Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/gOtsPp42cWrOC9_36VIZbY2xrTk.roa
File:                     gOtsPp42cWrOC9_36VIZbY2xrTk.roa (raw, json)
Hash identifier:          9Tvw2WcsFnylqFVuZW5XRwJ79VQrcj8IT10GkG6Bb90=
Subject key identifier:   80:EB:6C:3E:9E:36:71:6A:CE:0B:DF:F7:E9:52:19:6D:8D:B1:AD:39
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       0189FDD509CEF5F8F19C1569A247821E34B5
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/gOtsPp42cWrOC9_36VIZbY2xrTk.roa
Signing time:             Wed 16 Aug 2023 10:12:24 +0000
ROA not before:           Wed 16 Aug 2023 10:12:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204203
IP address blocks:        89.44.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 09:56:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:fd:d5:09:ce:f5:f8:f1:9c:15:69:a2:47:82:1e:34:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Aug 16 10:12:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80eb6c3e9e36716ace0bdff7e952196d8db1ad39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d4:13:61:33:29:72:aa:e4:d5:9c:70:ba:6e:
                    51:13:92:9f:90:8f:ea:e5:cb:38:8c:09:ee:5e:49:
                    58:ff:ef:e1:08:82:d6:41:63:65:34:be:35:36:b6:
                    0f:93:dc:43:aa:53:38:cf:fe:5f:a3:ed:aa:7b:03:
                    57:cb:69:24:10:b8:d4:0e:dd:30:7d:b2:5e:05:77:
                    c4:b5:7b:b5:7e:1e:59:a3:e3:9b:19:bf:a9:fa:fd:
                    94:17:c5:01:1b:53:a0:7a:bf:ba:0e:d8:d1:aa:78:
                    21:af:02:58:cb:ab:87:38:21:82:8e:3b:2f:89:d8:
                    15:6d:72:2d:6b:cc:e4:b7:8d:f7:e7:26:e6:ad:de:
                    eb:76:aa:46:56:9b:94:4b:f2:1b:2c:71:c3:f0:e7:
                    b5:72:b7:16:ef:7d:6f:cc:07:78:02:21:24:c3:f9:
                    b8:a2:f1:38:a4:b5:0d:78:38:3e:f7:5f:b6:0d:04:
                    b8:9c:c4:e1:5f:01:a4:f4:62:a1:32:3a:0b:7d:8b:
                    9c:93:c5:ed:89:ef:0a:fb:99:17:fa:71:ed:bc:dd:
                    25:52:e8:a8:d4:0f:70:6e:b2:2b:77:3d:0c:7a:fa:
                    3b:45:03:d8:17:0e:ec:b6:03:85:f8:1c:28:61:1d:
                    27:28:47:22:62:c0:c7:64:99:e7:5a:ce:9e:78:cc:
                    6f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:EB:6C:3E:9E:36:71:6A:CE:0B:DF:F7:E9:52:19:6D:8D:B1:AD:39
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/gOtsPp42cWrOC9_36VIZbY2xrTk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.44.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:a7:cf:87:85:5a:d3:27:30:9f:81:1c:eb:e2:9d:e1:2e:1f:
         30:44:e0:d7:0e:57:07:aa:bf:c2:ad:87:b5:8f:e1:c5:33:53:
         10:19:fe:97:40:95:5b:5c:f3:25:e3:06:6f:a8:97:e4:76:94:
         78:ca:78:01:81:87:3c:d5:10:30:0f:cb:c8:87:90:ef:75:25:
         2f:3b:ff:0c:5a:bf:3e:34:29:f5:3f:83:52:9a:7f:0b:b4:46:
         2e:8d:05:79:f3:20:5c:d4:7c:72:26:ab:2c:ab:f2:72:89:c7:
         49:21:dc:1a:8d:6e:d3:fb:f5:76:11:7d:db:9b:b8:02:14:ef:
         57:e1:b6:d8:01:64:90:8e:12:2f:8d:79:b4:d2:28:e0:6b:c3:
         09:0d:98:09:9f:b7:4d:36:ab:fe:75:7d:0f:6e:b4:9f:be:4c:
         ad:0b:cb:38:2e:a7:c8:6f:61:af:49:39:4c:a0:b8:42:69:f4:
         ca:61:87:95:4a:be:53:81:5c:ad:cc:b8:12:71:4d:1b:59:a9:
         28:38:8a:81:e9:85:dd:a0:54:0b:7e:0c:86:84:e5:68:0a:f4:
         e7:32:da:73:45:7d:8e:0b:52:2b:ba:ed:38:37:81:16:c5:92:
         4d:0c:a1:eb:9f:ea:b3:0a:89:57:f7:a9:ff:40:03:e0:ca:63:
         cd:7b:39:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn91QnO9fjxnBVpokeCHjS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwODE2MTAxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGViNmMzZTllMzY3MTZhY2UwYmRmZjdlOTUyMTk2ZDhkYjFhZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldQTYTMpcqrk1Zxwum5RE5KfkI/q
5cs4jAnuXklY/+/hCILWQWNlNL41NrYPk9xDqlM4z/5fo+2qewNXy2kkELjUDt0w
fbJeBXfEtXu1fh5Zo+ObGb+p+v2UF8UBG1Oger+6DtjRqnghrwJYy6uHOCGCjjsv
idgVbXIta8zkt4335ybmrd7rdqpGVpuUS/IbLHHD8Oe1crcW731vzAd4AiEkw/m4
ovE4pLUNeDg+91+2DQS4nMThXwGk9GKhMjoLfYuck8Xtie8K+5kX+nHtvN0lUuio
1A9wbrIrdz0Mevo7RQPYFw7stgOF+BwoYR0nKEciYsDHZJnnWs6eeMxv0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDrbD6eNnFqzgvf9+lSGW2Nsa05MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvZ090c1BwNDJjV3JPQzlfMzZWSVpiWTJ4clRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSzxMA0G
CSqGSIb3DQEBCwUAA4IBAQBDp8+HhVrTJzCfgRzr4p3hLh8wRODXDlcHqr/CrYe1
j+HFM1MQGf6XQJVbXPMl4wZvqJfkdpR4yngBgYc81RAwD8vIh5DvdSUvO/8MWr8+
NCn1P4NSmn8LtEYujQV58yBc1HxyJqssq/JyicdJIdwajW7T+/V2EX3bm7gCFO9X
4bbYAWSQjhIvjXm00ijga8MJDZgJn7dNNqv+dX0PbrSfvkytC8s4LqfIb2GvSTlM
oLhCafTKYYeVSr5TgVytzLgScU0bWakoOIqB6YXdoFQLfgyGhOVoCvTnMtpzRX2O
C1Iruu04N4EWxZJNDKHrn+qzColX96n/QAPgymPNeznI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org