Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/nZS8w_iHaMIDUQDlsSO4yLjeYrY.roa
File:                     nZS8w_iHaMIDUQDlsSO4yLjeYrY.roa (raw, json)
Hash identifier:          fcDkkqYPvMDsND5YmKVcnL32tdp0D6N96OFnFF9Ohbg=
Subject key identifier:   9D:94:BC:C3:F8:87:68:C2:03:51:00:E5:B1:23:B8:C8:B8:DE:62:B6
Certificate issuer:       /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial:       0185710BF2AE26195543416859BD9161A277
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/nZS8w_iHaMIDUQDlsSO4yLjeYrY.roa
Signing time:             Mon 02 Jan 2023 05:54:46 +0000
ROA not before:           Mon 02 Jan 2023 05:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197740
IP address blocks:        89.29.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0b:f2:ae:26:19:55:43:41:68:59:bd:91:61:a2:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
        Validity
            Not Before: Jan  2 05:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d94bcc3f88768c2035100e5b123b8c8b8de62b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1a:8e:27:38:36:2f:38:12:79:40:0b:d7:36:
                    81:ac:cf:df:b0:45:a8:fa:c5:a2:df:55:12:21:77:
                    3a:07:d6:7d:e1:e5:ee:2f:56:dc:2d:e4:54:2b:e5:
                    9f:4a:2a:4d:24:00:9a:7c:05:10:a9:0a:df:c1:0d:
                    0a:65:d6:94:89:c1:61:09:8e:58:c6:78:bd:2a:51:
                    39:07:b5:ac:b7:76:a8:bd:a3:2e:fe:e0:c1:e7:57:
                    f6:5e:9a:51:fa:50:0e:6a:d5:75:3b:bf:33:31:21:
                    79:d4:36:b0:ba:c9:69:59:36:20:b1:5a:8c:68:f6:
                    00:47:7b:1b:25:4e:8a:2c:4e:e0:9b:04:a0:f5:3f:
                    89:24:c6:42:0f:e6:6b:69:6a:b1:41:5a:ed:0a:34:
                    27:a2:72:b1:18:31:75:d6:14:be:6d:f2:52:4a:71:
                    98:07:3e:2f:97:28:c7:39:d6:6a:02:a4:85:db:cf:
                    67:46:5f:0c:e8:6d:e1:05:c7:41:5c:18:fe:8b:f9:
                    46:31:ab:c6:57:94:f3:de:33:2c:9a:2d:e7:f3:43:
                    29:f9:c5:dd:9b:b6:40:cf:7b:88:c7:2e:ef:6d:f8:
                    99:33:fa:75:6c:34:3a:0e:3f:77:b3:23:93:ee:38:
                    fa:33:d1:de:60:1c:99:d7:70:ed:9b:81:4d:88:8e:
                    20:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:94:BC:C3:F8:87:68:C2:03:51:00:E5:B1:23:B8:C8:B8:DE:62:B6
            X509v3 Authority Key Identifier:
                keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/nZS8w_iHaMIDUQDlsSO4yLjeYrY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.29.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:8d:f5:d9:1c:c2:b6:53:c5:b4:de:d6:f7:2b:88:e9:1a:a9:
         a8:3a:05:5e:df:c2:0f:e2:da:d2:97:c3:51:68:36:22:49:14:
         91:e5:5a:e7:fd:9d:97:14:a0:be:6c:a1:6b:04:48:63:b6:e8:
         e0:d1:20:36:fa:8a:49:8d:0b:b2:6c:96:14:45:cd:59:cf:d7:
         2f:5c:f9:16:de:db:54:24:d7:aa:2a:c7:b9:e9:de:fe:8f:3c:
         30:40:96:c9:8f:09:b8:a8:97:c1:10:18:57:e8:5d:78:7a:f8:
         96:1a:45:c9:b1:dd:6e:1d:58:41:07:21:54:b8:cc:09:29:45:
         b1:7b:c4:7f:91:f0:e5:82:d4:a8:0f:49:a5:9d:37:f6:c2:ff:
         54:6e:38:92:b6:7b:9a:a7:6d:5b:3f:a3:cf:95:3f:2b:0b:d2:
         ac:a8:08:10:b3:3a:ef:5c:91:48:f5:4f:87:fc:22:ec:bb:d1:
         0c:69:06:a3:92:53:34:64:36:5c:c5:d2:21:fa:79:d9:21:77:
         52:57:cd:89:2b:71:de:98:37:4d:c1:ea:1e:73:39:ea:dd:23:
         dc:5c:dd:81:99:8e:d7:d9:7e:ce:50:90:02:54:a9:b9:a9:af:
         99:fe:eb:5e:0c:0f:03:68:11:25:c9:98:4b:24:5d:f9:32:5c:
         d4:7f:0a:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxC/KuJhlVQ0FoWb2RYaJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjMwMTAyMDU1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk0YmNjM2Y4ODc2OGMyMDM1MTAwZTViMTIzYjhjOGI4ZGU2MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBqOJzg2LzgSeUAL1zaBrM/fsEWo
+sWi31USIXc6B9Z94eXuL1bcLeRUK+WfSipNJACafAUQqQrfwQ0KZdaUicFhCY5Y
xni9KlE5B7Wst3aovaMu/uDB51f2XppR+lAOatV1O78zMSF51DawuslpWTYgsVqM
aPYAR3sbJU6KLE7gmwSg9T+JJMZCD+ZraWqxQVrtCjQnonKxGDF11hS+bfJSSnGY
Bz4vlyjHOdZqAqSF289nRl8M6G3hBcdBXBj+i/lGMavGV5Tz3jMsmi3n80Mp+cXd
m7ZAz3uIxy7vbfiZM/p1bDQ6Dj93syOT7jj6M9HeYByZ13Dtm4FNiI4gpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2UvMP4h2jCA1EA5bEjuMi43mK2MB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvblpTOHdfaUhhTUlEVVFEbHNTTzR5TGplWXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWR38MA0G
CSqGSIb3DQEBCwUAA4IBAQB5jfXZHMK2U8W03tb3K4jpGqmoOgVe38IP4trSl8NR
aDYiSRSR5Vrn/Z2XFKC+bKFrBEhjtujg0SA2+opJjQuybJYURc1Zz9cvXPkW3ttU
JNeqKse56d7+jzwwQJbJjwm4qJfBEBhX6F14eviWGkXJsd1uHVhBByFUuMwJKUWx
e8R/kfDlgtSoD0mlnTf2wv9UbjiStnuap21bP6PPlT8rC9KsqAgQszrvXJFI9U+H
/CLsu9EMaQajklM0ZDZcxdIh+nnZIXdSV82JK3HemDdNweoecznq3SPcXN2BmY7X
2X7OUJACVKm5qa+Z/uteDA8DaBElyZhLJF35MlzUfwpV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org