Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/sYMQx30DuPdbtHy3N2tZjx5I95A.roa
File:                     sYMQx30DuPdbtHy3N2tZjx5I95A.roa (raw, json)
Hash identifier:          4miKYgHNu4Mcl9v4BgtzeqIX3V0aBbPLIWkbXARypqE=
Subject key identifier:   B1:83:10:C7:7D:03:B8:F7:5B:B4:7C:B7:37:6B:59:8F:1E:48:F7:90
Certificate issuer:       /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial:       0187DDA221BA126140C3892ABEDC0814BA49
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/sYMQx30DuPdbtHy3N2tZjx5I95A.roa
Signing time:             Tue 02 May 2023 18:03:22 +0000
ROA not before:           Tue 02 May 2023 18:03:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.187.8.0/24 maxlen: 24
                          89.187.6.0/24 maxlen: 24
                          89.187.15.0/24 maxlen: 24
                          89.187.17.0/24 maxlen: 24
                          89.187.18.0/24 maxlen: 24
                          89.187.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 May 2023 10:39:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:dd:a2:21:ba:12:61:40:c3:89:2a:be:dc:08:14:ba:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
        Validity
            Not Before: May  2 18:03:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b18310c77d03b8f75bb47cb7376b598f1e48f790
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:e2:fc:e1:22:d2:07:72:90:93:da:c6:87:7c:
                    42:06:87:65:a9:75:64:da:be:18:24:26:9f:44:6c:
                    1a:36:6a:74:a6:35:53:c8:13:39:f7:38:4a:03:83:
                    11:6c:82:32:cb:80:46:b9:93:d2:6e:fe:ca:19:c3:
                    3d:b4:09:14:c8:f5:79:a1:5e:bf:94:af:44:3a:4a:
                    67:42:fe:28:38:d2:10:7c:3a:61:33:3e:35:2b:11:
                    90:e3:a4:c1:9f:e4:05:34:e3:1b:2b:dc:ef:5d:b9:
                    a0:52:52:33:6e:a6:d1:e8:8f:28:8e:0e:bb:af:c3:
                    f2:ea:0c:9c:ff:9d:1e:9f:9c:7a:74:da:ee:a3:9a:
                    ac:08:5f:50:ff:1f:ec:74:a3:0c:49:fa:2e:9b:54:
                    5a:7d:a2:64:af:e1:86:6c:6c:36:45:ff:59:6b:d1:
                    28:21:f9:08:37:28:1a:c7:5f:aa:3d:6c:8b:7f:d1:
                    cb:af:37:91:dc:94:09:57:71:02:74:7e:19:21:5a:
                    7a:de:44:24:3f:0e:32:fa:dd:5f:2c:fc:9d:ae:e8:
                    88:cb:d3:af:bd:38:72:8a:99:35:c3:fb:30:b5:82:
                    01:9f:80:ca:48:00:0f:68:54:44:c3:f6:39:1d:e2:
                    15:ae:9d:ad:2d:97:2a:c4:9f:02:bf:d4:6d:87:6f:
                    ca:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:83:10:C7:7D:03:B8:F7:5B:B4:7C:B7:37:6B:59:8F:1E:48:F7:90
            X509v3 Authority Key Identifier:
                keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/sYMQx30DuPdbtHy3N2tZjx5I95A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.6.0/24
                  89.187.8.0/24
                  89.187.15.0/24
                  89.187.17.0-89.187.19.255

    Signature Algorithm: sha256WithRSAEncryption
         d8:e2:6a:8d:72:ce:ce:ea:50:a9:bb:32:e0:fc:49:d8:ec:9a:
         b0:c6:98:58:26:c9:af:49:e4:82:68:6d:87:4e:7d:60:06:fb:
         71:cc:ad:e3:c1:7b:5b:9e:6b:ff:84:7c:2b:fc:7f:16:59:80:
         8a:a3:20:be:37:6d:dc:36:ba:66:2f:c2:f0:10:88:56:8f:77:
         52:2f:b7:5d:42:d1:1c:28:e8:6c:ba:2a:be:e9:e3:a1:89:05:
         81:5d:e4:99:24:e8:c9:31:c0:48:ff:4a:85:11:85:45:39:16:
         e7:33:00:fa:4b:39:95:91:00:8e:5c:e6:bb:53:84:f4:6c:e8:
         f3:d6:36:93:e6:8c:f3:67:22:c0:6c:5c:ab:9d:6a:44:35:c9:
         d6:10:7c:cc:67:8c:a8:8c:7e:72:6c:87:04:13:95:c6:20:7d:
         94:86:f2:d8:e8:47:e8:2d:f9:60:3f:aa:ea:f2:52:65:46:64:
         9e:8e:b4:d7:17:47:16:6a:60:ca:66:57:48:42:7a:38:37:83:
         cf:e5:7a:1b:56:11:0c:9c:0b:74:d8:8f:37:db:89:31:0c:74:
         81:3c:a3:8d:8f:58:17:92:68:91:e7:f2:88:94:85:34:4a:4b:
         2e:f7:b8:f5:7a:05:e8:5f:ec:fe:6e:09:a0:b3:ac:15:74:42:
         d9:8c:bd:11
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYfdoiG6EmFAw4kqvtwIFLpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNTAyMTgwMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTgzMTBjNzdkMDNiOGY3NWJiNDdjYjczNzZiNTk4ZjFlNDhmNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+L84SLSB3KQk9rGh3xCBodlqXVk
2r4YJCafRGwaNmp0pjVTyBM59zhKA4MRbIIyy4BGuZPSbv7KGcM9tAkUyPV5oV6/
lK9EOkpnQv4oONIQfDphMz41KxGQ46TBn+QFNOMbK9zvXbmgUlIzbqbR6I8ojg67
r8Py6gyc/50en5x6dNruo5qsCF9Q/x/sdKMMSfoum1RafaJkr+GGbGw2Rf9Za9Eo
IfkINygax1+qPWyLf9HLrzeR3JQJV3ECdH4ZIVp63kQkPw4y+t1fLPydruiIy9Ov
vThyipk1w/swtYIBn4DKSAAPaFREw/Y5HeIVrp2tLZcqxJ8Cv9Rth2/KsQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLGDEMd9A7j3W7R8tzdrWY8eSPeQMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvc1lNUXgzMER1UGRidEh5M04ydFpqeDVJOTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWbsGAwQA
WbsIAwQAWbsPMAwDBABZuxEDBAJZuxAwDQYJKoZIhvcNAQELBQADggEBANjiao1y
zs7qUKm7MuD8SdjsmrDGmFgmya9J5IJobYdOfWAG+3HMrePBe1uea/+EfCv8fxZZ
gIqjIL43bdw2umYvwvAQiFaPd1Ivt11C0Rwo6Gy6Kr7p46GJBYFd5Jkk6MkxwEj/
SoURhUU5FuczAPpLOZWRAI5c5rtThPRs6PPWNpPmjPNnIsBsXKudakQ1ydYQfMxn
jKiMfnJshwQTlcYgfZSG8tjoR+gt+WA/quryUmVGZJ6OtNcXRxZqYMpmV0hCejg3
g8/lehtWEQycC3TYjzfbiTEMdIE8o42PWBeSaJHn8oiUhTRKSy73uPV6Behf7P5u
CaCzrBV0QtmMvRE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:03 2024 by rpki-client on console-ams.rpki-client.org