Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/S4TFLsIdQLK7QjHfrVH1zqExia4.roa
File:                     S4TFLsIdQLK7QjHfrVH1zqExia4.roa (raw, json)
Hash identifier:          FL6weZpJmP0mp9UlOg5hr//E54PjmThrwHSzVJ+LSu0=
Subject key identifier:   4B:84:C5:2E:C2:1D:40:B2:BB:42:31:DF:AD:51:F5:CE:A1:31:89:AE
Certificate issuer:       /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial:       01877CBFDD8ABB4C0D6593D8CD916C25B30C
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/S4TFLsIdQLK7QjHfrVH1zqExia4.roa
Signing time:             Thu 13 Apr 2023 22:32:41 +0000
ROA not before:           Thu 13 Apr 2023 22:32:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        89.187.4.0/24 maxlen: 24
                          89.187.8.0/24 maxlen: 24
                          89.187.7.0/24 maxlen: 24
                          89.187.6.0/24 maxlen: 24
                          89.187.5.0/24 maxlen: 24
                          89.187.11.0/24 maxlen: 24
                          89.187.10.0/24 maxlen: 24
                          89.187.9.0/24 maxlen: 24
                          89.187.15.0/24 maxlen: 24
                          89.187.14.0/24 maxlen: 24
                          89.187.13.0/24 maxlen: 24
                          89.187.12.0/24 maxlen: 24
                          89.187.17.0/24 maxlen: 24
                          89.187.16.0/24 maxlen: 24
                          89.187.18.0/24 maxlen: 24
                          89.187.22.0/24 maxlen: 24
                          89.187.21.0/24 maxlen: 24
                          89.187.20.0/24 maxlen: 24
                          89.187.19.0/24 maxlen: 24
                          89.187.24.0/24 maxlen: 24
                          89.187.23.0/24 maxlen: 24
                          89.187.29.0/24 maxlen: 24
                          89.187.28.0/24 maxlen: 24
                          89.187.27.0/24 maxlen: 24
                          89.187.26.0/24 maxlen: 24
                          89.187.30.0/24 maxlen: 24
                          89.187.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 22:41:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7c:bf:dd:8a:bb:4c:0d:65:93:d8:cd:91:6c:25:b3:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
        Validity
            Not Before: Apr 13 22:32:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b84c52ec21d40b2bb4231dfad51f5cea13189ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d9:3e:70:51:81:2f:e1:05:eb:7f:22:bb:3c:
                    0f:ba:48:6a:e9:78:88:18:09:6c:ab:aa:9f:70:ba:
                    dd:ef:bd:f0:80:d3:ae:a2:81:48:db:a7:b2:ed:36:
                    d2:27:f9:84:4e:6a:76:9c:0a:e7:73:3a:4a:fb:6c:
                    64:1a:0b:bc:72:eb:56:32:83:05:ee:5f:6f:5d:5b:
                    b1:1f:e5:ed:00:63:05:49:98:d5:bc:f6:21:55:4d:
                    65:7f:bc:c1:79:58:ba:59:71:16:97:6c:f6:b9:21:
                    db:67:81:0a:3e:69:ba:51:0d:d6:a9:7f:13:ee:70:
                    35:fb:d8:08:45:fa:c9:ab:a5:e8:14:c9:82:e7:bf:
                    83:d6:81:6b:d3:b3:de:61:d6:11:d4:d9:04:26:46:
