:74:c2:09:9b:5c:50:c4:b6:8d:13:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94846741139263388d984db1e97e031669c6486e
        Validity
            Not Before: Jan  2 02:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe4ecff98f9bbb04562201227bb856a9aa36066c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f6:98:79:cb:8d:8d:b8:e9:4a:aa:eb:32:37:
                    98:32:f3:43:26:a1:95:51:0f:d9:0b:f2:af:4c:db:
                    b2:8f:b3:f3:fc:2a:8e:56:4f:fc:3c:4f:34:83:87:
                    8e:a6:9e:7a:dc:e8:87:27:26:b8:0e:be:f9:a9:10:
                    56:4f:c2:61:f8:52:99:33:9f:75:97:6d:25:26:fe:
                    7b:03:c6:28:37:35:df:68:16:de:0e:c3:2b:79:82:
                    f3:af:a1:a9:01:56:ee:54:32:01:c2:b4:2c:5a:83:
                    bb:b2:09:f0:f5:cc:b3:6f:d8:62:6c:c0:4d:14:1c:
                    60:ae:e2:59:d0:55:55:0e:6b:40:c4:db:9d:97:b6:
                    a4:21:40:8c:5e:c0:63:09:90:8d:ad:34:81:ff:4f:
                    22:1d:59:44:8a:46:36:98:87:15:53:73:0e:8f:72:
                    10:0f:2a:95:1b:ba:b5:40:90:58:b1:79:32:8a:d6:
                    3c:a7:93:b9:e0:ce:d7:0d:e9:19:9a:30:6d:41:2b:
                    6e:15:1d:82:9d:f5:c3:64:98:47:78:4f:83:1f:cb:
                    e1:10:b2:7d:40:b1:ff:36:bb:e5:4c:c6:21:fc:ab:
                    c0:3f:73:b7:55:aa:5e:0a:d7:79:7e:96:1e:01:c4:
                    cb:49:05:2c:53:c7:0f:52:69:5b:7e:09:15:36:d1:
                    d0:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:4E:CF:F9:8F:9B:BB:04:56:22:01:22:7B:B8:56:A9:AA:36:06:6C
            X509v3 Authority Key Identifier:
                keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/_k7P-Y-buwRWIgEie7hWqao2Bmw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.95.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:1c:a8:6f:ab:7e:57:e3:42:9f:2f:d6:fa:33:4d:53:6b:0a:
         e9:7f:cf:88:df:39:f3:01:96:29:87:46:69:1d:5c:dc:f0:06:
         c4:31:18:69:4f:9e:12:75:df:57:0f:42:06:66:a8:b1:1f:01:
         98:66:df:d6:00:0e:5a:52:ec:38:92:9d:d8:85:3f:92:fc:48:
         c3:fa:29:d9:c6:95:32:f2:ab:bd:6e:a8:a8:fa:3e:ba:66:f2:
         f3:d3:15:55:62:f8:6e:46:17:3c:9e:28:d8:c4:b5:95:55:92:
         3b:89:62:d9:18:a2:fb:ed:c5:3e:77:55:b4:2c:4c:8e:b1:6d:
         8c:79:68:8f:f6:4b:24:ff:02:c0:9b:13:18:56:0f:24:dd:79:
         bf:d3:6a:e6:47:2e:60:ee:56:1b:6b:04:7d:58:37:21:e6:3f:
         ef:e3:d8:ff:ff:ea:ec:f6:d8:81:ba:a5:b9:dc:6a:e8:b8:82:
         a9:13:b7:ed:e4:2a:46:0d:b7:d0:99:3c:6e:08:39:c3:a3:78:
         28:a4:04:40:ec:b4:28:b4:a1:a3:97:05:fa:b0:29:f4:ef:d5:
         a1:4c:b5:8f:15:7b:f0:5a:29:ea:8d:b7:31:0b:f8:89:88:41:
         2e:f0:fa:d6:f4:7d:ab:c4:56:39:f1:94:e2:04:07:c4:9e:0a:
         4f:b1:d0:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOZATkHTCCZtcUMS2jROxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjMwMTAyMDIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTRlY2ZmOThmOWJiYjA0NTYyMjAxMjI3YmI4NTZhOWFhMzYwNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvaYecuNjbjpSqrrMjeYMvNDJqGV
UQ/ZC/KvTNuyj7Pz/CqOVk/8PE80g4eOpp563OiHJya4Dr75qRBWT8Jh+FKZM591
l20lJv57A8YoNzXfaBbeDsMreYLzr6GpAVbuVDIBwrQsWoO7sgnw9cyzb9hibMBN
FBxgruJZ0FVVDmtAxNudl7akIUCMXsBjCZCNrTSB/08iHVlEikY2mIcVU3MOj3IQ
DyqVG7q1QJBYsXkyitY8p5O54M7XDekZmjBtQStuFR2CnfXDZJhHeE+DH8vhELJ9
QLH/NrvlTMYh/KvAP3O3VapeCtd5fpYeAcTLSQUsU8cPUmlbfgkVNtHQkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5Oz/mPm7sEViIBInu4VqmqNgZsMB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvX2s3UC1ZLWJ1d1JXSWdFaWU3aFdxYW8yQm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9ZMA0G
CSqGSIb3DQEBCwUAA4IBAQANHKhvq35X40KfL9b6M01Tawrpf8+I3znzAZYph0Zp
HVzc8AbEMRhpT54Sdd9XD0IGZqixHwGYZt/WAA5aUuw4kp3YhT+S/EjD+inZxpUy
8qu9bqio+j66ZvLz0xVVYvhuRhc8nijYxLWVVZI7iWLZGKL77cU+d1W0LEyOsW2M
eWiP9ksk/wLAmxMYVg8k3Xm/02rmRy5g7lYbawR9WDch5j/v49j//+rs9tiBuqW5
3GrouIKpE7ft5CpGDbfQmTxuCDnDo3gopARA7LQotKGjlwX6sCn079WhTLWPFXvw
WinqjbcxC/iJiEEu8PrW9H2rxFY58ZTiBAfEngpPsdBF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:51 2024 by rpki-client on console-fra.rpki-client.org