Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/G3cxQsp0pfGVRGsM5PmzRzYoasY.roa
File:                     G3cxQsp0pfGVRGsM5PmzRzYoasY.roa (raw, json)
Hash identifier:          m+S9DKdPlZr8gAfoKMx6MGqFKxWcmgGd+neSYNyD+jM=
Subject key identifier:   1B:77:31:42:CA:74:A5:F1:95:44:6B:0C:E4:F9:B3:47:36:28:6A:C6
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01856ED4CE23FDD25D38CC3BDFF5BE785FAE
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/G3cxQsp0pfGVRGsM5PmzRzYoasY.roa
Signing time:             Sun 01 Jan 2023 19:35:18 +0000
ROA not before:           Sun 01 Jan 2023 19:35:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202375
IP address blocks:        89.45.209.0/24 maxlen: 24
                          89.42.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:ce:23:fd:d2:5d:38:cc:3b:df:f5:be:78:5f:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 19:35:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1b773142ca74a5f195446b0ce4f9b34736286ac6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:41:8e:95:4b:5b:09:48:dc:98:21:16:b9:75:
                    a2:1a:fe:e8:62:30:b8:44:02:ea:b7:de:ae:c0:09:
                    6a:da:9a:90:5f:ec:3e:5e:9f:d4:0f:12:be:ca:8a:
                    67:64:59:33:b3:3e:c2:f2:81:ed:d5:23:44:dc:cf:
                    df:49:8f:03:43:03:e4:4a:f5:40:dc:2e:45:5d:03:
                    a9:a7:9c:79:f4:52:d7:dd:77:2f:c3:5d:47:7e:00:
                    58:59:5d:8a:29:53:d3:7a:81:37:6a:59:4f:71:55:
                    a7:15:34:30:24:cc:a5:c4:af:00:e9:4f:aa:4a:57:
                    42:3d:c6:41:f8:a3:1f:4e:2e:11:d1:1d:df:0e:2b:
                    21:6c:11:cf:3c:7a:25:a3:cf:7e:e5:97:71:15:9e:
                    53:3c:4d:78:f7:c0:03:05:05:10:a5:1e:13:26:21:
                    2f:7c:8b:93:52:44:ee:65:9a:25:4f:26:95:28:44:
                    ce:be:bc:bd:2f:f9:4b:7b:1c:9e:a0:a5:a7:04:38:
                    0a:7a:0b:2d:b1:86:1f:c2:f8:b2:c8:f2:57:0a:9d:
                    bd:0d:b8:1b:91:f3:96:dd:da:fe:1e:41:84:bd:52:
                    d1:76:d7:e2:3b:65:fa:29:2a:58:5a:35:65:67:0d:
                    6a:4d:55:94:5e:37:a8:d3:80:e7:fb:7c:dd:7a:2a:
                    b2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:77:31:42:CA:74:A5:F1:95:44:6B:0C:E4:F9:B3:47:36:28:6A:C6
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/G3cxQsp0pfGVRGsM5PmzRzYoasY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.42.71.0/24
                  89.45.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:22:df:ae:df:a6:6b:f5:d6:6f:d8:94:2d:5e:41:bd:0d:d8:
         a8:8e:e5:5f:73:d2:39:82:37:b5:b3:99:f2:63:26:b4:4a:9c:
         a7:ff:2f:06:42:2b:86:d1:0d:f3:fc:76:22:fa:aa:97:35:45:
         fc:ad:33:46:ec:45:6d:04:df:ca:ff:ad:a5:b8:1e:ed:0e:f4:
         73:be:36:af:10:9d:60:79:39:5d:5c:f0:4d:50:73:e2:1e:d6:
         ce:7e:b9:9f:e6:23:5b:5d:fa:07:c8:80:a9:bf:8e:d4:34:63:
         06:07:15:1b:69:04:e7:95:c4:85:f4:39:30:d2:27:c3:fa:4b:
         eb:40:85:38:55:c5:6b:4d:75:d2:e3:42:60:bd:cf:0c:96:d9:
         59:b7:48:ff:ad:75:a3:85:fa:af:8f:a5:0e:39:82:53:b7:e9:
         98:39:5c:db:32:84:80:00:28:cb:4b:a0:fe:e7:1f:5e:e7:98:
         2d:f9:c7:db:a2:e1:b9:b5:fd:53:d5:b1:b6:39:55:c2:a9:60:
         12:f8:ab:52:e7:17:90:b0:e5:3f:65:9f:1d:ef:b5:0a:21:7c:
         c4:41:4e:98:e4:27:0e:0c:2b:41:01:43:ad:65:f4:03:ba:52:
         85:1b:8a:11:32:44:18:03:31:ce:08:66:cd:96:60:fa:a5:45:
         66:21:84:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu1M4j/dJdOMw73/W+eF+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjc3MzE0MmNhNzRhNWYxOTU0NDZiMGNlNGY5YjM0NzM2Mjg2YWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEGOlUtbCUjcmCEWuXWiGv7oYjC4
RALqt96uwAlq2pqQX+w+Xp/UDxK+yopnZFkzsz7C8oHt1SNE3M/fSY8DQwPkSvVA
3C5FXQOpp5x59FLX3Xcvw11HfgBYWV2KKVPTeoE3allPcVWnFTQwJMylxK8A6U+q
SldCPcZB+KMfTi4R0R3fDishbBHPPHolo89+5ZdxFZ5TPE1498ADBQUQpR4TJiEv
fIuTUkTuZZolTyaVKETOvry9L/lLexyeoKWnBDgKegstsYYfwviyyPJXCp29Dbgb
kfOW3dr+HkGEvVLRdtfiO2X6KSpYWjVlZw1qTVWUXjeo04Dn+3zdeiqy+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBt3MULKdKXxlURrDOT5s0c2KGrGMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvRzNjeFFzcDBwZkdWUkdzTTVQbXpSellvYXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSpHAwQA
WS3RMA0GCSqGSIb3DQEBCwUAA4IBAQCPIt+u36Zr9dZv2JQtXkG9DdiojuVfc9I5
gje1s5nyYya0Spyn/y8GQiuG0Q3z/HYi+qqXNUX8rTNG7EVtBN/K/62luB7tDvRz
vjavEJ1geTldXPBNUHPiHtbOfrmf5iNbXfoHyICpv47UNGMGBxUbaQTnlcSF9Dkw
0ifD+kvrQIU4VcVrTXXS40Jgvc8MltlZt0j/rXWjhfqvj6UOOYJTt+mYOVzbMoSA
ACjLS6D+5x9e55gt+cfbouG5tf1T1bG2OVXCqWAS+KtS5xeQsOU/ZZ8d77UKIXzE
QU6Y5CcODCtBAUOtZfQDulKFG4oRMkQYAzHOCGbNlmD6pUVmIYSZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org