Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/5b36ce-d8dd-4561-8ebf-53e9ef6073c5/1/jUwjO5ji0xm0r09GJKSJbJ1jqYY.roa
File:                     jUwjO5ji0xm0r09GJKSJbJ1jqYY.roa (raw, json)
Hash identifier:          cRcpCkc9ugpGZX/lr9ai96BgEkE52I85mrkLNSZ6yWg=
Subject key identifier:   8D:4C:23:3B:98:E2:D3:19:B4:AF:4F:46:24:A4:89:6C:9D:63:A9:86
Certificate issuer:       /CN=97310ada6a1bbd7aa68e140223bf9c625a33be41
Certificate serial:       01897CEDCEEC7270D028684199EEB6F9B48A
Authority key identifier: 97:31:0A:DA:6A:1B:BD:7A:A6:8E:14:02:23:BF:9C:62:5A:33:BE:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lzEK2mobvXqmjhQCI7-cYlozvkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/5b36ce-d8dd-4561-8ebf-53e9ef6073c5/1/jUwjO5ji0xm0r09GJKSJbJ1jqYY.roa
Signing time:             Sat 22 Jul 2023 09:28:26 +0000
ROA not before:           Sat 22 Jul 2023 09:28:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21105
IP address blocks:        80.89.9.0/24 maxlen: 24
                          80.89.8.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 15 Sep 2023 11:15:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:7c:ed:ce:ec:72:70:d0:28:68:41:99:ee:b6:f9:b4:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97310ada6a1bbd7aa68e140223bf9c625a33be41
        Validity
            Not Before: Jul 22 09:28:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d4c233b98e2d319b4af4f4624a4896c9d63a986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:96:01:6b:f8:f5:c9:17:c9:b1:24:7a:52:23:
                    d4:31:fa:64:66:63:6c:3f:5a:df:23:6c:98:c3:8b:
                    44:9f:2f:f5:5e:9a:ae:6b:8f:a8:94:7e:48:61:4d:
                    27:c6:6a:f1:bb:89:72:34:0c:aa:d6:8e:70:04:8c:
                    b0:c2:a0:2b:6d:97:f7:36:7d:40:a4:04:32:9e:4a:
                    f9:8b:1d:96:a5:4b:bb:0a:bf:9a:bc:f4:d5:53:ab:
                    f3:bf:19:25:20:42:7b:cd:05:0f:fa:99:77:bf:cf:
                    19:c7:a6:4f:58:1c:26:34:74:1e:55:41:1e:73:73:
                    a2:05:05:9b:5b:38:27:e7:c0:89:53:9b:43:c9:61:
                    9d:8e:8b:b7:72:0a:bf:40:78:26:36:48:de:99:00:
                    9f:fd:c6:e3:a1:24:68:24:ac:fd:02:66:3f:e2:cf:
                    bc:65:87:e3:db:14:0e:17:ad:5a:3a:f4:03:05:21:
                    f5:af:56:47:a1:a3:75:c4:7d:fa:1b:7f:b4:d4:b1:
                    fc:77:72:f2:2f:eb:79:4a:ae:06:e0:21:7f:3d:c8:
                    e8:18:0a:e9:15:99:0e:0f:59:56:8f:f7:67:98:b7:
                    ad:f2:08:87:f2:3b:47:6b:4e:79:8e:c0:00:40:76:
                    e9:43:1b:e7:cf:bc:02:d3:b2:5f:60:20:0a:07:18:
                    c7:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:4C:23:3B:98:E2:D3:19:B4:AF:4F:46:24:A4:89:6C:9D:63:A9:86
            X509v3 Authority Key Identifier:
