Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/jXffaGIWrce3N4-p2T0w9tgA8xU.roa
File:                     jXffaGIWrce3N4-p2T0w9tgA8xU.roa (raw, json)
Hash identifier:          Q8+mTHtG21ZwUrtv7DDnN8zQyp3OUj7d6PLxkAU8wuY=
Subject key identifier:   8D:77:DF:68:62:16:AD:C7:B7:37:8F:A9:D9:3D:30:F6:D8:00:F3:15
Certificate issuer:       /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial:       018A3C27DBB3890F605A7EDA1D5FF251767B
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/jXffaGIWrce3N4-p2T0w9tgA8xU.roa
Signing time:             Mon 28 Aug 2023 12:39:19 +0000
ROA not before:           Mon 28 Aug 2023 12:39:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        89.187.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 28 Aug 2023 17:59:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:3c:27:db:b3:89:0f:60:5a:7e:da:1d:5f:f2:51:76:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
        Validity
            Not Before: Aug 28 12:39:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d77df686216adc7b7378fa9d93d30f6d800f315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:9f:82:bc:04:11:6c:b8:68:f7:5f:f5:20:93:
                    0e:de:54:b7:6b:70:34:dc:31:d7:95:9d:1a:10:06:
                    79:a6:6f:05:3f:6a:17:70:b5:d1:a5:a5:5d:5a:4f:
                    dc:f6:e1:57:d1:de:90:80:3d:36:24:91:de:37:e4:
                    bc:4a:26:95:56:f9:ec:b1:87:78:f6:e0:7b:82:24:
                    f8:0d:21:a0:9a:5b:c7:f2:4e:ee:bd:6a:c3:ee:42:
                    02:9e:a4:bd:fe:de:a9:38:83:fc:09:24:79:9b:1a:
                    6f:b0:e3:a7:19:15:03:5c:bb:ea:46:c7:5e:f3:38:
                    2b:e8:bc:34:61:0c:e9:64:ba:2b:2d:0a:cf:93:40:
                    61:0d:27:15:00:18:0f:6a:17:88:01:96:78:fb:d5:
                    35:0e:10:60:90:79:14:4c:8e:e6:b0:0c:3b:dc:09:
                    b4:a6:18:eb:12:dc:f7:b0:bd:f1:d5:5a:cc:53:ac:
                    28:61:7a:ba:ee:0e:d7:08:41:3d:6e:c5:aa:07:b5:
                    16:b9:72:c4:79:4a:bf:51:ff:39:e8:b8:1b:44:1b:
                    cb:b5:64:27:40:0e:ce:d4:7e:cd:b7:5c:cd:45:d7:
                    44:36:3b:d4:10:ff:91:84:06:ca:f6:37:a4:90:ca:
                    46:a5:a0:dc:51:67:98:c1:e9:75:20:38:aa:ff:4e:
                    a5:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:77:DF:68:62:16:AD:C7:B7:37:8F:A9:D9:3D:30:F6:D8:00:F3:15
            X509v3 Authority Key Identifier:
                keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/jXffaGIWrce3N4-p2T0w9tgA8xU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:ea:c5:17:20:e0:12:30:4c:ba:6b:0a:c4:0d:44:0e:1d:b4:
         6e:a3:a6:0b:50:6e:4f:6f:b8:c9:d6:6d:04:1c:cd:fc:c6:12:
         bc:ea:6b:72:2f:c1:50:31:21:de:ae:3c:b6:fb:4a:66:e0:96:
         df:f0:43:fa:39:31:86:e7:f5:b7:73:6d:10:c6:61:cc:17:08:
         34:a7:d0:86:02:ca:48:64:05:c3:94:aa:09:eb:02:0a:a1:db:
         14:71:60:1c:37:9e:df:67:31:d3:c8:54:12:b3:53:41:a8:00:
         42:2e:88:e9:08:45:f8:b0:cc:f0:0c:4a:39:6a:11:e8:55:c8:
         8a:c0:e1:cc:62:15:ac:21:fa:2c:8a:ed:fb:11:80:d1:32:68:
         da:34:4c:38:ad:e4:56:59:f2:0d:07:63:dc:3c:3a:12:b7:ea:
         5d:e2:38:14:ae:be:18:56:76:7d:90:2a:75:61:aa:8e:62:20:
         b9:04:b4:f4:79:5b:ea:9e:90:ce:ca:fc:fc:9f:17:11:11:4d:
         54:ab:98:41:44:56:98:7e:e3:a6:bd:41:60:25:fd:f3:be:f1:
         f4:01:f6:39:cf:1c:17:d4:15:d9:0e:41:90:8c:5d:fd:08:4d:
         1d:42:e7:a8:c4:9f:d9:35:61:d5:6a:67:ce:27:d8:ad:f7:12:
         29:65:fa:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo8J9uziQ9gWn7aHV/yUXZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwODI4MTIzOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDc3ZGY2ODYyMTZhZGM3YjczNzhmYTlkOTNkMzBmNmQ4MDBmMzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ+CvAQRbLho91/1IJMO3lS3a3A0
3DHXlZ0aEAZ5pm8FP2oXcLXRpaVdWk/c9uFX0d6QgD02JJHeN+S8SiaVVvnssYd4
9uB7giT4DSGgmlvH8k7uvWrD7kICnqS9/t6pOIP8CSR5mxpvsOOnGRUDXLvqRsde
8zgr6Lw0YQzpZLorLQrPk0BhDScVABgPaheIAZZ4+9U1DhBgkHkUTI7msAw73Am0
phjrEtz3sL3x1VrMU6woYXq67g7XCEE9bsWqB7UWuXLEeUq/Uf856LgbRBvLtWQn
QA7O1H7Nt1zNRddENjvUEP+RhAbK9jekkMpGpaDcUWeYwel1IDiq/06liwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI1332hiFq3HtzePqdk9MPbYAPMVMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvalhmZmFHSVdyY2UzTjQtcDJUMHc5dGdBOHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsfMA0G
CSqGSIb3DQEBCwUAA4IBAQBS6sUXIOASMEy6awrEDUQOHbRuo6YLUG5Pb7jJ1m0E
HM38xhK86mtyL8FQMSHerjy2+0pm4Jbf8EP6OTGG5/W3c20QxmHMFwg0p9CGAspI
ZAXDlKoJ6wIKodsUcWAcN57fZzHTyFQSs1NBqABCLojpCEX4sMzwDEo5ahHoVciK
wOHMYhWsIfosiu37EYDRMmjaNEw4reRWWfINB2PcPDoSt+pd4jgUrr4YVnZ9kCp1
YaqOYiC5BLT0eVvqnpDOyvz8nxcREU1Uq5hBRFaYfuOmvUFgJf3zvvH0AfY5zxwX
1BXZDkGQjF39CE0dQueoxJ/ZNWHVamfOJ9it9xIpZfqX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org