Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/4rB-JoXMtocKwV0ykGmOxn_xyIw.roa
File:                     4rB-JoXMtocKwV0ykGmOxn_xyIw.roa (raw, json)
Hash identifier:          17e6Ha9rCgseLlvJLe5DvlQt6HtKLdhqWsqj1L8wmsw=
Subject key identifier:   E2:B0:7E:26:85:CC:B6:87:0A:C1:5D:32:90:69:8E:C6:7F:F1:C8:8C
Certificate issuer:       /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial:       018571F9F136DEAFA9745D8821AEC52B0CA8
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/4rB-JoXMtocKwV0ykGmOxn_xyIw.roa
Signing time:             Mon 02 Jan 2023 10:14:43 +0000
ROA not before:           Mon 02 Jan 2023 10:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206059
IP address blocks:        89.234.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f9:f1:36:de:af:a9:74:5d:88:21:ae:c5:2b:0c:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
        Validity
            Not Before: Jan  2 10:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e2b07e2685ccb6870ac15d3290698ec67ff1c88c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:28:87:63:14:c3:bd:f4:b6:73:11:d7:52:c7:
                    ab:e6:4c:da:8d:56:c9:0f:19:52:b3:72:8e:20:4f:
                    5e:06:70:97:41:d0:62:e8:3c:7c:ea:5f:22:90:31:
                    e2:77:00:80:87:d2:a9:f7:f6:b0:1a:74:31:de:5e:
                    3d:19:e0:0c:ca:c1:de:eb:2c:f8:e1:44:95:5c:f8:
                    0d:0f:7d:ea:ae:3e:1a:30:8a:69:1d:05:14:a6:f3:
                    05:61:c9:8a:1a:a7:95:05:2a:7d:ab:a6:b1:e2:41:
                    a4:19:cf:cb:bc:ad:b8:ae:4a:b8:36:c7:b2:80:f4:
                    57:50:cc:f9:3d:d8:9e:b8:f0:78:9a:22:f9:3e:7e:
                    46:34:1b:e5:74:e0:5e:5a:53:68:40:d4:3b:35:2b:
                    ac:2f:bb:f7:3e:9a:d0:8d:61:4c:92:33:76:35:df:
                    4d:7a:40:bd:cd:e1:d3:c2:5b:13:07:ba:59:7d:7c:
                    62:d0:07:21:f2:c4:9c:c5:a6:83:cf:c8:f5:76:9c:
                    a0:02:6c:37:83:78:68:98:13:0e:0d:85:18:93:06:
                    15:21:75:f6:f5:00:20:b1:39:15:5a:3f:d1:9d:de:
                    d2:b6:e1:05:62:cf:94:5f:40:1c:61:e0:59:58:bb:
                    b7:3a:e3:5c:6e:a8:b5:03:0c:ac:2e:f4:1e:c9:fe:
                    3b:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:B0:7E:26:85:CC:B6:87:0A:C1:5D:32:90:69:8E:C6:7F:F1:C8:8C
            X509v3 Authority Key Identifier:
                keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/4rB-JoXMtocKwV0ykGmOxn_xyIw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.234.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:46:90:4b:f5:bd:82:bc:6b:79:f2:08:7c:cc:0a:8b:d4:a6:
         1f:a6:b6:50:e7:f1:2f:0b:e6:19:8c:84:54:69:29:a2:1c:c4:
         9a:05:0e:01:e2:39:f3:ac:aa:f0:86:5a:74:b4:10:61:76:f5:
         ab:ea:ab:a6:0a:ef:78:00:51:09:a5:6e:c6:e3:ae:8c:5d:19:
         c4:a7:85:19:c8:78:7e:fb:a0:0d:3f:6d:30:73:0b:d4:01:87:
         b4:7b:61:34:e8:52:f7:9e:f8:23:01:8c:f8:b1:24:38:f9:38:
         f5:27:c9:66:02:a3:5f:f0:6e:4b:a4:64:1f:81:dd:3c:b5:1e:
         86:73:f2:4f:b6:e4:f7:c1:9d:2b:77:04:17:01:29:69:4e:7f:
         5e:8c:53:b4:cc:67:2b:a4:6e:08:90:ff:7f:d3:81:4d:15:4d:
         ab:16:d6:51:bc:d8:c5:db:8c:7a:c0:be:1e:a5:e1:03:46:9d:
         4a:1f:28:2c:e6:4c:5c:99:f2:80:ab:62:af:9f:23:10:3b:34:
         6e:aa:d0:1a:dd:b1:1f:9f:fd:2e:7c:b5:0f:81:66:30:18:a6:
         f5:bc:47:74:13:89:d6:d3:e9:c7:c4:79:d2:52:1a:4b:70:47:
         97:97:cc:df:a3:ba:cc:81:93:09:77:a6:0a:73:35:19:5c:02:
         2c:68:a8:77
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVx+fE23q+pdF2IIa7FKwyoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjMwMTAyMTAxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmIwN2UyNjg1Y2NiNjg3MGFjMTVkMzI5MDY5OGVjNjdmZjFjODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyiHYxTDvfS2cxHXUser5kzajVbJ
DxlSs3KOIE9eBnCXQdBi6Dx86l8ikDHidwCAh9Kp9/awGnQx3l49GeAMysHe6yz4
4USVXPgND33qrj4aMIppHQUUpvMFYcmKGqeVBSp9q6ax4kGkGc/LvK24rkq4Nsey
gPRXUMz5PdieuPB4miL5Pn5GNBvldOBeWlNoQNQ7NSusL7v3PprQjWFMkjN2Nd9N
ekC9zeHTwlsTB7pZfXxi0Ach8sScxaaDz8j1dpygAmw3g3homBMODYUYkwYVIXX2
9QAgsTkVWj/Rnd7StuEFYs+UX0AcYeBZWLu3OuNcbqi1AwysLvQeyf47JwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOKwfiaFzLaHCsFdMpBpjsZ/8ciMMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xLzRyQi1Kb1hNdG9jS3dWMHlrR21PeG5feHlJdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZ6rww
DQYJKoZIhvcNAQELBQADggEBAG5GkEv1vYK8a3nyCHzMCovUph+mtlDn8S8L5hmM
hFRpKaIcxJoFDgHiOfOsqvCGWnS0EGF29avqq6YK73gAUQmlbsbjroxdGcSnhRnI
eH77oA0/bTBzC9QBh7R7YTToUvee+CMBjPixJDj5OPUnyWYCo1/wbkukZB+B3Ty1
HoZz8k+25PfBnSt3BBcBKWlOf16MU7TMZyukbgiQ/3/TgU0VTasW1lG82MXbjHrA
vh6l4QNGnUofKCzmTFyZ8oCrYq+fIxA7NG6q0BrdsR+f/S58tQ+BZjAYpvW8R3QT
idbT6cfEedJSGktwR5eXzN+jusyBkwl3pgpzNRlcAixoqHc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:02 2024 by rpki-client on console-fra.rpki-client.org