Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/nwyp0c5WjRFKIRElL0RML6pLZvU.roa
File:                     nwyp0c5WjRFKIRElL0RML6pLZvU.roa (raw, json)
Hash identifier:          mn5v0dpsWbZRFu3O6fFMBTtNvbe1PDfvLIR9/Ptni94=
Subject key identifier:   9F:0C:A9:D1:CE:56:8D:11:4A:21:11:25:2F:44:4C:2F:AA:4B:66:F5
Certificate issuer:       /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial:       01877D2CD04609F51B85B1A874CE8898FCBF
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/nwyp0c5WjRFKIRElL0RML6pLZvU.roa
Signing time:             Fri 14 Apr 2023 00:31:41 +0000
ROA not before:           Fri 14 Apr 2023 00:31:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39810
IP address blocks:        89.187.0.0/23 maxlen: 24
                          89.187.2.0/24 maxlen: 24
                          89.187.3.0/24 maxlen: 24
                          89.187.4.0/24 maxlen: 24
                          89.187.11.0/24 maxlen: 24
                          89.187.7.0/24 maxlen: 24
                          89.187.8.0/24 maxlen: 24
                          89.187.9.0/24 maxlen: 24
                          89.187.10.0/24 maxlen: 24
                          89.187.5.0/24 maxlen: 24
                          89.187.6.0/24 maxlen: 24
                          89.187.14.0/24 maxlen: 24
                          89.187.15.0/24 maxlen: 24
                          89.187.16.0/24 maxlen: 24
                          89.187.17.0/24 maxlen: 24
                          89.187.12.0/24 maxlen: 24
                          89.187.13.0/24 maxlen: 24
                          89.187.21.0/24 maxlen: 24
                          89.187.22.0/24 maxlen: 24
                          89.187.23.0/24 maxlen: 24
                          89.187.24.0/24 maxlen: 24
                          89.187.18.0/24 maxlen: 24
                          89.187.19.0/24 maxlen: 24
                          89.187.20.0/24 maxlen: 24
                          89.187.28.0/24 maxlen: 24
                          89.187.29.0/24 maxlen: 24
                          89.187.30.0/24 maxlen: 24
                          89.187.31.0/24 maxlen: 24
                          89.187.25.0/24 maxlen: 24
                          89.187.26.0/24 maxlen: 24
                          89.187.27.0/24 maxlen: 24
                          2a10:e400::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sun 16 Apr 2023 16:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7d:2c:d0:46:09:f5:1b:85:b1:a8:74:ce:88:98:fc:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
        Validity
            Not Before: Apr 14 00:31:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f0ca9d1ce568d114a2111252f444c2faa4b66f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8a:17:ed:29:29:e0:6f:3f:b2:14:82:90:f5:
                    c8:3c:e0:32:9c:fa:1d:b4:29:00:39:e2:8f:43:58:
                    d3:6d:d1:03:a0:7f:ab:c7:df:cc:17:f4:5f:2e:53:
                    26:a5:54:74:52:1f:c2:5c:33:47:f4:20:c4:f9:14:
                    f9:a0:58:18:3b:c4:97:96:bf:94:69:e2:93:99:df:
                    61:54:da:24:d0:06:6f:88:c3:2a:5a:2e:d9:b2:fc:
                    5b:66:cf:55:d5:55:46:a1:f7:91:a7:59:78:42:91:
                    0e:6e:1a:4b:18:2f:96:93:89:fe:04:ad:16:ab:a9:
                    22:bb:4b:1f:e3:9b:b5:f8:25:84:2c:ce:16:99:8b:
                    62:7e:ba:d7:34:7a:35:d6:41:0d:5a:db:26:06:c6:
                    98:cf:e5:01:62:b5:5c:a6:c2:2c:2c:e3:42:dc:ee:
                    bb:ae:dd:b7:d4:83:f0:8b:ca:07:fc:37:17:5a:9e:
                    75:13:1e:8e:e1:38:2d:15:f7:d7:22:42:97:72:40:
                    a3:54:c8:4f:f5:f4:10:37:37:eb:8a:f1:16:0a:6f:
                    06:f8:5a:15:09:cf:9a:18:f9:fd:f8:cc:8d:63:84:
                    a9:55:19:8a:20:13:31:81:e1:3d:c4:61:0a:a1:5e:
                    21:d1:72:95:80:47:3c:fd:b7:96:40:94:8f:dc:a6:
                    5a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:0C:A9:D1:CE:56:8D:11:4A:21:11:25:2F:44:4C:2F:AA:4B:66:F5
            X509v3 Authority Key Identifier:
                keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/nwyp0c5WjRFKIRElL0RML6pLZvU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.0.0/19
                IPv6:
                  2a10:e400::/29

    Signature Algorithm: sha256WithRSAEncryption
         77:61:f3:21:9c:ed:98:ba:84:10:3c:a7:ca:56:b0:54:5e:c5:
         c6:72:a5:c1:02:42:98:18:9f:32:fe:bc:26:1a:9a:bb:7c:4b:
         df:9e:08:19:21:43:3c:a9:5f:10:0a:06:26:ca:f6:d6:45:14:
         6d:c0:70:75:29:ea:7a:be:4f:64:9e:5c:f7:52:a2:35:18:3b:
         9d:14:6e:75:2a:68:56:c2:f0:fe:f3:9e:39:5f:4c:18:26:1f:
         69:2c:d6:c6:73:79:5d:a2:0b:f4:0f:e3:b3:f6:89:b6:02:66:
         e3:4c:c9:97:14:b1:7f:85:d8:ab:a4:6f:fd:83:e2:d4:76:26:
         75:42:af:5c:87:8b:b4:0d:7c:b8:1b:c8:8c:06:d8:89:89:ee:
         de:5d:81:cc:28:a9:cf:97:ae:0a:f7:c9:12:ef:a5:07:79:f7:
         a5:40:48:8d:40:6e:37:93:31:22:43:7e:10:02:fa:d4:cd:20:
         68:30:ee:0e:56:31:62:3c:ae:df:e8:5a:de:29:2a:d4:f2:dc:
         f4:10:04:0d:6c:77:ad:2a:99:59:81:c1:d2:74:06:c1:e5:51:
         54:dc:79:26:b5:cd:4e:17:a6:f0:2d:36:9b:39:ba:93:7f:8d:
         f1:8d:52:73:ce:3c:a2:b4:1d:d5:96:bd:6b:e2:a4:b2:1d:fe:
         ca:ef:79:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd9LNBGCfUbhbGodM6ImPy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNDE0MDAzMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjBjYTlkMWNlNTY4ZDExNGEyMTExMjUyZjQ0NGMyZmFhNGI2NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4oX7Skp4G8/shSCkPXIPOAynPod
tCkAOeKPQ1jTbdEDoH+rx9/MF/RfLlMmpVR0Uh/CXDNH9CDE+RT5oFgYO8SXlr+U
aeKTmd9hVNok0AZviMMqWi7ZsvxbZs9V1VVGofeRp1l4QpEObhpLGC+Wk4n+BK0W
q6kiu0sf45u1+CWELM4WmYtifrrXNHo11kENWtsmBsaYz+UBYrVcpsIsLONC3O67
rt231IPwi8oH/DcXWp51Ex6O4TgtFffXIkKXckCjVMhP9fQQNzfrivEWCm8G+FoV
Cc+aGPn9+MyNY4SpVRmKIBMxgeE9xGEKoV4h0XKVgEc8/beWQJSP3KZanQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ8MqdHOVo0RSiERJS9ETC+qS2b1MB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvbnd5cDBjNVdqUkZLSVJFbEwwUk1MNnBMWnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFWbsAMA0E
AgACMAcDBQMqEOQAMA0GCSqGSIb3DQEBCwUAA4IBAQB3YfMhnO2YuoQQPKfKVrBU
XsXGcqXBAkKYGJ8y/rwmGpq7fEvfnggZIUM8qV8QCgYmyvbWRRRtwHB1Kep6vk9k
nlz3UqI1GDudFG51KmhWwvD+8545X0wYJh9pLNbGc3ldogv0D+Oz9om2AmbjTMmX
FLF/hdirpG/9g+LUdiZ1Qq9ch4u0DXy4G8iMBtiJie7eXYHMKKnPl64K98kS76UH
efelQEiNQG43kzEiQ34QAvrUzSBoMO4OVjFiPK7f6FreKSrU8tz0EAQNbHetKplZ
gcHSdAbB5VFU3Hkmtc1OF6bwLTabObqTf43xjVJzzjyitB3Vlr1r4qSyHf7K73ny
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org