Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/zsIMuXnT4Aec8_D2jJhi9vf_rD0.roa
File:                     zsIMuXnT4Aec8_D2jJhi9vf_rD0.roa (raw, json)
Hash identifier:          BmHwrHXJzty1cU9CpKFPvZqMwyaG8f8jb1OZaOC9ls8=
Subject key identifier:   CE:C2:0C:B9:79:D3:E0:07:9C:F3:F0:F6:8C:98:62:F6:F7:FF:AC:3D
Certificate issuer:       /CN=4e4c1389a849ef5dccb8303703b898c91e63d14f
Certificate serial:       01856DA62D520F3DC90EB4948960B8D2F14B
Authority key identifier: 4E:4C:13:89:A8:49:EF:5D:CC:B8:30:37:03:B8:98:C9:1E:63:D1:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkwTiahJ713MuDA3A7iYyR5j0U8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/zsIMuXnT4Aec8_D2jJhi9vf_rD0.roa
Signing time:             Sun 01 Jan 2023 14:04:45 +0000
ROA not before:           Sun 01 Jan 2023 14:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48367
IP address blocks:        152.89.220.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:2d:52:0f:3d:c9:0e:b4:94:89:60:b8:d2:f1:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e4c1389a849ef5dccb8303703b898c91e63d14f
        Validity
            Not Before: Jan  1 14:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cec20cb979d3e0079cf3f0f68c9862f6f7ffac3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c9:27:72:16:1d:bf:e8:c7:a0:78:2e:84:16:
                    0e:90:4b:46:5b:fb:f0:d6:cd:93:3d:74:b4:27:6d:
                    25:7f:93:e9:a0:c7:7d:a8:d3:9a:af:f2:cb:6f:d5:
                    b4:26:0f:b2:bb:c0:98:03:3a:73:82:39:b0:8d:d9:
                    12:87:d1:f5:c8:11:3e:ec:c0:1b:fc:5a:4d:59:ba:
                    a3:fe:9b:d8:19:ba:6e:b9:61:db:62:44:e3:82:52:
                    2b:41:e7:b3:fc:87:9f:cd:73:03:c8:67:72:8b:c7:
                    de:47:e7:1e:8c:35:9f:ba:48:6f:cf:d3:85:a8:5b:
                    5b:1b:c1:3b:04:a5:be:95:38:d8:6a:6b:88:80:e5:
                    33:dc:68:04:f7:0c:06:6f:7e:a7:24:0b:70:3f:4e:
                    45:1b:2f:b9:c1:34:17:39:03:5d:32:8f:92:e5:8c:
                    76:12:ed:f2:0a:a3:3b:4f:e4:e9:c0:6a:b6:66:c4:
                    cc:de:80:bf:7b:d3:4f:1b:1d:b2:8f:9d:43:52:3f:
                    f7:4c:a3:83:2f:67:bd:a2:7f:30:86:77:9c:1e:54:
                    16:ba:d3:ef:64:3a:85:ed:38:30:db:82:6c:24:c5:
                    99:16:db:96:6c:19:58:ab:e9:2d:6c:63:dc:16:82:
                    45:61:b3:a0:76:72:cc:1e:06:da:7f:61:58:9a:3e:
                    13:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:C2:0C:B9:79:D3:E0:07:9C:F3:F0:F6:8C:98:62:F6:F7:FF:AC:3D
            X509v3 Authority Key Identifier:
                keyid:4E:4C:13:89:A8:49:EF:5D:CC:B8:30:37:03:B8:98:C9:1E:63:D1:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkwTiahJ713MuDA3A7iYyR5j0U8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/zsIMuXnT4Aec8_D2jJhi9vf_rD0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/TkwTiahJ713MuDA3A7iYyR5j0U8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:d8:d0:db:85:94:e4:f4:82:92:3f:34:a5:b2:3b:0f:53:8f:
