Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/tZY9_Js5hb5cSGVQ5gVYd5ox9gY.roa
File:                     tZY9_Js5hb5cSGVQ5gVYd5ox9gY.roa (raw, json)
Hash identifier:          5pY4MiCJ6LebMWf2nXmVa268S/x91LL08XE5Vn+qOrU=
Subject key identifier:   B5:96:3D:FC:9B:39:85:BE:5C:48:65:50:E6:05:58:77:9A:31:F6:06
Certificate issuer:       /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial:       018571F109DFC31ADA4A596F241E37224A23
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/tZY9_Js5hb5cSGVQ5gVYd5ox9gY.roa
Signing time:             Mon 02 Jan 2023 10:05:00 +0000
ROA not before:           Mon 02 Jan 2023 10:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206430
IP address blocks:        89.45.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f1:09:df:c3:1a:da:4a:59:6f:24:1e:37:22:4a:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
        Validity
            Not Before: Jan  2 10:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b5963dfc9b3985be5c486550e60558779a31f606
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:7c:c1:18:b6:d5:3a:0b:4f:4d:bf:cf:90:9a:
                    11:67:33:60:c3:70:f5:9e:9f:8b:c6:bd:52:07:d8:
                    7a:27:6c:ed:49:2f:8f:57:d8:76:2d:97:d4:c9:5d:
                    92:07:ac:48:f1:c8:5d:1f:ef:1b:e1:6f:1b:ef:7e:
                    e5:65:3a:1b:41:92:12:c4:7a:ad:b2:b1:b2:60:83:
                    5b:78:9f:72:e3:da:d6:11:9b:bf:c9:fb:84:c2:36:
                    d0:24:be:3e:e5:0d:3c:25:92:28:67:26:dd:a0:df:
                    fc:f1:6b:5c:39:4f:2f:2c:e3:74:9e:9a:c3:96:b8:
                    a8:df:50:84:e9:63:99:7c:ae:f8:75:20:87:1f:a3:
                    5c:5a:7b:14:ab:05:84:eb:e7:cb:18:a5:f8:6d:83:
                    8b:7f:da:18:a8:76:35:e2:c2:2e:7b:86:de:cd:cc:
                    84:f1:8c:8b:9b:cb:f9:14:e5:6e:28:04:e2:33:09:
                    4b:fe:e1:a7:41:24:96:74:e7:5a:8f:93:fe:7a:08:
                    73:0b:7a:c2:a2:c8:b2:14:7d:37:54:d0:b5:1d:55:
                    7c:24:ec:33:09:9a:ff:ad:7b:2e:2d:a1:a1:c1:3e:
                    69:16:a2:ef:89:a1:f2:cd:8b:d0:47:b8:23:34:d3:
                    fa:10:e1:68:6a:ae:3b:64:9e:d9:e6:ff:fb:6f:33:
                    c9:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:96:3D:FC:9B:39:85:BE:5C:48:65:50:E6:05:58:77:9A:31:F6:06
            X509v3 Authority Key Identifier:
                keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/tZY9_Js5hb5cSGVQ5gVYd5ox9gY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.45.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:1b:ae:da:3c:85:3c:7f:9f:6e:13:b8:25:50:21:54:51:d2:
         15:53:d5:f7:ca:09:74:68:31:1f:d5:d8:89:96:87:d1:37:1a:
         30:90:83:fa:e3:e5:54:25:62:66:57:83:73:e8:2b:c1:6c:48:
         06:3b:4f:43:26:0b:ed:fd:d4:2a:66:77:61:18:47:7d:0c:0b:
         85:d9:db:ea:42:99:a3:c1:fc:af:82:31:04:13:79:e1:46:ca:
         55:a3:1f:7e:c5:99:29:e7:1a:93:77:3a:c1:01:3a:08:fb:2e:
         43:2a:94:a3:72:94:1c:c2:ea:eb:76:44:0a:8d:53:81:6e:0b:
         0c:80:4b:41:a4:66:23:e7:1e:d2:75:74:bd:52:5b:d5:01:37:
         89:14:ff:86:a9:66:be:ae:4b:dd:c9:87:22:b6:09:7c:0b:0c:
         be:62:b7:4b:18:a8:8e:1d:f9:02:5d:c7:90:22:6b:8b:64:bc:
         61:9c:0c:f6:7b:84:73:24:7e:d7:37:ac:40:75:c5:71:49:e8:
         1e:28:54:65:95:77:7a:4b:e9:c8:46:ab:06:73:72:35:62:ae:
         7b:08:50:59:2f:8f:96:48:e4:b6:be:d7:16:f2:6f:c7:07:9f:
         39:aa:6d:1e:45:a8:c0:2d:52:9e:49:6a:26:f2:1f:76:4d:12:
         8d:98:9e:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8QnfwxraSllvJB43IkojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk2M2RmYzliMzk4NWJlNWM0ODY1NTBlNjA1NTg3NzlhMzFmNjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnzBGLbVOgtPTb/PkJoRZzNgw3D1
np+Lxr1SB9h6J2ztSS+PV9h2LZfUyV2SB6xI8chdH+8b4W8b737lZTobQZISxHqt
srGyYINbeJ9y49rWEZu/yfuEwjbQJL4+5Q08JZIoZybdoN/88WtcOU8vLON0nprD
lrio31CE6WOZfK74dSCHH6NcWnsUqwWE6+fLGKX4bYOLf9oYqHY14sIue4bezcyE
8YyLm8v5FOVuKATiMwlL/uGnQSSWdOdaj5P+eghzC3rCosiyFH03VNC1HVV8JOwz
CZr/rXsuLaGhwT5pFqLviaHyzYvQR7gjNNP6EOFoaq47ZJ7Z5v/7bzPJ7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWWPfybOYW+XEhlUOYFWHeaMfYGMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvdFpZOV9KczVoYjVjU0dWUTVnVllkNW94OWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS30MA0G
CSqGSIb3DQEBCwUAA4IBAQC3G67aPIU8f59uE7glUCFUUdIVU9X3ygl0aDEf1diJ
lofRNxowkIP64+VUJWJmV4Nz6CvBbEgGO09DJgvt/dQqZndhGEd9DAuF2dvqQpmj
wfyvgjEEE3nhRspVox9+xZkp5xqTdzrBAToI+y5DKpSjcpQcwurrdkQKjVOBbgsM
gEtBpGYj5x7SdXS9UlvVATeJFP+GqWa+rkvdyYcitgl8Cwy+YrdLGKiOHfkCXceQ
ImuLZLxhnAz2e4RzJH7XN6xAdcVxSegeKFRllXd6S+nIRqsGc3I1Yq57CFBZL4+W
SOS2vtcW8m/HB585qm0eRajALVKeSWom8h92TRKNmJ6j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:34 2024 by rpki-client on console-fra.rpki-client.org