Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/tVMSF1f6TWGHuN7RhzgXb6BQdA8.roa
File:                     tVMSF1f6TWGHuN7RhzgXb6BQdA8.roa (raw, json)
Hash identifier:          LyF+ws8q7TNbv33DWCTLXgDr90h1iQh/HZYvt3X5fEk=
Subject key identifier:   B5:53:12:17:57:FA:4D:61:87:B8:DE:D1:87:38:17:6F:A0:50:74:0F
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       018937A77BA67DC91E18A47C09F565D7F9A5
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/tVMSF1f6TWGHuN7RhzgXb6BQdA8.roa
Signing time:             Sat 08 Jul 2023 22:37:50 +0000
ROA not before:           Sat 08 Jul 2023 22:37:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207141
IP address blocks:        89.44.240.0/22 maxlen: 22
                          89.44.240.0/24 maxlen: 24
                          89.44.241.0/24 maxlen: 24
                          89.44.242.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Jul 2023 09:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:37:a7:7b:a6:7d:c9:1e:18:a4:7c:09:f5:65:d7:f9:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Jul  8 22:37:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b553121757fa4d6187b8ded18738176fa050740f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:2c:e2:94:45:e3:cd:26:84:11:e8:18:88:42:
                    36:f4:62:b7:ba:8c:6d:98:e8:c8:ba:68:7d:05:4e:
                    18:5c:c1:a2:33:d7:5d:70:94:d9:0c:0e:7c:3e:35:
                    f8:37:1c:70:e6:a7:af:72:54:39:91:80:7a:f0:cc:
                    2d:98:f6:3f:ce:49:5b:11:62:cf:dc:15:f8:b5:ed:
                    22:7d:39:fe:47:6f:34:14:b3:02:7e:f7:18:c6:50:
                    31:dc:66:23:c8:84:91:35:5e:28:95:ad:16:92:c8:
                    05:df:6d:af:a4:c6:dc:24:e0:8b:f9:37:41:9f:bb:
                    25:f1:43:40:96:0b:e2:8b:8a:8f:70:3b:e8:1b:de:
                    53:ac:d8:d3:6e:14:4e:9e:db:8c:05:5c:f7:25:40:
                    ba:ab:f5:9b:ef:d1:3f:24:da:36:77:c5:02:e7:de:
                    fe:ec:9a:fc:69:05:81:b4:12:aa:14:46:b6:d3:ad:
                    9a:ba:3d:8f:08:6d:14:3e:fb:39:60:0d:a8:ca:51:
                    8e:ec:82:06:c9:7a:6b:7d:d7:51:06:4e:93:77:d9:
                    fb:0e:6d:23:fc:f3:43:97:c3:01:5e:59:63:21:3e:
                    5d:7a:5d:db:c8:74:cc:2b:3c:fe:7f:15:9b:36:9a:
                    d5:5d:a9:43:95:f2:7c:07:1f:c2:ca:91:de:2e:bd:
                    b0:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:53:12:17:57:FA:4D:61:87:B8:DE:D1:87:38:17:6F:A0:50:74:0F
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/tVMSF1f6TWGHuN7RhzgXb6BQdA8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.44.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:fc:ef:22:c5:06:a5:0f:35:87:fa:70:81:df:5c:f9:12:28:
         60:e1:8b:46:d7:17:08:11:9c:e2:cf:04:bd:2a:5e:f0:66:0c:
         76:98:6c:71:ec:0d:99:bd:85:94:a5:c2:79:ed:98:60:ec:41:
         8d:d5:23:79:33:98:4b:0f:95:75:c9:90:00:ab:43:da:aa:95:
         43:b6:cc:21:75:50:c0:e5:de:7c:77:94:75:9d:5f:28:aa:8e:
         c4:df:3f:fa:5a:40:0c:49:46:07:cc:c8:32:1c:dc:b3:4c:86:
         25:a8:f1:80:c1:09:4b:58:d3:23:45:ae:69:e7:01:0d:2e:e6:
         19:d6:94:b2:49:3d:cc:8c:e4:59:b9:de:14:df:1c:24:37:e4:
         c3:e2:db:42:ba:b2:db:03:51:ce:07:27:31:21:ab:e9:46:a4:
         bb:1e:41:02:de:0a:1a:b3:32:dd:7e:8e:75:01:4c:e1:45:4d:
         58:75:3e:ce:2e:5b:c2:58:32:ca:b1:86:4f:2e:0f:a5:a3:9b:
         b9:69:31:4f:b8:bf:8b:30:02:fc:00:00:88:67:e1:26:1d:b6:
         ae:29:e5:b4:1c:e8:b7:44:03:2a:80:b3:b8:3a:a5:dc:fe:34:
         17:09:3a:45:a0:c3:d9:68:04:5c:3d:ad:ca:67:45:fc:7a:40:
         44:ae:79:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk3p3umfckeGKR8CfVl1/mlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNzA4MjIzNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTUzMTIxNzU3ZmE0ZDYxODdiOGRlZDE4NzM4MTc2ZmEwNTA3NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyzilEXjzSaEEegYiEI29GK3uoxt
mOjIumh9BU4YXMGiM9ddcJTZDA58PjX4Nxxw5qevclQ5kYB68MwtmPY/zklbEWLP
3BX4te0ifTn+R280FLMCfvcYxlAx3GYjyISRNV4ola0WksgF322vpMbcJOCL+TdB
n7sl8UNAlgvii4qPcDvoG95TrNjTbhROntuMBVz3JUC6q/Wb79E/JNo2d8UC597+
7Jr8aQWBtBKqFEa2062auj2PCG0UPvs5YA2oylGO7IIGyXprfddRBk6Td9n7Dm0j
/PNDl8MBXlljIT5del3byHTMKzz+fxWbNprVXalDlfJ8Bx/CypHeLr2w8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVTEhdX+k1hh7je0Yc4F2+gUHQPMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvdFZNU0YxZjZUV0dIdU43Umh6Z1hiNkJRZEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSzwMA0G
CSqGSIb3DQEBCwUAA4IBAQCK/O8ixQalDzWH+nCB31z5Eihg4YtG1xcIEZzizwS9
Kl7wZgx2mGxx7A2ZvYWUpcJ57Zhg7EGN1SN5M5hLD5V1yZAAq0PaqpVDtswhdVDA
5d58d5R1nV8oqo7E3z/6WkAMSUYHzMgyHNyzTIYlqPGAwQlLWNMjRa5p5wENLuYZ
1pSyST3MjORZud4U3xwkN+TD4ttCurLbA1HOBycxIavpRqS7HkEC3goaszLdfo51
AUzhRU1YdT7OLlvCWDLKsYZPLg+lo5u5aTFPuL+LMAL8AACIZ+EmHbauKeW0HOi3
RAMqgLO4OqXc/jQXCTpFoMPZaARcPa3KZ0X8ekBErnlr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org