Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/jITLaqPkSUlAPJo-IOSVgWxLvAA.roa
File:                     jITLaqPkSUlAPJo-IOSVgWxLvAA.roa (raw, json)
Hash identifier:          s1615JvWxIMeOHm5sG0/tTvcUzjY6zUysxxNrIm4l7o=
Subject key identifier:   8C:84:CB:6A:A3:E4:49:49:40:3C:9A:3E:20:E4:95:81:6C:4B:BC:00
Certificate issuer:       /CN=7981ea4d507fb0ae07159f6f88def958430fd070
Certificate serial:       018570675327DFA3762D38D36AACD9579D67
Authority key identifier: 79:81:EA:4D:50:7F:B0:AE:07:15:9F:6F:88:DE:F9:58:43:0F:D0:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eYHqTVB_sK4HFZ9viN75WEMP0HA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/jITLaqPkSUlAPJo-IOSVgWxLvAA.roa
Signing time:             Mon 02 Jan 2023 02:54:57 +0000
ROA not before:           Mon 02 Jan 2023 02:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202269
IP address blocks:        89.106.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:53:27:df:a3:76:2d:38:d3:6a:ac:d9:57:9d:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7981ea4d507fb0ae07159f6f88def958430fd070
        Validity
            Not Before: Jan  2 02:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8c84cb6aa3e44949403c9a3e20e495816c4bbc00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c8:ea:95:d5:04:b6:e2:be:d5:10:66:47:67:
                    85:cd:90:1a:3e:4e:d0:15:49:dc:18:2f:13:6d:12:
                    57:ba:7e:84:cc:66:99:4d:75:58:03:a4:dd:8f:5e:
                    86:bb:3a:7a:d4:7c:fa:ed:9f:9a:04:e3:b6:4e:2a:
                    56:a6:d7:79:d9:06:5e:0d:0a:ae:7a:d0:23:14:16:
                    d9:5e:5b:b0:2c:87:e1:f0:a3:29:4e:8e:38:52:18:
                    09:ff:70:66:3c:ac:6a:e4:37:61:e2:3f:15:39:eb:
                    bf:55:6d:05:90:0c:89:63:e4:cf:a8:fb:15:5b:96:
                    51:4d:55:c5:e9:83:5e:c1:06:85:b7:aa:6c:e1:74:
                    23:33:46:bb:bd:68:59:17:8a:44:3d:7e:0f:67:5e:
                    87:e5:94:fa:8b:7f:ab:2b:98:71:86:76:26:74:64:
                    64:e2:52:88:f5:56:15:9a:59:94:2d:6f:8c:46:34:
                    38:b7:96:61:0f:3d:7f:8c:c1:44:23:98:ca:c5:3b:
                    c3:d6:fd:a2:dd:00:e1:5c:36:80:9c:2c:46:30:1a:
                    c4:7e:89:ea:77:23:37:46:62:fb:f2:be:62:9e:c2:
                    b1:01:cf:71:60:3f:18:06:80:30:d8:ab:70:bc:f1:
                    51:1d:1f:3b:37:3a:59:5e:b7:49:b9:89:60:ee:1a:
                    5a:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:84:CB:6A:A3:E4:49:49:40:3C:9A:3E:20:E4:95:81:6C:4B:BC:00
            X509v3 Authority Key Identifier:
                keyid:79:81:EA:4D:50:7F:B0:AE:07:15:9F:6F:88:DE:F9:58:43:0F:D0:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYHqTVB_sK4HFZ9viN75WEMP0HA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/jITLaqPkSUlAPJo-IOSVgWxLvAA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/eYHqTVB_sK4HFZ9viN75WEMP0HA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.106.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         df:f6:08:84:08:32:4e:b7:08:e5:83:db:b3:6e:18:e7:ba:43:
         6f:c1:8a:4d:4e:cb:3f:d0:98:fa:b3:45:84:c8:b2:da:32:e4:
         81:a3:a6:26:be:87:cd:98:8f:9e:56:b2:14:e3:5c:cd:3e:ff:
         85:00:00:8a:80:c7:22:e6:51:72:e7:b3:76:ef:39:b0:86:b8:
         33:38:fc:8f:29:a7:6d:1b:cf:db:c2:57:ec:06:fe:e7:48:62:
         65:b3:32:2f:8a:a6:f5:59:a8:ec:22:76:2e:23:e4:9b:86:26:
         09:e5:6e:d1:d5:73:50:90:1b:ab:21:75:35:04:cb:98:36:23:
         d5:9f:85:26:8c:91:ac:4b:fc:73:60:10:56:91:25:4f:cf:9f:
         fb:8d:c4:e8:71:fb:2e:f1:29:38:c2:d8:dd:ff:89:60:d8:a5:
         2a:0f:da:d9:43:ad:57:79:54:48:f0:b0:8d:64:7c:d4:18:03:
         4d:d8:f6:f0:f2:ed:e3:bf:14:67:ac:d8:7c:c6:17:45:09:b9:
         f0:bc:63:69:9c:32:66:3e:c4:23:cf:7c:26:0b:90:bf:d2:f4:
         2a:95:67:86:38:00:97:cb:ae:cc:85:3f:cb:44:58:16:f2:5e:
         45:85:8f:93:b7:bc:d9:6b:20:82:74:b3:56:fd:a9:60:b0:2c:
         72:39:27:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1Mn36N2LTjTaqzZV51nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODFlYTRkNTA3ZmIwYWUwNzE1OWY2Zjg4ZGVmOTU4NDMw
ZmQwNzAwHhcNMjMwMTAyMDI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzg0Y2I2YWEzZTQ0OTQ5NDAzYzlhM2UyMGU0OTU4MTZjNGJiYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysjqldUEtuK+1RBmR2eFzZAaPk7Q
FUncGC8TbRJXun6EzGaZTXVYA6Tdj16Guzp61Hz67Z+aBOO2TipWptd52QZeDQqu
etAjFBbZXluwLIfh8KMpTo44UhgJ/3BmPKxq5Ddh4j8VOeu/VW0FkAyJY+TPqPsV
W5ZRTVXF6YNewQaFt6ps4XQjM0a7vWhZF4pEPX4PZ16H5ZT6i3+rK5hxhnYmdGRk
4lKI9VYVmlmULW+MRjQ4t5ZhDz1/jMFEI5jKxTvD1v2i3QDhXDaAnCxGMBrEfonq
dyM3RmL78r5insKxAc9xYD8YBoAw2KtwvPFRHR87NzpZXrdJuYlg7hpacwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyEy2qj5ElJQDyaPiDklYFsS7wAMB8GA1UdIwQY
MBaAFHmB6k1Qf7CuBxWfb4je+VhDD9BwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlIcVRWQl9zSzRIRlo5dmlONzVXRU1QMEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lNDRiZDctMGY3MC00NWM4LTg1NmUt
NDBlMmVmMzM4M2IwLzEvaklUTGFxUGtTVWxBUEpvLUlPU1ZnV3hMdkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lNDRiZDctMGY3MC00NWM4LTg1NmUtNDBlMmVmMzM4M2Iw
LzEvZVlIcVRWQl9zSzRIRlo5dmlONzVXRU1QMEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWrOMA0G
CSqGSIb3DQEBCwUAA4IBAQDf9giECDJOtwjlg9uzbhjnukNvwYpNTss/0Jj6s0WE
yLLaMuSBo6YmvofNmI+eVrIU41zNPv+FAACKgMci5lFy57N27zmwhrgzOPyPKadt
G8/bwlfsBv7nSGJlszIviqb1WajsInYuI+SbhiYJ5W7R1XNQkBurIXU1BMuYNiPV
n4UmjJGsS/xzYBBWkSVPz5/7jcTocfsu8Sk4wtjd/4lg2KUqD9rZQ61XeVRI8LCN
ZHzUGANN2Pbw8u3jvxRnrNh8xhdFCbnwvGNpnDJmPsQjz3wmC5C/0vQqlWeGOACX
y67MhT/LRFgW8l5FhY+Tt7zZayCCdLNW/algsCxyOSfH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:15 2024 by rpki-client on console-ams.rpki-client.org