Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/bAQnnnpoQqR8y9KyS8bZAsKE3bg.roa
File:                     bAQnnnpoQqR8y9KyS8bZAsKE3bg.roa (raw, json)
Hash identifier:          WKrN5LHPCK5F9tKtQJLOcRvK8kbluROo0v6GIkpn1qg=
Subject key identifier:   6C:04:27:9E:7A:68:42:A4:7C:CB:D2:B2:4B:C6:D9:02:C2:84:DD:B8
Certificate issuer:       /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial:       018792475645D197A29B322312A2718CAD17
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/bAQnnnpoQqR8y9KyS8bZAsKE3bg.roa
Signing time:             Tue 18 Apr 2023 02:52:41 +0000
ROA not before:           Tue 18 Apr 2023 02:52:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     136923
IP address blocks:        188.95.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 May 2023 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:92:47:56:45:d1:97:a2:9b:32:23:12:a2:71:8c:ad:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94846741139263388d984db1e97e031669c6486e
        Validity
            Not Before: Apr 18 02:52:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c04279e7a6842a47ccbd2b24bc6d902c284ddb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:81:2d:33:d1:03:fa:73:22:1d:50:1d:83:ec:
                    ad:88:61:77:8a:83:ed:a5:41:55:9d:4b:ac:2a:67:
                    8a:7c:54:1d:82:8c:4c:80:21:6a:9f:a9:ee:52:49:
                    f9:fd:53:9e:91:19:49:be:8d:d1:88:b0:9e:7e:6c:
                    22:31:50:9b:8f:9d:5a:9a:42:5f:49:69:63:b0:81:
                    6c:f7:06:9a:a0:4c:ed:d4:67:50:01:90:36:53:ac:
                    c9:7f:98:26:78:cc:84:e1:31:78:a7:dd:ff:94:d1:
                    7d:36:4f:e9:f2:9b:a2:e9:6f:15:a0:b8:ac:d6:96:
                    d4:6a:95:58:ba:1c:ed:e6:e2:72:7e:2f:8a:5c:67:
                    3b:69:57:74:31:bb:cc:af:d8:bd:28:37:15:19:83:
                    de:e8:48:e6:31:64:64:37:82:8c:89:df:92:93:0c:
                    cd:81:34:8e:11:4a:92:f6:74:2b:c6:12:07:72:e7:
                    14:66:5d:93:63:0a:7a:9e:4a:0f:3d:49:e5:4e:c7:
                    6c:b6:23:92:21:df:de:dc:de:fd:b3:26:09:5a:e7:
                    2a:9f:76:49:ad:81:0a:21:1f:32:81:56:e7:96:02:
                    b5:41:f6:b1:4a:12:8f:3f:0e:a0:8c:8c:12:aa:18:
                    67:4b:78:69:6f:0d:f9:88:fd:dd:ae:04:17:0f:49:
                    7e:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:04:27:9E:7A:68:42:A4:7C:CB:D2:B2:4B:C6:D9:02:C2:84:DD:B8
            X509v3 Authority Key Identifier:
                keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/bAQnnnpoQqR8y9KyS8bZAsKE3bg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.95.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d3:93:00:dd:65:af:ef:6d:8f:67:0b:78:70:6e:b9:ef:07:e5:
         21:76:d5:c5:a8:93:9b:6c:11:41:b6:8b:22:d9:72:97:3f:7c:
         01:f2:af:ca:63:5c:31:81:4a:d3:70:f2:0b:ca:a9:95:06:b2:
         87:5a:96:a7:55:f4:e5:25:0b:b8:b6:1a:e4:a0:7a:b1:42:4b:
         81:b8:d1:53:cf:ce:08:3e:24:2e:fd:93:97:74:7e:96:58:60:
         69:ef:ed:d4:03:80:df:dc:1d:70:4f:75:98:2d:ea:df:f3:52:
         ca:c7:71:10:c3:f5:87:f4:00:43:73:cd:57:16:1b:f3:0d:6e:
         1b:3c:ba:c6:1a:d8:0e:ce:7f:9e:4c:94:75:85:a0:88:32:5d:
         a5:e6:d8:e4:d0:78:94:cb:2c:ed:14:80:b6:33:2a:4a:99:7c:
         03:4d:1a:58:fc:4e:98:0c:41:0b:5c:6b:7a:fb:ca:ce:83:2b:
         a7:28:60:de:7c:79:20:03:26:aa:ed:9d:91:e9:3e:47:c6:86:
         e7:a8:fb:ad:87:ab:82:82:a2:af:14:98:f9:c8:d3:06:74:00:
         8f:fc:fa:bc:cd:fd:94:d6:87:3e:a1:7d:e1:7e:26:42:ff:b2:
         bd:26:2a:cf:a1:5a:42:78:d3:bf:6a:ff:49:1d:b9:9d:ea:d0:
         85:9e:ab:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeSR1ZF0ZeimzIjEqJxjK0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjMwNDE4MDI1MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzA0Mjc5ZTdhNjg0MmE0N2NjYmQyYjI0YmM2ZDkwMmMyODRkZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYEtM9ED+nMiHVAdg+ytiGF3ioPt
pUFVnUusKmeKfFQdgoxMgCFqn6nuUkn5/VOekRlJvo3RiLCefmwiMVCbj51amkJf
SWljsIFs9waaoEzt1GdQAZA2U6zJf5gmeMyE4TF4p93/lNF9Nk/p8pui6W8VoLis
1pbUapVYuhzt5uJyfi+KXGc7aVd0MbvMr9i9KDcVGYPe6EjmMWRkN4KMid+SkwzN
gTSOEUqS9nQrxhIHcucUZl2TYwp6nkoPPUnlTsdstiOSId/e3N79syYJWucqn3ZJ
rYEKIR8ygVbnlgK1QfaxShKPPw6gjIwSqhhnS3hpbw35iP3drgQXD0l+7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwEJ556aEKkfMvSskvG2QLChN24MB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvYkFRbm5ucG9RcVI4eTlLeVM4YlpBc0tFM2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9ZMA0G
CSqGSIb3DQEBCwUAA4IBAQDTkwDdZa/vbY9nC3hwbrnvB+UhdtXFqJObbBFBtosi
2XKXP3wB8q/KY1wxgUrTcPILyqmVBrKHWpanVfTlJQu4thrkoHqxQkuBuNFTz84I
PiQu/ZOXdH6WWGBp7+3UA4Df3B1wT3WYLerf81LKx3EQw/WH9ABDc81XFhvzDW4b
PLrGGtgOzn+eTJR1haCIMl2l5tjk0HiUyyztFIC2MypKmXwDTRpY/E6YDEELXGt6
+8rOgyunKGDefHkgAyaq7Z2R6T5HxobnqPuth6uCgqKvFJj5yNMGdACP/Pq8zf2U
1oc+oX3hfiZC/7K9JirPoVpCeNO/av9JHbmd6tCFnqss
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:51 2024 by rpki-client on console-fra.rpki-client.org