Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/37a134-4c48-4b5a-b443-52d982d21dff/1/XA8HmIzT3gT3f9p6kui06NpUUVo.roa
File:                     XA8HmIzT3gT3f9p6kui06NpUUVo.roa (raw, json)
Hash identifier:          FwTh5v02HuLuJ3VN077Z8YVfI75Wvas6k6uVEeGwIHc=
Subject key identifier:   5C:0F:07:98:8C:D3:DE:04:F7:7F:DA:7A:92:E8:B4:E8:DA:54:51:5A
Certificate issuer:       /CN=6f79b58a3bfa38be90936c314f14b0d9c359acc1
Certificate serial:       0185734CA900CF6894269CB326FB66A107EA
Authority key identifier: 6F:79:B5:8A:3B:FA:38:BE:90:93:6C:31:4F:14:B0:D9:C3:59:AC:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b3m1ijv6OL6Qk2wxTxSw2cNZrME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/37a134-4c48-4b5a-b443-52d982d21dff/1/XA8HmIzT3gT3f9p6kui06NpUUVo.roa
Signing time:             Mon 02 Jan 2023 16:24:41 +0000
ROA not before:           Mon 02 Jan 2023 16:24:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50078
IP address blocks:        193.104.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:4c:a9:00:cf:68:94:26:9c:b3:26:fb:66:a1:07:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f79b58a3bfa38be90936c314f14b0d9c359acc1
        Validity
            Not Before: Jan  2 16:24:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c0f07988cd3de04f77fda7a92e8b4e8da54515a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:51:5a:6e:09:f1:f0:90:d5:33:17:4c:e8:f2:
                    dc:01:c5:c6:66:fa:60:9c:25:4d:40:56:73:d9:76:
                    0d:b9:d1:98:0c:66:df:32:fe:ab:6c:5f:ea:61:ba:
                    8b:dd:fc:ed:85:2d:e2:cd:bd:e5:6d:7d:24:2a:ac:
                    97:dc:52:df:63:25:9a:2e:e0:cb:56:53:24:6e:20:
                    9d:86:62:1b:b7:41:39:6a:73:8c:0d:95:87:f1:2d:
                    91:0a:c6:f0:e3:78:60:e1:df:b4:95:b3:d0:6c:30:
                    19:53:9c:59:04:8e:d0:ed:fa:c5:0e:70:23:05:5c:
                    52:b4:8c:d1:ef:4a:e9:3f:15:20:a8:81:b3:5c:b1:
                    ce:d7:ca:8a:be:8c:19:72:c3:e2:8c:30:60:07:72:
                    26:7f:05:f1:a6:ea:48:12:09:7d:01:b5:40:b6:29:
                    47:b7:d1:7b:1c:a4:55:58:32:3a:e6:f4:7c:41:eb:
                    36:2b:be:19:40:da:b9:bb:93:f0:97:d3:08:01:27:
                    de:d0:30:4a:91:0c:e6:65:ad:33:3b:50:d6:70:b9:
                    b9:08:86:59:fd:9b:50:1d:30:4e:03:41:84:9e:30:
                    a0:61:b4:78:e8:db:c6:87:f4:e4:62:bc:2d:cd:46:
                    e4:f1:71:21:6f:68:4f:a6:b7:81:92:d1:f3:68:7a:
                    a2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:0F:07:98:8C:D3:DE:04:F7:7F:DA:7A:92:E8:B4:E8:DA:54:51:5A
            X509v3 Authority Key Identifier:
                keyid:6F:79:B5:8A:3B:FA:38:BE:90:93:6C:31:4F:14:B0:D9:C3:59:AC:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3m1ijv6OL6Qk2wxTxSw2cNZrME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37a134-4c48-4b5a-b443-52d982d21dff/1/XA8HmIzT3gT3f9p6kui06NpUUVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37a134-4c48-4b5a-b443-52d982d21dff/1/b3m1ijv6OL6Qk2wxTxSw2cNZrME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.104.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:bf:a9:e2:5e:5d:7f:37:ed:b5:9d:a5:0c:5d:f4:ab:33:49:
         37:98:71:fa:dc:12:54:d6:79:24:ca:c9:d1:5a:a3:c3:06:4e:
         92:2a:2d:6f:52:5a:d7:f0:32:ee:79:cd:8a:51:bb:82:04:c4:
         1b:af:e8:43:d1:06:41:f7:e0:ac:90:11:e1:8d:cf:62:7f:e9:
         ed:55:40:bb:24:9f:fe:7b:9c:06:c1:be:e0:be:d1:81:53:c5:
         e5:39:f8:a5:ff:40:e2:ad:be:c4:15:53:ce:1d:7d:ed:5e:ec:
         66:4a:08:45:17:66:52:22:05:30:7c:9b:63:4a:58:2d:4d:6d:
         74:47:ae:3d:fb:ad:81:ef:2c:8f:4d:da:1f:c8:e0:6c:c0:52:
         fe:8a:73:25:6e:75:7e:0b:10:28:0e:ff:e8:4f:29:c8:40:47:
         84:e5:0f:65:eb:f1:ac:7e:6c:07:b1:5e:6a:b1:bf:5e:fd:aa:
         1b:ad:c9:94:db:3a:a1:21:6d:3a:9b:3c:cf:4d:90:ff:79:5e:
         5f:ad:f2:fd:44:f7:c9:e0:0b:f6:ef:6d:cf:a4:fb:a7:15:d1:
         c9:bb:19:e5:ce:17:78:e5:9c:b5:2b:86:87:94:d7:e9:90:e8:
         e3:d4:61:54:23:3d:e2:b9:9a:08:e4:6c:eb:2a:fa:44:15:15:
         e5:b8:93:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTKkAz2iUJpyzJvtmoQfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzliNThhM2JmYTM4YmU5MDkzNmMzMTRmMTRiMGQ5YzM1
OWFjYzEwHhcNMjMwMTAyMTYyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBmMDc5ODhjZDNkZTA0Zjc3ZmRhN2E5MmU4YjRlOGRhNTQ1MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlFabgnx8JDVMxdM6PLcAcXGZvpg
nCVNQFZz2XYNudGYDGbfMv6rbF/qYbqL3fzthS3izb3lbX0kKqyX3FLfYyWaLuDL
VlMkbiCdhmIbt0E5anOMDZWH8S2RCsbw43hg4d+0lbPQbDAZU5xZBI7Q7frFDnAj
BVxStIzR70rpPxUgqIGzXLHO18qKvowZcsPijDBgB3ImfwXxpupIEgl9AbVAtilH
t9F7HKRVWDI65vR8Qes2K74ZQNq5u5Pwl9MIASfe0DBKkQzmZa0zO1DWcLm5CIZZ
/ZtQHTBOA0GEnjCgYbR46NvGh/TkYrwtzUbk8XEhb2hPpreBktHzaHqi2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwPB5iM094E93/aepLotOjaVFFaMB8GA1UdIwQY
MBaAFG95tYo7+ji+kJNsMU8UsNnDWazBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNtMWlqdjZPTDZRazJ3eFR4U3cyY05ack1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zN2ExMzQtNGM0OC00YjVhLWI0NDMt
NTJkOTgyZDIxZGZmLzEvWEE4SG1JelQzZ1QzZjlwNmt1aTA2TnBVVVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zN2ExMzQtNGM0OC00YjVhLWI0NDMtNTJkOTgyZDIxZGZm
LzEvYjNtMWlqdjZPTDZRazJ3eFR4U3cyY05ack1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWhZMA0G
CSqGSIb3DQEBCwUAA4IBAQCRv6niXl1/N+21naUMXfSrM0k3mHH63BJU1nkkysnR
WqPDBk6SKi1vUlrX8DLuec2KUbuCBMQbr+hD0QZB9+CskBHhjc9if+ntVUC7JJ/+
e5wGwb7gvtGBU8XlOfil/0Dirb7EFVPOHX3tXuxmSghFF2ZSIgUwfJtjSlgtTW10
R649+62B7yyPTdofyOBswFL+inMlbnV+CxAoDv/oTynIQEeE5Q9l6/GsfmwHsV5q
sb9e/aobrcmU2zqhIW06mzzPTZD/eV5frfL9RPfJ4Av2723PpPunFdHJuxnlzhd4
5Zy1K4aHlNfpkOjj1GFUIz3iuZoI5GzrKvpEFRXluJMN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:57 2024 by rpki-client on console-ams.rpki-client.org