                keyid:97:31:0A:DA:6A:1B:BD:7A:A6:8E:14:02:23:BF:9C:62:5A:33:BE:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lzEK2mobvXqmjhQCI7-cYlozvkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5b36ce-d8dd-4561-8ebf-53e9ef6073c5/1/jUwjO5ji0xm0r09GJKSJbJ1jqYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5b36ce-d8dd-4561-8ebf-53e9ef6073c5/1/lzEK2mobvXqmjhQCI7-cYlozvkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.89.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a8:ab:a2:e3:04:4a:eb:85:80:31:ba:38:38:f4:34:d3:78:9d:
         31:5d:18:db:8f:cc:bb:8f:e7:2c:26:44:d0:b7:3d:a0:69:c7:
         94:fa:5d:b7:05:bc:f7:2b:e2:30:fa:18:6a:54:ad:ff:20:49:
         1c:bd:cf:e7:fc:c6:3a:53:c0:a2:c8:32:71:55:ef:38:6d:4e:
         c5:1e:1c:2b:54:87:7e:2c:f8:d9:8a:00:08:02:d9:70:0c:8a:
         41:33:c8:09:dc:cb:20:ce:ef:74:b6:05:d1:b0:1d:e0:59:78:
         e7:f9:12:01:54:5e:fe:c3:60:6d:b4:fc:48:ab:d0:66:df:bc:
         3c:dc:02:6f:4d:a3:c7:c8:0e:fa:57:34:e5:34:ac:fb:92:d4:
         39:bc:d5:0b:e1:88:5c:20:64:62:27:ab:9d:24:10:0b:b6:d6:
         90:61:c5:37:98:22:d1:a0:ad:d1:98:5c:f6:cc:37:a5:55:d2:
         4f:0b:8b:48:7f:aa:3b:7e:8c:dc:e1:c6:6f:3d:bb:30:db:bb:
         5e:82:ea:b2:97:60:c6:03:50:56:45:e1:48:01:d3:59:68:e0:
         2c:f8:46:d0:e9:34:6d:59:a4:7a:6a:6b:4f:d4:26:02:c8:10:
         f0:ee:cd:12:39:8b:8d:ca:83:9f:4e:88:71:f3:29:0c:c8:f8:
         08:64:e7:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl87c7scnDQKGhBme62+bSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MzEwYWRhNmExYmJkN2FhNjhlMTQwMjIzYmY5YzYyNWEz
M2JlNDEwHhcNMjMwNzIyMDkyODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDRjMjMzYjk4ZTJkMzE5YjRhZjRmNDYyNGE0ODk2YzlkNjNhOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpYBa/j1yRfJsSR6UiPUMfpkZmNs
P1rfI2yYw4tEny/1Xpqua4+olH5IYU0nxmrxu4lyNAyq1o5wBIywwqArbZf3Nn1A
pAQynkr5ix2WpUu7Cr+avPTVU6vzvxklIEJ7zQUP+pl3v88Zx6ZPWBwmNHQeVUEe
c3OiBQWbWzgn58CJU5tDyWGdjou3cgq/QHgmNkjemQCf/cbjoSRoJKz9AmY/4s+8
ZYfj2xQOF61aOvQDBSH1r1ZHoaN1xH36G3+01LH8d3LyL+t5Sq4G4CF/PcjoGArp
FZkOD1lWj/dnmLet8giH8jtHa055jsAAQHbpQxvnz7wC07JfYCAKBxjHAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI1MIzuY4tMZtK9PRiSkiWydY6mGMB8GA1UdIwQY
MBaAFJcxCtpqG716po4UAiO/nGJaM75BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHpFSzJtb2J2WHFtamhRQ0k3LWNZbG96dmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81YjM2Y2UtZDhkZC00NTYxLThlYmYt
NTNlOWVmNjA3M2M1LzEvalV3ak81amkweG0wcjA5R0pLU0piSjFqcVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81YjM2Y2UtZDhkZC00NTYxLThlYmYtNTNlOWVmNjA3M2M1
LzEvbHpFSzJtb2J2WHFtamhRQ0k3LWNZbG96dmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUFkIMA0G
CSqGSIb3DQEBCwUAA4IBAQCoq6LjBErrhYAxujg49DTTeJ0xXRjbj8y7j+csJkTQ
tz2gaceU+l23Bbz3K+Iw+hhqVK3/IEkcvc/n/MY6U8CiyDJxVe84bU7FHhwrVId+
LPjZigAIAtlwDIpBM8gJ3Msgzu90tgXRsB3gWXjn+RIBVF7+w2BttPxIq9Bm37w8
3AJvTaPHyA76VzTlNKz7ktQ5vNUL4YhcIGRiJ6udJBALttaQYcU3mCLRoK3RmFz2
zDelVdJPC4tIf6o7fozc4cZvPbsw27teguqyl2DGA1BWReFIAdNZaOAs+EbQ6TRt
WaR6amtP1CYCyBDw7s0SOYuNyoOfTohx8ykMyPgIZOfo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:46 2024 by rpki-client on console-fra.rpki-client.org