Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/xen4uTdcUHrIAj4WUqoSwUUvVgU.roa
File:                     xen4uTdcUHrIAj4WUqoSwUUvVgU.roa (raw, json)
Hash identifier:          pMEELdh6mU1zotOLdniSRyrIuGvbvVOn/bhzJv5DhIk=
Subject key identifier:   C5:E9:F8:B9:37:5C:50:7A:C8:02:3E:16:52:AA:12:C1:45:2F:56:05
Certificate issuer:       /CN=7ebb888f2b99de9972e2446eba058ab8e2cd7b3f
Certificate serial:       018F508F901847F8EA8D2DD55F2F6D519698
Authority key identifier: 7E:BB:88:8F:2B:99:DE:99:72:E2:44:6E:BA:05:8A:B8:E2:CD:7B:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fruIjyuZ3ply4kRuugWKuOLNez8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/xen4uTdcUHrIAj4WUqoSwUUvVgU.roa
Signing time:             Tue 07 May 2024 00:58:56 +0000
ROA not before:           Tue 07 May 2024 00:58:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216018
IP address blocks:        185.77.88.0/24 maxlen: 24
                          185.77.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 07 Jun 2024 15:19:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:50:8f:90:18:47:f8:ea:8d:2d:d5:5f:2f:6d:51:96:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ebb888f2b99de9972e2446eba058ab8e2cd7b3f
        Validity
            Not Before: May  7 00:58:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c5e9f8b9375c507ac8023e1652aa12c1452f5605
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:59:ab:7a:b3:4f:72:38:9c:26:92:0f:dc:8c:
                    68:06:e8:03:45:a8:1c:e5:1f:e8:ac:71:51:5a:4c:
                    f9:5f:e9:07:40:de:43:c8:f7:d4:b7:8b:1b:a3:bd:
                    fa:1b:b9:16:c5:9a:7b:75:23:cb:b8:b7:96:a5:81:
                    c5:4f:f3:55:73:c9:6c:07:a7:c4:57:65:b7:72:83:
                    df:2d:35:3c:1e:3d:f3:2e:9e:3d:2c:2c:c4:b7:9c:
                    f3:48:f8:4a:c5:50:f9:50:c8:e4:38:d7:6b:eb:ba:
                    bb:b6:1f:e2:a7:21:0c:f7:cd:5b:1e:5f:41:fb:6a:
                    e0:e5:22:bc:df:87:07:95:ad:52:b3:e8:8d:58:0f:
                    b5:59:98:4d:bb:29:ae:3c:4e:07:99:2e:e9:d8:30:
                    20:ee:50:ae:db:24:29:12:51:db:d5:b5:7d:02:51:
                    f6:3f:bc:2a:e0:bd:8a:34:41:cd:8a:67:19:d3:f3:
                    9c:d7:b4:24:8d:0d:4d:41:dc:1d:01:19:c4:d6:15:
                    c7:63:ab:a8:ae:38:50:e1:d7:d5:0b:7f:57:4d:b9:
                    c2:63:6c:97:9e:79:40:be:a7:a0:c8:24:03:d1:85:
                    6f:9e:52:d0:dc:ee:8f:0b:0b:cf:20:5d:46:e4:e6:
                    3c:34:80:63:f1:42:5a:0c:26:6f:b9:15:5f:fd:4b:
                    3a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:E9:F8:B9:37:5C:50:7A:C8:02:3E:16:52:AA:12:C1:45:2F:56:05
            X509v3 Authority Key Identifier:
                keyid:7E:BB:88:8F:2B:99:DE:99:72:E2:44:6E:BA:05:8A:B8:E2:CD:7B:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fruIjyuZ3ply4kRuugWKuOLNez8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/xen4uTdcUHrIAj4WUqoSwUUvVgU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/fruIjyuZ3ply4kRuugWKuOLNez8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.77.88.0/24
