Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/83C6g0IuZRwyXe0IUcCbepoxwRw.roa
File:                     83C6g0IuZRwyXe0IUcCbepoxwRw.roa (raw, json)
Hash identifier:          JD6DYKEumgAunaLCL4/lTBhtnPjVZiXIDk/dJn3nM2M=
Subject key identifier:   F3:70:BA:83:42:2E:65:1C:32:5D:ED:08:51:C0:9B:7A:9A:31:C1:1C
Certificate issuer:       /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial:       01877CC81AB76CD1C4F40A1431D9CE1CF5F7
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/83C6g0IuZRwyXe0IUcCbepoxwRw.roa
Signing time:             Thu 13 Apr 2023 22:41:41 +0000
ROA not before:           Thu 13 Apr 2023 22:41:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39810
IP address blocks:        89.187.0.0/23 maxlen: 24
                          89.187.2.0/24 maxlen: 24
                          89.187.3.0/24 maxlen: 24
                          89.187.4.0/24 maxlen: 24
                          89.187.11.0/24 maxlen: 24
                          89.187.7.0/24 maxlen: 24
                          89.187.8.0/24 maxlen: 24
                          89.187.9.0/24 maxlen: 24
                          89.187.10.0/24 maxlen: 24
                          89.187.5.0/24 maxlen: 24
                          89.187.6.0/24 maxlen: 24
                          89.187.14.0/24 maxlen: 24
                          89.187.15.0/24 maxlen: 24
                          89.187.16.0/24 maxlen: 24
                          89.187.17.0/24 maxlen: 24
                          89.187.12.0/24 maxlen: 24
                          89.187.13.0/24 maxlen: 24
                          89.187.21.0/24 maxlen: 24
                          89.187.22.0/24 maxlen: 24
                          89.187.23.0/24 maxlen: 24
                          89.187.24.0/24 maxlen: 24
                          89.187.18.0/24 maxlen: 24
                          89.187.19.0/24 maxlen: 24
                          89.187.20.0/24 maxlen: 24
                          89.187.28.0/24 maxlen: 24
                          89.187.29.0/24 maxlen: 24
                          89.187.30.0/24 maxlen: 24
                          89.187.25.0/24 maxlen: 24
                          89.187.26.0/24 maxlen: 24
                          89.187.27.0/24 maxlen: 24
                          2a10:e400::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 00:31:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7c:c8:1a:b7:6c:d1:c4:f4:0a:14:31:d9:ce:1c:f5:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
        Validity
            Not Before: Apr 13 22:41:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f370ba83422e651c325ded0851c09b7a9a31c11c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:61:9c:36:45:ed:2c:d9:ce:4c:c5:5d:06:4f:
                    0a:24:0c:11:8b:54:b8:fb:16:da:3c:e0:a6:25:da:
                    af:f5:87:a8:d6:14:6e:87:85:af:60:dd:5b:7d:3e:
                    d0:e2:41:b1:eb:b4:fe:2a:2c:7e:c0:26:e4:d2:04:
                    37:6c:f3:22:28:92:a6:b3:aa:83:db:49:25:14:68:
                    76:59:69:14:7d:b3:a5:cd:0b:01:22:55:e0:9b:05:
                    15:5e:ed:73:1b:f3:b9:10:1c:0e:4d:1e:2a:69:ad:
                    64:cb:8c:f4:1f:3a:f5:57:da:2a:e6:f4:b9:30:48:
                    fc:f4:a6:54:ae:e3:e3:a9:27:4e:8b:68:50:66:ed:
                    42:bb:c7:86:6f:42:f4:6d:06:b5:8f:e6:99:10:3c:
                    57:0a:b5:ee:a2:77:e9:4f:bb:d6:ae:b7:ca:b7:08:
                    ca:f4:61:18:28:01:eb:a4:72:f4:94:19:ae:cc:4d:
                    1a:72:1c:b1:7f:94:20:4b:60:3d:3d:72:a2:3b:3c:
                    a6:1e:54:b8:31:93:9b:52:bb:ef:71:96:20:c1:7f:
                    e3:84:32:46:03:39:91:03:e4:26:d3:cf:df:11:5f:
                    44:9c:22:f8:92:1e:23:a1:29:61:f3:4c:5e:d6:48:
                    4e:85:0d:8d:55:85:85:ac:ae:14:f8:27:ec:2c:1f:
                    c6:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:70:BA:83:42:2E:65:1C:32:5D:ED:08:51:C0:9B:7A:9A:31:C1:1C
            X509v3 Authority Key Identifier:
                keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/83C6g0IuZRwyXe0IUcCbepoxwRw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.0.0-89.187.30.255
                IPv6:
                  2a10:e400::/29

    Signature Algorithm: sha256WithRSAEncryption
         be:65:87:f7:87:9e:2e:27:d7:38:0b:40:9d:e8:15:9f:c5:5e:
         a0:85:68:a6:7a:c3:f2:f5:b6:7e:a2:34:44:37:41:08:08:82:
         0c:dc:6f:49:93:64:f3:ed:9d:7d:c4:9a:fd:9f:60:8b:da:20:
         d5:49:cf:22:36:18:81:17:ec:2e:e9:a6:1a:26:29:ac:fc:55:
         e0:a5:8f:69:40:e8:c3:93:2d:09:91:5a:ef:b6:c5:5a:33:35:
         13:26:b8:34:5c:29:8e:45:93:d2:0b:ba:33:43:69:66:59:bc:
         8e:ec:d5:a0:f7:3b:c8:c2:72:c0:de:5b:de:b4:8a:50:c9:40:
         24:7f:7f:9c:4a:38:c9:84:2c:b9:ff:1e:24:4c:b2:78:3c:9c:
         0a:76:b6:59:cd:a6:04:b4:e4:ec:84:e1:8e:4b:fb:fa:f2:00:
         f8:df:43:ed:1d:23:43:c2:ba:ff:84:60:f9:33:9a:aa:21:36:
         b3:ec:53:61:24:92:c5:aa:51:9c:1d:cb:56:ce:72:fd:e2:29:
         26:5f:c2:35:22:a7:14:4a:a4:69:a5:3d:68:c5:90:f8:7d:8b:
         30:b0:6e:a3:96:6d:d8:3e:88:94:90:ff:8f:3f:50:8e:f1:83:
         42:dc:90:9c:12:da:b9:a1:1e:ea:65:68:64:c7:f9:67:42:c6:
         b4:2c:de:c5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYd8yBq3bNHE9AoUMdnOHPX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNDEzMjI0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzcwYmE4MzQyMmU2NTFjMzI1ZGVkMDg1MWMwOWI3YTlhMzFjMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWGcNkXtLNnOTMVdBk8KJAwRi1S4
+xbaPOCmJdqv9Yeo1hRuh4WvYN1bfT7Q4kGx67T+Kix+wCbk0gQ3bPMiKJKms6qD
20klFGh2WWkUfbOlzQsBIlXgmwUVXu1zG/O5EBwOTR4qaa1ky4z0Hzr1V9oq5vS5
MEj89KZUruPjqSdOi2hQZu1Cu8eGb0L0bQa1j+aZEDxXCrXuonfpT7vWrrfKtwjK
9GEYKAHrpHL0lBmuzE0achyxf5QgS2A9PXKiOzymHlS4MZObUrvvcZYgwX/jhDJG
AzmRA+Qm08/fEV9EnCL4kh4joSlh80xe1khOhQ2NVYWFrK4U+CfsLB/GPQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPNwuoNCLmUcMl3tCFHAm3qaMcEcMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvODNDNmcwSXVaUnd5WGUwSVVjQ2JlcG94d1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwBZuwME
AFm7HjANBAIAAjAHAwUDKhDkADANBgkqhkiG9w0BAQsFAAOCAQEAvmWH94eeLifX
OAtAnegVn8VeoIVopnrD8vW2fqI0RDdBCAiCDNxvSZNk8+2dfcSa/Z9gi9og1UnP
IjYYgRfsLummGiYprPxV4KWPaUDow5MtCZFa77bFWjM1Eya4NFwpjkWT0gu6M0Np
Zlm8juzVoPc7yMJywN5b3rSKUMlAJH9/nEo4yYQsuf8eJEyyeDycCna2Wc2mBLTk
7IThjkv7+vIA+N9D7R0jQ8K6/4Rg+TOaqiE2s+xTYSSSxapRnB3LVs5y/eIpJl/C
NSKnFEqkaaU9aMWQ+H2LMLBuo5Zt2D6IlJD/jz9QjvGDQtyQnBLauaEe6mVoZMf5
Z0LGtCzexQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:03 2024 by rpki-client on console-ams.rpki-client.org