Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/Jf1XlwI2LQaURqARuVKy6-7fBVA.roa
File:                     Jf1XlwI2LQaURqARuVKy6-7fBVA.roa (raw, json)
Hash identifier:          NFhZm219K3yy/40xFWPh0l12yBSo9rbS8sGZ+RQz6z0=
Subject key identifier:   25:FD:57:97:02:36:2D:06:94:46:A0:11:B9:52:B2:EB:EE:DF:05:50
Certificate issuer:       /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial:       018CC795012EEA30759615E01866CDFE86BE
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/Jf1XlwI2LQaURqARuVKy6-7fBVA.roa
Signing time:             Tue 02 Jan 2024 00:31:20 +0000
ROA not before:           Tue 02 Jan 2024 00:31:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199369
IP address blocks:        89.33.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 May 2024 13:10:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:01:2e:ea:30:75:96:15:e0:18:66:cd:fe:86:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
        Validity
            Not Before: Jan  2 00:31:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=25fd579702362d069446a011b952b2ebeedf0550
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:8b:c2:e2:73:2e:b8:0e:22:13:07:56:18:0e:
                    f3:59:f7:23:7b:ce:f8:8a:1e:87:5d:80:09:b9:83:
                    89:12:b7:61:e2:05:c9:12:3b:84:7f:97:89:c1:a1:
                    95:d3:5f:5d:04:9f:2d:30:a8:fa:59:8b:07:8c:fd:
                    93:f2:15:b8:a9:8d:c1:94:ca:5b:f7:04:ac:82:be:
                    f8:8b:9f:27:55:f9:36:b6:13:b6:dc:98:f5:60:1f:
                    38:c9:be:f7:ef:d2:b5:ce:a9:d6:45:ed:cf:40:b3:
                    09:fb:98:c5:ca:d1:0d:3c:49:d9:78:43:b7:15:14:
                    4e:6c:bf:42:08:a7:a6:99:04:c7:42:ca:30:49:5f:
                    b6:9e:c4:d5:3c:d7:e1:20:c5:bc:b0:31:29:3c:d7:
                    c9:5e:8a:62:0f:09:b4:9e:76:d2:5c:72:46:46:e6:
                    82:4a:bb:69:63:fd:5d:b2:2f:0b:12:b3:e9:d7:67:
                    ea:ef:8e:dc:da:0b:51:17:a8:67:c3:2d:ef:e4:af:
                    5b:5f:71:2d:96:d2:6b:37:82:c3:16:a3:9b:a9:79:
                    1c:28:9d:b8:23:02:c2:01:98:8b:82:47:b0:e8:1e:
                    2d:b5:4e:ae:0a:1a:46:33:d4:e7:ef:ac:40:ef:b2:
                    ed:f1:e1:10:8f:0d:62:60:1a:58:5f:71:04:a3:35:
                    8c:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:FD:57:97:02:36:2D:06:94:46:A0:11:B9:52:B2:EB:EE:DF:05:50
            X509v3 Authority Key Identifier:
                keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/Jf1XlwI2LQaURqARuVKy6-7fBVA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:70:3e:55:7b:f1:26:40:10:85:3d:58:9e:d7:7a:63:59:27:
         fb:3d:c5:d6:d5:24:7d:91:41:27:13:7d:ee:60:09:0a:d6:35:
         d2:ea:8b:52:0d:ec:85:b0:1d:1a:60:75:03:cd:e7:8b:82:8f:
         be:7a:41:b6:9d:e3:81:0c:2c:db:8f:0a:2f:0f:87:c9:af:d8:
         d9:c8:65:7b:78:cd:be:2a:6c:d7:77:f3:49:b4:10:2f:41:2f:
         f3:75:65:8a:34:19:4e:ee:ef:6e:0f:18:6e:47:11:3a:f9:8d:
         e3:78:7d:f8:3d:90:e5:9a:bd:fb:c2:c1:78:97:45:96:ba:41:
         46:8c:1b:95:f3:31:c6:27:7a:48:69:1e:e1:a0:04:7d:95:60:
         6f:79:aa:ac:4c:10:20:9f:20:c9:4b:8c:21:bc:e5:2e:f7:3c:
         59:cd:80:57:c4:46:ba:6f:17:2c:99:cc:f7:ed:ee:1a:f7:1d:
         e5:a4:08:4b:51:6e:97:2d:e4:87:0d:da:f9:6e:1e:32:37:c2:
         3b:28:4e:57:eb:db:be:14:b6:8e:7e:a9:df:02:7c:0a:49:ce:
         32:20:2d:d9:34:54:78:d9:f1:e9:58:69:8e:a8:25:3f:cf:7d:
         b9:8c:8c:15:d9:71:bb:4c:a8:06:56:29:d9:03:76:f3:ea:31:
         9f:e7:f2:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlQEu6jB1lhXgGGbN/oa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjQwMTAyMDAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWZkNTc5NzAyMzYyZDA2OTQ0NmEwMTFiOTUyYjJlYmVlZGYwNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIvC4nMuuA4iEwdWGA7zWfcje874
ih6HXYAJuYOJErdh4gXJEjuEf5eJwaGV019dBJ8tMKj6WYsHjP2T8hW4qY3BlMpb
9wSsgr74i58nVfk2thO23Jj1YB84yb7379K1zqnWRe3PQLMJ+5jFytENPEnZeEO3
FRRObL9CCKemmQTHQsowSV+2nsTVPNfhIMW8sDEpPNfJXopiDwm0nnbSXHJGRuaC
SrtpY/1dsi8LErPp12fq747c2gtRF6hnwy3v5K9bX3EtltJrN4LDFqObqXkcKJ24
IwLCAZiLgkew6B4ttU6uChpGM9Tn76xA77Lt8eEQjw1iYBpYX3EEozWMnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCX9V5cCNi0GlEagEblSsuvu3wVQMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvSmYxWGx3STJMUWFVUnFBUnVWS3k2LTdmQlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSGnMA0G
CSqGSIb3DQEBCwUAA4IBAQB/cD5Ve/EmQBCFPVie13pjWSf7PcXW1SR9kUEnE33u
YAkK1jXS6otSDeyFsB0aYHUDzeeLgo++ekG2neOBDCzbjwovD4fJr9jZyGV7eM2+
KmzXd/NJtBAvQS/zdWWKNBlO7u9uDxhuRxE6+Y3jeH34PZDlmr37wsF4l0WWukFG
jBuV8zHGJ3pIaR7hoAR9lWBveaqsTBAgnyDJS4whvOUu9zxZzYBXxEa6bxcsmcz3
7e4a9x3lpAhLUW6XLeSHDdr5bh4yN8I7KE5X69u+FLaOfqnfAnwKSc4yIC3ZNFR4
2fHpWGmOqCU/z325jIwV2XG7TKgGVinZA3bz6jGf5/KH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:14 2024 by rpki-client on console-fra.rpki-client.org