         0e:fb:67:34:38:86:b0:64:83:a5:45:18:22:88:a5:e1:bc:93:
         71:8e:50:eb:d1:bc:65:56:d6:4b:b4:89:74:e8:cc:2f:4b:ea:
         19:3d:45:53:58:27:9b:b1:6e:09:1e:55:c1:d0:ac:53:50:16:
         0e:7f:40:8e:38:d1:20:72:df:d0:88:b2:5c:e4:71:e3:10:e6:
         21:bd:eb:af:5f:41:0a:7d:8b:ba:a3:c6:fd:56:16:a1:bf:c5:
         0d:0c:3d:81:fe:2e:80:95:a8:4f:b6:8a:10:39:d3:94:d9:d9:
         fc:43:b0:1d:0f:cd:ab:b7:0f:f4:8b:0d:d5:ca:bd:48:67:fe:
         bd:af:d9:73:e5:08:87:e3:12:23:cc:90:65:ca:65:cc:c6:3b:
         ca:7d:75:47:17:ac:01:b4:3e:a4:75:b5:e8:47:e0:c8:2f:5d:
         07:8c:2f:d1:a5:11:83:66:32:2f:f5:33:d7:a0:cd:d0:6d:8d:
         40:48:33:0e:66:d5:46:71:5a:53:72:f4:2e:97:50:68:f8:5f:
         6e:d0:7a:35:18:c6:b9:38:76:9b:5f:21:e6:6c:0b:e9:c2:7c:
         d1:e9:06:bb:57:32:a0:54:65:aa:f1:2c:a5:75:a5:68:8c:32:
         1d:7c:b6:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpi1SDz3JDrSUiWC40vFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNGMxMzg5YTg0OWVmNWRjY2I4MzAzNzAzYjg5OGM5MWU2
M2QxNGYwHhcNMjMwMTAxMTQwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWMyMGNiOTc5ZDNlMDA3OWNmM2YwZjY4Yzk4NjJmNmY3ZmZhYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8knchYdv+jHoHguhBYOkEtGW/vw
1s2TPXS0J20lf5PpoMd9qNOar/LLb9W0Jg+yu8CYAzpzgjmwjdkSh9H1yBE+7MAb
/FpNWbqj/pvYGbpuuWHbYkTjglIrQeez/IefzXMDyGdyi8feR+cejDWfukhvz9OF
qFtbG8E7BKW+lTjYamuIgOUz3GgE9wwGb36nJAtwP05FGy+5wTQXOQNdMo+S5Yx2
Eu3yCqM7T+TpwGq2ZsTM3oC/e9NPGx2yj51DUj/3TKODL2e9on8whnecHlQWutPv
ZDqF7Tgw24JsJMWZFtuWbBlYq+ktbGPcFoJFYbOgdnLMHgbaf2FYmj4TtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7CDLl50+AHnPPw9oyYYvb3/6w9MB8GA1UdIwQY
MBaAFE5ME4moSe9dzLgwNwO4mMkeY9FPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGt3VGlhaEo3MTNNdURBM0E3aVl5UjVqMFU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTY1YjAtZmVlOS00OWJmLWE1NGQt
YThkODM4NDM4ZDhhLzEvenNJTXVYblQ0QWVjOF9EMmpKaGk5dmZfckQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTY1YjAtZmVlOS00OWJmLWE1NGQtYThkODM4NDM4ZDhh
LzEvVGt3VGlhaEo3MTNNdURBM0E3aVl5UjVqMFU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFncMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ2NDbhZTk9IKSPzSlsjsPU48O+2c0OIawZIOlRRgi
iKXhvJNxjlDr0bxlVtZLtIl06MwvS+oZPUVTWCebsW4JHlXB0KxTUBYOf0COONEg
ct/QiLJc5HHjEOYhveuvX0EKfYu6o8b9Vhahv8UNDD2B/i6AlahPtooQOdOU2dn8
Q7AdD82rtw/0iw3Vyr1IZ/69r9lz5QiH4xIjzJBlymXMxjvKfXVHF6wBtD6kdbXo
R+DIL10HjC/RpRGDZjIv9TPXoM3QbY1ASDMOZtVGcVpTcvQul1Bo+F9u0Ho1GMa5
OHabXyHmbAvpwnzR6Qa7VzKgVGWq8SyldaVojDIdfLZ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:57 2024 by rpki-client on console-ams.rpki-client.org