Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/D0UHsj2P2zC3C8Y6Xi2x86d7N1w.roa
File:                     D0UHsj2P2zC3C8Y6Xi2x86d7N1w.roa (raw, json)
Hash identifier:          7JwC+9Zjdhp6tB2zF1P1d4YVHkVgI3FoMi4iT/4laWg=
Subject key identifier:   0F:45:07:B2:3D:8F:DB:30:B7:0B:C6:3A:5E:2D:B1:F3:A7:7B:37:5C
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       018570305B2D7948D457A4F3817250F411FB
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/D0UHsj2P2zC3C8Y6Xi2x86d7N1w.roa
Signing time:             Mon 02 Jan 2023 01:54:55 +0000
ROA not before:           Mon 02 Jan 2023 01:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12589
IP address blocks:        194.88.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:5b:2d:79:48:d4:57:a4:f3:81:72:50:f4:11:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  2 01:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f4507b23d8fdb30b70bc63a5e2db1f3a77b375c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:10:50:3c:d4:9b:8b:1f:ce:69:f6:3e:8a:b0:
                    31:4d:74:86:31:40:4f:50:ab:57:83:d3:44:0f:e9:
                    93:81:23:e7:40:35:9e:c7:36:cf:99:8f:55:d5:11:
                    d0:c8:f9:e9:20:f8:2d:f4:28:55:6b:94:67:e0:72:
                    e5:9d:e0:88:fe:80:c2:08:e1:65:dc:7c:bf:07:5b:
                    bd:a7:24:f2:f6:30:ac:07:48:ad:6b:b2:03:43:16:
                    ec:d8:e6:6b:30:19:b6:68:c6:d4:37:75:cc:df:23:
                    c6:31:98:42:9f:6c:92:64:80:b3:fc:a1:10:ce:91:
                    fa:7e:48:70:1d:e1:df:bb:a5:31:eb:23:94:4b:fb:
                    6b:4f:af:47:aa:99:84:ca:fc:62:1b:82:55:20:7a:
                    d0:c4:eb:1d:45:35:45:7a:d7:e2:f4:16:d8:3e:31:
                    ad:bf:4c:77:83:4d:9e:b5:4d:e9:e8:76:4f:37:1a:
                    b3:51:03:4a:49:7f:15:8b:9a:f6:4f:e2:ea:ec:28:
                    c7:bc:41:99:6b:05:94:c9:bb:2e:49:89:de:37:22:
                    b2:95:43:02:0f:9a:3b:41:fb:fb:c8:f3:72:3e:5b:
                    01:c0:1d:ca:fe:f0:c8:e7:5a:31:04:f6:e7:5a:32:
                    14:dc:2b:b6:9e:38:9e:4e:4f:6f:78:6c:48:83:7a:
                    ea:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:45:07:B2:3D:8F:DB:30:B7:0B:C6:3A:5E:2D:B1:F3:A7:7B:37:5C
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/D0UHsj2P2zC3C8Y6Xi2x86d7N1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.88.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:12:7c:4b:f9:79:69:2a:7f:0f:4d:61:27:4f:15:91:7b:ed:
         ce:99:4a:24:3b:96:d3:ab:09:dd:12:b4:96:e3:69:ce:24:40:
         17:a8:d7:34:2d:5d:03:98:2b:ce:77:b2:00:a2:72:9a:a2:e1:
         f8:ea:a4:18:0b:cf:d7:1a:d3:ba:ce:8c:be:b7:bb:bb:a9:06:
         03:47:03:ce:bc:a6:cf:08:6f:1b:1a:ab:e3:3c:0a:4e:f2:4b:
         f1:2f:a0:1a:6a:b2:39:ea:a3:51:af:83:b6:13:82:66:3c:8d:
         48:33:87:54:72:b9:c5:10:58:73:60:6d:e2:61:ce:f0:8c:f8:
         ed:3d:99:6c:1e:68:e0:99:9b:f7:67:5b:55:90:00:cd:1e:2c:
         b2:b5:3b:3f:90:20:4e:a9:2c:d1:4f:01:45:fc:94:2c:38:8d:
         aa:4c:c7:8d:c6:07:bd:19:df:f3:8d:2b:1b:d0:f8:da:8e:c6:
         b0:5d:f2:ed:3d:14:50:2f:00:58:93:33:d0:4b:80:1f:4f:e9:
         fb:5a:b9:b2:2d:bf:58:d2:58:6e:47:e2:23:9e:36:20:f1:de:
         2b:f6:23:6a:15:c0:44:46:4a:ac:4d:53:c3:64:4e:74:79:04:
         ad:fc:37:1c:c5:b2:e8:5d:73:0c:ff:42:4a:e3:c1:4f:5b:f2:
         12:08:97:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMFsteUjUV6TzgXJQ9BH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQ1MDdiMjNkOGZkYjMwYjcwYmM2M2E1ZTJkYjFmM2E3N2IzNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhBQPNSbix/OafY+irAxTXSGMUBP
UKtXg9NED+mTgSPnQDWexzbPmY9V1RHQyPnpIPgt9ChVa5Rn4HLlneCI/oDCCOFl
3Hy/B1u9pyTy9jCsB0ita7IDQxbs2OZrMBm2aMbUN3XM3yPGMZhCn2ySZICz/KEQ
zpH6fkhwHeHfu6Ux6yOUS/trT69HqpmEyvxiG4JVIHrQxOsdRTVFetfi9BbYPjGt
v0x3g02etU3p6HZPNxqzUQNKSX8Vi5r2T+Lq7CjHvEGZawWUybsuSYneNyKylUMC
D5o7Qfv7yPNyPlsBwB3K/vDI51oxBPbnWjIU3Cu2njieTk9veGxIg3rqtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9FB7I9j9swtwvGOl4tsfOnezdcMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvRDBVSHNqMlAyekMzQzhZNlhpMng4NmQ3TjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlgtMA0G
CSqGSIb3DQEBCwUAA4IBAQCEEnxL+XlpKn8PTWEnTxWRe+3OmUokO5bTqwndErSW
42nOJEAXqNc0LV0DmCvOd7IAonKaouH46qQYC8/XGtO6zoy+t7u7qQYDRwPOvKbP
CG8bGqvjPApO8kvxL6AaarI56qNRr4O2E4JmPI1IM4dUcrnFEFhzYG3iYc7wjPjt
PZlsHmjgmZv3Z1tVkADNHiyytTs/kCBOqSzRTwFF/JQsOI2qTMeNxge9Gd/zjSsb
0PjajsawXfLtPRRQLwBYkzPQS4AfT+n7WrmyLb9Y0lhuR+IjnjYg8d4r9iNqFcBE
RkqsTVPDZE50eQSt/DccxbLoXXMM/0JK48FPW/ISCJdL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org