Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/W0mQMZT0Zf4RaR6-AerqmmbEVyM.roa
File:                     W0mQMZT0Zf4RaR6-AerqmmbEVyM.roa (raw, json)
Hash identifier:          dhdER9ewgz23PiFYCXseGx9Yn2jG69W/ZYo4DzLqA+s=
Subject key identifier:   5B:49:90:31:94:F4:65:FE:11:69:1E:BE:01:EA:EA:9A:66:C4:57:23
Certificate issuer:       /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial:       018EF5D8BE4D43CEC1CEE4AC92B1129EE207
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/W0mQMZT0Zf4RaR6-AerqmmbEVyM.roa
Signing time:             Fri 19 Apr 2024 10:13:26 +0000
ROA not before:           Fri 19 Apr 2024 10:13:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215820
IP address blocks:        89.36.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jul 2024 06:12:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f5:d8:be:4d:43:ce:c1:ce:e4:ac:92:b1:12:9e:e2:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
        Validity
            Not Before: Apr 19 10:13:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5b49903194f465fe11691ebe01eaea9a66c45723
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1a:a1:3a:8e:b9:1c:f2:1c:6c:3e:52:f5:f0:
                    56:72:28:a3:4d:92:0d:0d:53:81:03:98:a2:f9:07:
                    14:17:cc:87:2c:cd:4a:a0:38:90:ba:38:9e:5b:21:
                    26:ea:49:5c:0b:b1:28:7d:2c:98:09:a0:6f:ce:fb:
                    5a:d0:65:30:1b:2b:a3:f3:f2:c4:cc:b5:40:10:54:
                    4d:bd:36:6f:a4:c5:7f:8a:2a:ca:0d:3c:44:fb:38:
                    8d:8e:1b:af:3e:1d:2f:99:1b:f7:18:58:a6:54:8a:
                    7d:1e:9e:f7:53:56:27:5b:4c:da:a0:b9:81:bd:9b:
                    23:c6:a7:ad:b3:d6:b9:70:a5:54:48:39:05:4f:ad:
                    61:ad:9d:86:79:52:08:46:9a:f3:84:ef:c5:66:0f:
                    36:98:d4:15:a8:d1:f3:04:2e:d4:79:6d:b2:86:5d:
                    03:f3:bb:a7:25:5a:54:8c:74:11:a5:92:4b:a1:29:
                    27:66:b1:e3:e4:e0:9f:4e:5f:f2:4b:1c:1e:8b:6c:
                    1d:91:04:dc:56:dc:3b:da:52:f1:19:36:ea:c6:aa:
                    4e:ef:47:84:2e:70:04:b2:ac:e4:a8:ba:30:08:57:
                    fe:0a:ba:32:f8:e4:39:e1:13:04:dc:04:dc:e5:c5:
                    23:d2:ed:81:37:c2:20:c6:04:63:8d:8c:a0:88:36:
                    2e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:49:90:31:94:F4:65:FE:11:69:1E:BE:01:EA:EA:9A:66:C4:57:23
            X509v3 Authority Key Identifier:
                keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/W0mQMZT0Zf4RaR6-AerqmmbEVyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.36.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:a9:3f:57:48:d3:71:2c:83:89:c8:13:0b:14:16:ff:c4:0b:
         1b:a5:fb:51:3c:8e:78:3b:0f:80:12:fe:61:79:48:6d:65:a7:
         e7:52:0b:c8:da:e3:df:50:26:4e:f7:3d:03:4b:59:89:8b:f8:
         49:ce:ad:96:63:54:bf:af:33:d5:3f:02:8a:23:17:7d:81:37:
         c6:85:19:69:60:b8:fd:57:b4:84:2a:78:32:54:ec:a8:14:eb:
         10:96:5d:0a:79:05:ab:45:3e:34:a0:d8:f9:04:9a:59:79:aa:
         ce:5f:0c:52:ad:45:e9:a3:47:e3:e4:98:94:3b:b0:53:13:0b:
         6e:08:bb:0a:86:ca:b2:4d:fc:89:b7:4c:33:fb:3f:5e:05:5a:
         4e:ac:27:12:f4:46:d3:82:3f:8c:b5:de:b2:01:72:97:fe:92:
         b2:a0:f2:3a:84:05:3e:de:a7:a0:49:a6:0b:70:4a:65:2e:4d:
         a5:a2:68:d7:dd:05:2a:f3:08:ed:06:4e:dd:0c:39:2d:e0:d5:
         6a:c7:1e:b9:eb:08:17:57:2e:96:6b:e2:0b:9e:75:46:24:34:
         0e:30:a9:8c:55:1c:f1:6a:67:87:80:34:f3:e4:32:e4:e6:6c:
         56:f3:e8:59:54:d8:de:1c:60:09:e7:26:2f:fe:f6:00:5b:05:
         1b:23:8d:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY712L5NQ87BzuSskrESnuIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQwNDE5MTAxMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQ5OTAzMTk0ZjQ2NWZlMTE2OTFlYmUwMWVhZWE5YTY2YzQ1NzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRqhOo65HPIcbD5S9fBWciijTZIN
DVOBA5ii+QcUF8yHLM1KoDiQujieWyEm6klcC7EofSyYCaBvzvta0GUwGyuj8/LE
zLVAEFRNvTZvpMV/iirKDTxE+ziNjhuvPh0vmRv3GFimVIp9Hp73U1YnW0zaoLmB
vZsjxqets9a5cKVUSDkFT61hrZ2GeVIIRprzhO/FZg82mNQVqNHzBC7UeW2yhl0D
87unJVpUjHQRpZJLoSknZrHj5OCfTl/ySxwei2wdkQTcVtw72lLxGTbqxqpO70eE
LnAEsqzkqLowCFf+Croy+OQ54RME3ATc5cUj0u2BN8IgxgRjjYygiDYuawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFtJkDGU9GX+EWkevgHq6ppmxFcjMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvVzBtUU1aVDBaZjRSYVI2LUFlcnFtbWJFVnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSQiMA0G
CSqGSIb3DQEBCwUAA4IBAQApqT9XSNNxLIOJyBMLFBb/xAsbpftRPI54Ow+AEv5h
eUhtZafnUgvI2uPfUCZO9z0DS1mJi/hJzq2WY1S/rzPVPwKKIxd9gTfGhRlpYLj9
V7SEKngyVOyoFOsQll0KeQWrRT40oNj5BJpZearOXwxSrUXpo0fj5JiUO7BTEwtu
CLsKhsqyTfyJt0wz+z9eBVpOrCcS9EbTgj+Mtd6yAXKX/pKyoPI6hAU+3qegSaYL
cEplLk2lomjX3QUq8wjtBk7dDDkt4NVqxx656wgXVy6Wa+ILnnVGJDQOMKmMVRzx
ameHgDTz5DLk5mxW8+hZVNjeHGAJ5yYv/vYAWwUbI40g
-----END CERTIFICATE-----
Generated at Mon Jul 1 07:44:54 2024 by rpki-client on console-fra.rpki-client.org