Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ibaHi0y1l8qv32_8pKVSyWN7Lio.roa
File:                     ibaHi0y1l8qv32_8pKVSyWN7Lio.roa (raw, json)
Hash identifier:          HGuGpXezjZVz/aU9NVzRkeYRTrYH3iWdikleIVCkQ/4=
Subject key identifier:   89:B6:87:8B:4C:B5:97:CA:AF:DF:6F:FC:A4:A5:52:C9:63:7B:2E:2A
Certificate issuer:       /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial:       018750477B892DE43D0459E7388D83CEDFD1
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ibaHi0y1l8qv32_8pKVSyWN7Lio.roa
Signing time:             Wed 05 Apr 2023 07:17:54 +0000
ROA not before:           Wed 05 Apr 2023 07:17:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210423
IP address blocks:        84.236.234.0/23 maxlen: 23
                          95.178.112.0/22 maxlen: 22
                          84.232.35.0/24 maxlen: 24
                          94.24.46.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 08:05:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:50:47:7b:89:2d:e4:3d:04:59:e7:38:8d:83:ce:df:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
        Validity
            Not Before: Apr  5 07:17:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89b6878b4cb597caafdf6ffca4a552c9637b2e2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ce:d6:0d:a0:b1:5c:4f:f6:00:1d:2f:df:4b:
                    e2:ce:59:00:3b:ff:24:51:07:69:91:3b:7e:7b:e1:
                    6d:c7:06:94:bb:3a:40:f1:fb:d6:c4:61:ca:95:e9:
                    a5:af:52:f1:e1:45:08:fa:01:cb:ad:b2:8c:e6:f1:
                    b7:b5:6c:d8:7f:f8:00:4f:76:4a:64:72:52:83:d6:
                    6b:c4:2a:fa:af:0d:5b:b9:28:ec:99:85:9b:7f:dd:
                    f5:b6:d7:7d:d3:97:c0:fe:bb:57:f1:4b:60:1a:ea:
                    dc:6f:73:a7:bc:c6:a2:01:76:4b:9e:69:7d:b9:f8:
                    e8:27:3d:77:a6:00:5c:9c:06:90:7e:00:1c:fc:7b:
                    fc:25:d3:50:2d:75:98:8c:04:4b:15:eb:42:ad:8c:
                    8a:98:15:74:0a:92:4d:4f:42:c7:92:cb:89:a8:3e:
                    16:70:66:6f:c0:d4:6e:fd:4f:69:bc:d6:7d:c7:43:
                    71:93:fa:b6:61:8b:42:8f:a6:4f:17:91:c6:11:6b:
                    99:dc:e9:fe:96:7c:82:78:f1:09:d2:9f:63:18:50:
                    f2:ff:29:56:18:b4:68:b9:23:59:d4:f0:ce:95:33:
                    53:db:2f:f3:8f:ae:c6:f1:4c:38:b1:1b:1d:73:15:
                    76:4d:ee:41:68:06:73:32:83:4c:1c:30:f8:c3:89:
                    2e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:B6:87:8B:4C:B5:97:CA:AF:DF:6F:FC:A4:A5:52:C9:63:7B:2E:2A
            X509v3 Authority Key Identifier:
                keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ibaHi0y1l8qv32_8pKVSyWN7Lio.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.232.35.0/24
                  84.236.234.0/23
                  94.24.46.0/23
                  95.178.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7c:ff:5b:77:ed:b7:db:36:f7:b2:cd:a0:46:f1:2c:6c:c6:f8:
         5c:4b:97:03:5f:54:e3:60:e3:9b:75:d9:94:98:37:46:8c:8a:
         9b:f2:77:43:b3:07:79:d8:e3:39:22:59:21:c9:7a:02:2c:bd:
         6f:46:aa:aa:f2:ef:f2:a2:6d:ce:6c:90:3f:4f:b9:0e:0c:cf:
         f5:e0:43:6f:05:26:6c:b0:31:71:31:02:19:9b:e8:7d:71:7d:
         bc:f0:11:17:44:69:b4:c7:6d:f9:29:d8:e9:55:c0:44:de:a3:
         48:44:de:00:6d:a7:5e:da:f5:51:a3:be:17:3a:94:60:ca:5c:
         00:9f:e7:fe:b2:5d:97:7d:51:72:8a:7c:c2:ea:e7:da:60:2f:
         76:5c:1c:c0:6b:b3:07:08:02:86:7c:24:ae:ef:49:54:76:f6:
         03:f0:26:4c:0b:8b:c6:b6:f1:77:2a:5e:c2:a9:57:69:70:7d:
         bf:a2:cd:8b:51:fe:57:4b:ec:59:8b:d5:69:e3:86:6b:33:70:
         5b:45:6c:cb:b6:a8:6c:9e:76:0f:10:5c:c0:8b:5b:ec:8a:72:
         88:e8:6f:24:67:87:ec:3a:fb:09:a0:f5:b5:ea:ce:c7:ce:96:
         d4:17:74:cb:a9:c5:a1:45:32:32:10:fe:47:9e:89:75:dd:e1:
         a3:18:61:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdQR3uJLeQ9BFnnOI2Dzt/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwNDA1MDcxNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI2ODc4YjRjYjU5N2NhYWZkZjZmZmNhNGE1NTJjOTYzN2IyZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos7WDaCxXE/2AB0v30vizlkAO/8k
UQdpkTt+e+FtxwaUuzpA8fvWxGHKlemlr1Lx4UUI+gHLrbKM5vG3tWzYf/gAT3ZK
ZHJSg9ZrxCr6rw1buSjsmYWbf931ttd905fA/rtX8UtgGurcb3OnvMaiAXZLnml9
ufjoJz13pgBcnAaQfgAc/Hv8JdNQLXWYjARLFetCrYyKmBV0CpJNT0LHksuJqD4W
cGZvwNRu/U9pvNZ9x0Nxk/q2YYtCj6ZPF5HGEWuZ3On+lnyCePEJ0p9jGFDy/ylW
GLRouSNZ1PDOlTNT2y/zj67G8Uw4sRsdcxV2Te5BaAZzMoNMHDD4w4kuTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIm2h4tMtZfKr99v/KSlUsljey4qMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvaWJhSGkweTFsOHF2MzJfOHBLVlN5V043TGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVOgjAwQB
VOzqAwQBXhguAwQCX7JwMA0GCSqGSIb3DQEBCwUAA4IBAQB8/1t37bfbNveyzaBG
8SxsxvhcS5cDX1TjYOObddmUmDdGjIqb8ndDswd52OM5IlkhyXoCLL1vRqqq8u/y
om3ObJA/T7kODM/14ENvBSZssDFxMQIZm+h9cX288BEXRGm0x235KdjpVcBE3qNI
RN4Abade2vVRo74XOpRgylwAn+f+sl2XfVFyinzC6ufaYC92XBzAa7MHCAKGfCSu
70lUdvYD8CZMC4vGtvF3Kl7CqVdpcH2/os2LUf5XS+xZi9Vp44ZrM3BbRWzLtqhs
nnYPEFzAi1vsinKI6G8kZ4fsOvsJoPW16s7HzpbUF3TLqcWhRTIyEP5Hnol13eGj
GGGY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:33 2024 by rpki-client on console-fra.rpki-client.org