                  185.77.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:82:f3:26:3e:b7:79:d5:65:fb:52:d1:b6:76:61:31:fe:17:
         36:05:8c:66:aa:a1:02:1d:63:ea:24:87:47:93:7e:19:42:ee:
         b7:f7:4e:cd:e4:c8:3c:64:36:f0:d7:8f:87:d9:ea:1e:8b:8c:
         a9:3f:7c:9c:09:3c:f3:e4:0f:4c:1e:f8:b1:29:ff:f6:a6:41:
         c3:04:fd:f0:5d:31:a1:93:62:87:39:e7:b6:9b:1a:e7:6b:20:
         62:a3:0a:03:fd:d1:82:06:ed:fd:bf:4f:09:a6:80:68:a7:ab:
         5b:ed:c1:0d:3d:26:e3:7b:96:98:bd:e7:d1:7d:27:b5:27:ca:
         b6:5e:42:fc:71:1f:cd:f3:0a:cb:49:c5:d3:79:fd:db:4c:65:
         cb:e7:72:e1:e3:1a:11:3c:dd:ff:3a:04:42:48:97:b4:97:b0:
         88:7d:7e:73:e2:25:39:83:ee:9a:a0:92:53:69:9b:a8:cd:98:
         f7:e1:d5:18:cb:89:c7:b7:d9:29:51:2b:60:57:7c:a9:06:81:
         4d:c9:3a:c6:7e:25:bc:96:18:02:b1:e3:da:c6:ea:1a:7d:68:
         a4:36:41:f1:c2:eb:e0:3c:0b:de:6d:9a:82:87:46:a1:62:0a:
         8d:dc:bc:9e:84:8c:5f:22:1e:8e:df:ee:13:e5:de:3a:8f:e8:
         cc:be:8f:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9Qj5AYR/jqjS3VXy9tUZaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYmI4ODhmMmI5OWRlOTk3MmUyNDQ2ZWJhMDU4YWI4ZTJj
ZDdiM2YwHhcNMjQwNTA3MDA1ODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWU5ZjhiOTM3NWM1MDdhYzgwMjNlMTY1MmFhMTJjMTQ1MmY1NjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFmrerNPcjicJpIP3IxoBugDRagc
5R/orHFRWkz5X+kHQN5DyPfUt4sbo736G7kWxZp7dSPLuLeWpYHFT/NVc8lsB6fE
V2W3coPfLTU8Hj3zLp49LCzEt5zzSPhKxVD5UMjkONdr67q7th/ipyEM981bHl9B
+2rg5SK834cHla1Ss+iNWA+1WZhNuymuPE4HmS7p2DAg7lCu2yQpElHb1bV9AlH2
P7wq4L2KNEHNimcZ0/Oc17QkjQ1NQdwdARnE1hXHY6uorjhQ4dfVC39XTbnCY2yX
nnlAvqegyCQD0YVvnlLQ3O6PCwvPIF1G5OY8NIBj8UJaDCZvuRVf/Us6eQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMXp+Lk3XFB6yAI+FlKqEsFFL1YFMB8GA1UdIwQY
MBaAFH67iI8rmd6ZcuJEbroFirjizXs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJ1SWp5dVozcGx5NGtSdXVnV0t1T0xOZXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9lMWIzNGEtZjM4OC00ZGRkLTkyY2Qt
ZTFjMGE0ZDA0OTE3LzEveGVuNHVUZGNVSHJJQWo0V1Vxb1N3VVV2VmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9lMWIzNGEtZjM4OC00ZGRkLTkyY2QtZTFjMGE0ZDA0OTE3
LzEvZnJ1SWp5dVozcGx5NGtSdXVnV0t1T0xOZXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuU1YAwQA
uU1bMA0GCSqGSIb3DQEBCwUAA4IBAQA4gvMmPrd51WX7UtG2dmEx/hc2BYxmqqEC
HWPqJIdHk34ZQu63907N5Mg8ZDbw14+H2eoei4ypP3ycCTzz5A9MHvixKf/2pkHD
BP3wXTGhk2KHOee2mxrnayBiowoD/dGCBu39v08JpoBop6tb7cENPSbje5aYvefR
fSe1J8q2XkL8cR/N8wrLScXTef3bTGXL53Lh4xoRPN3/OgRCSJe0l7CIfX5z4iU5
g+6aoJJTaZuozZj34dUYy4nHt9kpUStgV3ypBoFNyTrGfiW8lhgCsePaxuoafWik
NkHxwuvgPAvebZqCh0ahYgqN3LyehIxfIh6O3+4T5d46j+jMvo+S
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:09:26 2024 by rpki-client on console-fra.rpki-client.org