Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/hC7EQk-x1o4VFzFUbdZdwhZLLUU.roa
File:                     hC7EQk-x1o4VFzFUbdZdwhZLLUU.roa (raw, json)
Hash identifier:          PINa08GVSUxVY13BLzmhtpDHs9IO5vAsCSX2U4/PzSE=
Subject key identifier:   84:2E:C4:42:4F:B1:D6:8E:15:17:31:54:6D:D6:5D:C2:16:4B:2D:45
Certificate issuer:       /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial:       018CC86FE764C9D481C2A61A939F3419DB65
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/hC7EQk-x1o4VFzFUbdZdwhZLLUU.roa
Signing time:             Tue 02 Jan 2024 04:30:26 +0000
ROA not before:           Tue 02 Jan 2024 04:30:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5065
IP address blocks:        89.187.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Jan 2024 10:55:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:e7:64:c9:d4:81:c2:a6:1a:93:9f:34:19:db:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
        Validity
            Not Before: Jan  2 04:30:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=842ec4424fb1d68e151731546dd65dc2164b2d45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:32:b1:07:37:db:8e:d4:c7:53:64:df:e6:96:
                    54:4e:5a:f7:fb:df:08:47:88:40:d9:99:44:9e:d9:
                    d3:bc:68:f6:4e:c8:1f:ac:5e:50:be:5c:d7:84:44:
                    2f:55:dd:e9:ca:be:ce:d9:5a:94:6a:44:47:fc:de:
                    0e:cd:a6:3e:46:13:7f:0c:93:78:96:94:59:58:38:
                    c6:83:88:70:5d:c7:d5:5a:8f:b5:db:9b:be:89:bd:
                    bb:a7:ff:84:b7:63:41:0c:d4:c1:be:f3:78:89:d1:
                    50:29:3a:29:2b:d5:3d:c9:8c:53:39:d1:98:07:0d:
                    23:3b:4f:02:7f:43:f9:3b:00:00:c9:21:c7:33:2c:
                    70:2d:c7:44:b5:25:95:82:e0:2b:be:d4:df:21:f6:
                    32:54:a9:0e:26:25:3a:6e:ce:40:a2:38:74:df:98:
                    65:af:dd:ed:4e:14:48:46:a9:16:35:7b:2f:9f:3e:
                    40:dd:32:e9:be:2b:20:f0:2b:bb:05:56:b4:c6:52:
                    63:61:9a:1e:fa:96:17:6f:e1:11:a9:fc:1e:75:25:
                    18:a8:4d:bf:0c:96:c8:13:84:e3:15:d7:2a:d9:f0:
                    3f:58:91:42:93:b6:c6:99:19:39:5b:a7:bf:f2:b7:
                    30:40:97:60:e3:2e:b3:5c:61:53:61:e3:3f:8b:7d:
                    39:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:2E:C4:42:4F:B1:D6:8E:15:17:31:54:6D:D6:5D:C2:16:4B:2D:45
            X509v3 Authority Key Identifier:
                keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/hC7EQk-x1o4VFzFUbdZdwhZLLUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:bd:9b:e4:59:16:f1:39:3c:69:ba:b6:c4:a7:e9:c9:d4:c4:
         b9:99:c8:cf:59:31:45:bf:90:ce:8f:f9:4c:b3:fd:cb:c3:22:
         cc:4d:e4:cf:a2:3e:6b:92:d0:ca:c2:25:f6:03:0b:9d:58:f7:
         2f:79:9f:d1:72:3f:0a:0d:ba:2b:30:cf:8b:32:ba:7a:a6:bf:
         ea:a8:9c:ae:0a:ec:c4:4f:b6:fe:e9:4d:c6:80:b3:95:1e:35:
         92:25:47:83:ee:9e:27:51:d6:41:46:6b:93:7f:0b:4f:f8:db:
         a9:52:9e:ab:59:82:5e:b9:c0:87:f4:5c:e8:fa:0a:7c:38:9c:
         e8:18:0d:25:5c:a8:af:9e:3c:01:b2:d1:c2:ce:0a:1f:61:64:
         df:b1:eb:27:db:ff:27:2b:71:46:85:71:43:8d:ed:9a:8a:d7:
         39:84:ac:4f:f2:49:de:86:52:41:2b:96:93:c7:f5:44:98:7a:
         e9:49:8a:be:f1:7d:63:2d:00:32:4f:6e:d1:36:82:59:5d:39:
         47:ce:0a:72:a6:cd:87:31:38:a3:08:5e:0e:62:ab:86:ad:74:
         34:78:d5:47:a9:05:ad:18:08:97:7d:01:22:9d:c4:9c:6f:a9:
         58:27:3a:34:1a:52:22:eb:47:fd:8c:80:85:fa:ea:ea:6a:b2:
         f1:fc:94:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb+dkydSBwqYak580GdtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwMTAyMDQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJlYzQ0MjRmYjFkNjhlMTUxNzMxNTQ2ZGQ2NWRjMjE2NGIyZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzKxBzfbjtTHU2Tf5pZUTlr3+98I
R4hA2ZlEntnTvGj2TsgfrF5QvlzXhEQvVd3pyr7O2VqUakRH/N4OzaY+RhN/DJN4
lpRZWDjGg4hwXcfVWo+125u+ib27p/+Et2NBDNTBvvN4idFQKTopK9U9yYxTOdGY
Bw0jO08Cf0P5OwAAySHHMyxwLcdEtSWVguArvtTfIfYyVKkOJiU6bs5Aojh035hl
r93tThRIRqkWNXsvnz5A3TLpvisg8Cu7BVa0xlJjYZoe+pYXb+ERqfwedSUYqE2/
DJbIE4TjFdcq2fA/WJFCk7bGmRk5W6e/8rcwQJdg4y6zXGFTYeM/i305VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQuxEJPsdaOFRcxVG3WXcIWSy1FMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvaEM3RVFrLXgxbzRWRnpGVWJkWmR3aFpMTFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsfMA0G
CSqGSIb3DQEBCwUAA4IBAQAevZvkWRbxOTxpurbEp+nJ1MS5mcjPWTFFv5DOj/lM
s/3LwyLMTeTPoj5rktDKwiX2AwudWPcveZ/Rcj8KDborMM+LMrp6pr/qqJyuCuzE
T7b+6U3GgLOVHjWSJUeD7p4nUdZBRmuTfwtP+NupUp6rWYJeucCH9Fzo+gp8OJzo
GA0lXKivnjwBstHCzgofYWTfsesn2/8nK3FGhXFDje2aitc5hKxP8knehlJBK5aT
x/VEmHrpSYq+8X1jLQAyT27RNoJZXTlHzgpyps2HMTijCF4OYquGrXQ0eNVHqQWt
GAiXfQEincScb6lYJzo0GlIi60f9jICF+urqarLx/JSd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:03 2024 by rpki-client on console-ams.rpki-client.org