                    a5:44:1e:ef:e4:82:ad:4b:29:99:57:5e:33:e3:8e:
                    47:25:24:d3:5c:5b:ae:f4:9f:d4:3a:c4:67:c3:e5:
                    07:a5:48:9a:4a:96:e0:af:cb:3d:a9:f5:b6:7b:bc:
                    fe:10:9e:ad:73:1c:50:48:c1:5e:81:b0:4c:65:b4:
                    4b:68:86:60:c5:39:1d:9a:7e:e7:ea:86:e3:33:5c:
                    83:66:db:2f:b4:17:23:c5:7f:81:b0:3c:d2:5b:34:
                    1c:23:9d:82:23:8a:4d:f4:fd:98:df:2d:90:28:01:
                    3a:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:84:C5:2E:C2:1D:40:B2:BB:42:31:DF:AD:51:F5:CE:A1:31:89:AE
            X509v3 Authority Key Identifier:
                keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/S4TFLsIdQLK7QjHfrVH1zqExia4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.4.0-89.187.30.255

    Signature Algorithm: sha256WithRSAEncryption
         40:80:2f:e1:57:e3:bf:23:99:32:f7:fa:49:93:1b:9e:1f:f6:
         10:27:20:05:7c:7d:f6:96:c6:4d:85:4f:4b:72:75:38:3d:92:
         9a:49:a9:fc:d6:7c:66:ff:37:64:bf:53:b9:af:4e:bd:8e:95:
         82:89:d7:07:73:3a:1e:7e:bb:14:aa:5e:c4:2e:80:9a:f0:46:
         54:bb:a1:a1:85:b0:9b:05:ad:bd:54:0d:00:aa:46:fe:aa:96:
         3d:64:7d:4c:46:06:4b:a9:c9:c1:6d:da:89:cb:dc:61:1c:70:
         d0:db:55:04:13:a1:e9:82:33:9d:3e:99:ed:5c:23:39:b4:1b:
         af:21:0e:bf:ab:3d:ab:64:41:41:50:ea:17:5e:be:70:ea:1d:
         8d:42:53:d0:54:e3:ec:c3:d0:8e:57:af:21:6e:e5:0a:52:57:
         35:eb:72:8d:10:f0:4c:e5:e0:fd:c4:4d:8c:61:10:7d:57:7b:
         a3:ff:cb:80:76:2b:0c:f7:41:6f:9a:13:5b:4b:65:96:b6:72:
         a4:3d:7f:0b:bc:7b:d6:2b:fd:eb:46:b3:d8:a9:53:53:18:3a:
         25:bb:db:c6:93:12:62:29:23:a6:eb:c2:3e:6a:d9:8f:ea:b4:
         91:41:80:08:ab:24:f6:e8:9f:79:8f:65:b0:31:41:27:d3:6e:
         b9:bc:23:8a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYd8v92Ku0wNZZPYzZFsJbMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNDEzMjIzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjg0YzUyZWMyMWQ0MGIyYmI0MjMxZGZhZDUxZjVjZWExMzE4OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9k+cFGBL+EF638iuzwPukhq6XiI
GAlsq6qfcLrd773wgNOuooFI26ey7TbSJ/mETmp2nArnczpK+2xkGgu8cutWMoMF
7l9vXVuxH+XtAGMFSZjVvPYhVU1lf7zBeVi6WXEWl2z2uSHbZ4EKPmm6UQ3WqX8T
7nA1+9gIRfrJq6XoFMmC57+D1oFr07PeYdYR1NkEJkalRB7v5IKtSymZV14z445H
JSTTXFuu9J/UOsRnw+UHpUiaSpbgr8s9qfW2e7z+EJ6tcxxQSMFegbBMZbRLaIZg
xTkdmn7n6objM1yDZtsvtBcjxX+BsDzSWzQcI52CI4pN9P2Y3y2QKAE69QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEuExS7CHUCyu0Ix361R9c6hMYmuMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvUzRURkxzSWRRTEs3UWpIZnJWSDF6cUV4aWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZuwQD
BABZux4wDQYJKoZIhvcNAQELBQADggEBAECAL+FX478jmTL3+kmTG54f9hAnIAV8
ffaWxk2FT0tydTg9kppJqfzWfGb/N2S/U7mvTr2OlYKJ1wdzOh5+uxSqXsQugJrw
RlS7oaGFsJsFrb1UDQCqRv6qlj1kfUxGBkupycFt2onL3GEccNDbVQQToemCM50+
me1cIzm0G68hDr+rPatkQUFQ6hdevnDqHY1CU9BU4+zD0I5XryFu5QpSVzXrco0Q
8Ezl4P3ETYxhEH1Xe6P/y4B2Kwz3QW+aE1tLZZa2cqQ9fwu8e9Yr/etGs9ipU1MY
OiW728aTEmIpI6brwj5q2Y/qtJFBgAirJPbon3mPZbAxQSfTbrm8I4o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org