Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/766988-3f1e-43d4-bec4-9fa95aa9b079/1/LH8xGI5mu7epwVqcrEe3-ayAB_g.roa
File:                     LH8xGI5mu7epwVqcrEe3-ayAB_g.roa (raw, json)
Hash identifier:          Y4UrlporiSa5Kb7La1IuRhqh2hKMSnlidKauj5lkTRY=
Subject key identifier:   2C:7F:31:18:8E:66:BB:B7:A9:C1:5A:9C:AC:47:B7:F9:AC:80:07:F8
Certificate issuer:       /CN=c9b4d6823ecb28b4a35e40dc11ef229cb2375cdf
Certificate serial:       01856D2F455E795BC803F8AD558A4DBB506C
Authority key identifier: C9:B4:D6:82:3E:CB:28:B4:A3:5E:40:DC:11:EF:22:9C:B2:37:5C:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ybTWgj7LKLSjXkDcEe8inLI3XN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/766988-3f1e-43d4-bec4-9fa95aa9b079/1/LH8xGI5mu7epwVqcrEe3-ayAB_g.roa
Signing time:             Sun 01 Jan 2023 11:54:52 +0000
ROA not before:           Sun 01 Jan 2023 11:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209522
IP address blocks:        152.89.52.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:2f:45:5e:79:5b:c8:03:f8:ad:55:8a:4d:bb:50:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9b4d6823ecb28b4a35e40dc11ef229cb2375cdf
        Validity
            Not Before: Jan  1 11:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c7f31188e66bbb7a9c15a9cac47b7f9ac8007f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:21:9f:c2:9b:e0:a0:d0:8f:e8:a7:f9:7e:4c:
                    84:54:b7:ec:de:7e:be:47:08:f6:62:84:90:f2:46:
                    e4:a9:b8:7c:7e:be:46:f6:3a:3d:1f:5b:25:8d:f8:
                    d5:76:c8:9f:ff:4b:87:8e:ad:61:32:39:66:1d:3a:
                    61:f1:42:a3:33:95:f1:63:42:71:de:b2:85:db:f5:
                    76:d8:db:dc:6a:68:b3:3e:05:12:e8:a5:ef:8e:0d:
                    7e:ac:a9:14:d5:5c:94:64:59:d1:37:11:a0:91:7b:
                    10:1d:cc:58:8a:5b:55:00:17:c9:b1:6c:fc:d9:44:
                    b4:36:ea:da:76:52:6e:c4:33:13:21:fb:b2:db:d9:
                    e6:de:fe:09:4b:a8:9b:04:8d:e8:93:89:98:19:dc:
                    c7:3f:3c:be:b5:49:46:fe:96:dc:e7:d6:9f:1f:59:
                    cb:6e:24:7b:f3:d2:fa:6d:9a:71:b7:00:de:3f:dd:
                    8d:5b:d6:86:ce:90:6a:a7:b3:f5:9d:cb:d9:01:71:
                    db:e4:1a:d7:49:ed:04:22:97:f5:d2:68:9f:83:e2:
                    cc:ee:57:15:f1:8c:d4:74:13:b2:34:40:67:49:cd:
                    34:6a:25:8e:92:69:82:86:24:cb:81:bc:08:b5:44:
                    27:93:43:db:b8:aa:cc:5f:02:53:4d:dd:f5:4d:6e:
                    14:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:7F:31:18:8E:66:BB:B7:A9:C1:5A:9C:AC:47:B7:F9:AC:80:07:F8
            X509v3 Authority Key Identifier:
                keyid:C9:B4:D6:82:3E:CB:28:B4:A3:5E:40:DC:11:EF:22:9C:B2:37:5C:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybTWgj7LKLSjXkDcEe8inLI3XN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/766988-3f1e-43d4-bec4-9fa95aa9b079/1/LH8xGI5mu7epwVqcrEe3-ayAB_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/766988-3f1e-43d4-bec4-9fa95aa9b079/1/ybTWgj7LKLSjXkDcEe8inLI3XN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:da:e6:d9:77:8e:d9:e3:66:9a:9f:16:5e:d9:f9:2a:f7:fc:
         fd:b0:6a:61:83:7b:d3:5b:66:23:2f:7c:9a:db:a2:3f:ef:61:
         20:35:e3:70:c1:b6:6c:d4:85:ff:8f:ef:4f:cb:ad:e6:53:be:
         f1:08:64:09:d8:9d:87:43:e6:69:bd:66:41:8c:c2:38:6b:dd:
         fb:57:a8:1d:f3:f4:2d:a7:46:c4:2c:b4:11:75:c7:1c:50:d2:
         9c:5a:66:c1:6b:57:da:62:60:6c:37:30:a9:56:48:7d:f3:cb:
         c6:19:4f:91:c7:9c:a3:8f:e9:16:cf:ef:bb:8d:03:86:e4:fe:
         39:09:99:4b:d7:93:d0:7e:99:88:bf:70:6d:89:39:35:8c:57:
         31:eb:7d:69:9f:c2:ad:20:2a:8a:51:81:9b:c4:22:ad:e6:35:
         82:0b:eb:af:80:a5:cb:1e:d0:b3:ac:5e:9b:bb:b7:92:8c:16:
         a1:e2:37:88:80:04:42:54:10:6e:03:37:9e:0a:05:41:82:2e:
         9f:db:f9:4e:26:71:44:2c:fc:9a:86:1a:b9:ff:1f:b5:4b:2d:
         f7:0e:57:63:4a:20:23:72:b7:4a:f1:f5:99:d1:88:79:9f:d1:
         70:bc:92:51:d4:3e:19:59:39:27:82:b4:4e:a6:eb:26:77:37:
         8c:06:0b:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtL0VeeVvIA/itVYpNu1BsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YjRkNjgyM2VjYjI4YjRhMzVlNDBkYzExZWYyMjljYjIz
NzVjZGYwHhcNMjMwMTAxMTE1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzdmMzExODhlNjZiYmI3YTljMTVhOWNhYzQ3YjdmOWFjODAwN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCGfwpvgoNCP6Kf5fkyEVLfs3n6+
Rwj2YoSQ8kbkqbh8fr5G9jo9H1sljfjVdsif/0uHjq1hMjlmHTph8UKjM5XxY0Jx
3rKF2/V22NvcamizPgUS6KXvjg1+rKkU1VyUZFnRNxGgkXsQHcxYiltVABfJsWz8
2US0NuradlJuxDMTIfuy29nm3v4JS6ibBI3ok4mYGdzHPzy+tUlG/pbc59afH1nL
biR789L6bZpxtwDeP92NW9aGzpBqp7P1ncvZAXHb5BrXSe0EIpf10mifg+LM7lcV
8YzUdBOyNEBnSc00aiWOkmmChiTLgbwItUQnk0PbuKrMXwJTTd31TW4UNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCx/MRiOZru3qcFanKxHt/msgAf4MB8GA1UdIwQY
MBaAFMm01oI+yyi0o15A3BHvIpyyN1zfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWJUV2dqN0xLTFNqWGtEY0VlOGluTEkzWE44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83NjY5ODgtM2YxZS00M2Q0LWJlYzQt
OWZhOTVhYTliMDc5LzEvTEg4eEdJNW11N2Vwd1ZxY3JFZTMtYXlBQl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83NjY5ODgtM2YxZS00M2Q0LWJlYzQtOWZhOTVhYTliMDc5
LzEveWJUV2dqN0xLTFNqWGtEY0VlOGluTEkzWE44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFk0MA0G
CSqGSIb3DQEBCwUAA4IBAQCN2ubZd47Z42aanxZe2fkq9/z9sGphg3vTW2YjL3ya
26I/72EgNeNwwbZs1IX/j+9Py63mU77xCGQJ2J2HQ+ZpvWZBjMI4a937V6gd8/Qt
p0bELLQRdcccUNKcWmbBa1faYmBsNzCpVkh988vGGU+Rx5yjj+kWz++7jQOG5P45
CZlL15PQfpmIv3BtiTk1jFcx631pn8KtICqKUYGbxCKt5jWCC+uvgKXLHtCzrF6b
u7eSjBah4jeIgARCVBBuAzeeCgVBgi6f2/lOJnFELPyahhq5/x+1Sy33DldjSiAj
crdK8fWZ0Yh5n9FwvJJR1D4ZWTkngrROpusmdzeMBgvx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:19 2024 by rpki-client on console-fra.rpki-client.org