Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/Am3GFLu5y5CscVP6NAlnN2Ev2P0.roa
File:                     Am3GFLu5y5CscVP6NAlnN2Ev2P0.roa (raw, json)
Hash identifier:          A1SneQ1TvzabpoQk3ijYNo5NRUG/KYWkXYIeGnMopMY=
Subject key identifier:   02:6D:C6:14:BB:B9:CB:90:AC:71:53:FA:34:09:67:37:61:2F:D8:FD
Certificate issuer:       /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial:       0185826085D97263874E166557E75D827E0D
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/Am3GFLu5y5CscVP6NAlnN2Ev2P0.roa
Signing time:             Thu 05 Jan 2023 14:40:41 +0000
ROA not before:           Thu 05 Jan 2023 14:40:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        89.111.15.128/26 maxlen: 26
                          2a00:17c0:c4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:82:60:85:d9:72:63:87:4e:16:65:57:e7:5d:82:7e:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
        Validity
            Not Before: Jan  5 14:40:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=026dc614bbb9cb90ac7153fa34096737612fd8fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:36:a2:57:e2:04:24:31:f9:9a:16:a6:3e:1c:
                    1b:14:55:e1:28:c2:3e:07:4e:e6:89:ba:23:a6:84:
                    56:e9:32:30:56:31:e2:1d:9c:86:49:4c:13:4e:5a:
                    a5:f7:68:87:5f:77:0e:b3:bc:32:ae:0f:49:ab:cb:
                    b7:c7:2b:67:e2:71:0b:af:7e:13:b7:34:8b:35:0d:
                    c4:58:48:6e:6d:6a:28:66:7f:39:65:96:13:d0:39:
                    2f:c6:bc:b0:a8:83:2f:61:92:1a:ff:05:db:6e:40:
                    35:c4:17:f2:b8:47:9c:13:2a:41:a2:24:0a:b1:41:
                    48:4a:17:07:6e:e1:7c:6c:98:77:cb:36:d0:01:13:
                    dd:bf:31:53:6b:75:17:0e:62:14:20:8b:59:c0:8b:
                    6b:5a:63:ca:17:12:3a:d8:0b:25:e4:12:6a:c0:a5:
                    e2:3d:be:0c:b3:2b:cf:71:d9:00:a3:a9:24:8d:64:
                    98:4e:d0:39:7b:5d:6b:23:12:9f:39:9d:fa:54:0e:
                    68:e6:98:25:69:1c:d6:60:e0:31:2e:43:1d:08:fe:
                    d0:a2:e4:82:3e:70:52:df:fb:f1:08:42:77:ec:01:
                    5f:5c:6c:f0:3f:fe:03:3c:ac:eb:45:4d:51:ff:bb:
                    b6:5b:ab:47:f5:f6:76:13:bc:0e:d0:47:30:fd:fc:
                    60:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:6D:C6:14:BB:B9:CB:90:AC:71:53:FA:34:09:67:37:61:2F:D8:FD
            X509v3 Authority Key Identifier:
                keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/Am3GFLu5y5CscVP6NAlnN2Ev2P0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.111.15.128/26
                IPv6:
                  2a00:17c0:c4::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:85:fa:a2:cf:30:c4:5f:0b:95:49:6a:13:26:dd:d3:1e:07:
         58:43:c8:58:89:ce:fd:7c:e7:7b:73:59:bd:d9:b7:aa:7e:05:
         76:a2:6c:ea:71:cf:98:33:7e:99:8b:26:a8:8a:fa:f8:36:c1:
         c5:d6:eb:8e:4e:86:d0:d0:03:1e:d0:4d:d5:d4:8a:6c:38:5b:
         28:72:90:30:67:17:93:30:a0:8e:43:dd:2a:86:b9:e1:40:12:
         34:fb:92:db:1e:e9:11:59:4f:16:e4:1b:31:bd:72:cc:6f:d0:
         94:15:aa:ed:19:97:20:58:a6:e1:74:6b:f2:47:9d:9a:f8:02:
         b9:13:2f:89:cd:ca:8e:c6:4a:00:6d:6a:17:ca:86:a0:1b:47:
         52:53:71:61:3c:24:28:b5:6a:92:97:92:da:88:28:ec:a7:55:
         c7:10:77:9e:b3:76:91:27:3d:08:ea:09:f4:42:61:88:d8:b5:
         d9:8f:8d:ed:4d:33:62:9c:08:fd:a0:46:74:f5:32:3a:96:a2:
         90:94:90:dc:0b:c4:ab:ed:1a:63:c3:f8:ed:bd:4a:ed:1a:e7:
         36:24:c0:5e:20:e0:1e:96:76:93:67:bb:bb:eb:61:53:b0:df:
         44:f4:aa:d1:cb:ba:07:22:e6:4b:2d:4b:7a:f9:9d:32:9f:7b:
         ed:03:24:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWCYIXZcmOHThZlV+ddgn4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3
NGRlMGYwHhcNMjMwMTA1MTQ0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjZkYzYxNGJiYjljYjkwYWM3MTUzZmEzNDA5NjczNzYxMmZkOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTaiV+IEJDH5mhamPhwbFFXhKMI+
B07mibojpoRW6TIwVjHiHZyGSUwTTlql92iHX3cOs7wyrg9Jq8u3xytn4nELr34T
tzSLNQ3EWEhubWooZn85ZZYT0DkvxrywqIMvYZIa/wXbbkA1xBfyuEecEypBoiQK
sUFIShcHbuF8bJh3yzbQARPdvzFTa3UXDmIUIItZwItrWmPKFxI62Asl5BJqwKXi
Pb4MsyvPcdkAo6kkjWSYTtA5e11rIxKfOZ36VA5o5pglaRzWYOAxLkMdCP7QouSC
PnBS3/vxCEJ37AFfXGzwP/4DPKzrRU1R/7u2W6tH9fZ2E7wO0Ecw/fxgbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAJtxhS7ucuQrHFT+jQJZzdhL9j9MB8GA1UdIwQY
MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt
YWM2N2EzNmU0YWFiLzEvQW0zR0ZMdTV5NUNzY1ZQNk5BbG5OMkV2MlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi
LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDANBAIAATAHAwUGWW8PgDAP
BAIAAjAJAwcAKgAXwADEMA0GCSqGSIb3DQEBCwUAA4IBAQAFhfqizzDEXwuVSWoT
Jt3THgdYQ8hYic79fOd7c1m92beqfgV2omzqcc+YM36Ziyaoivr4NsHF1uuOTobQ
0AMe0E3V1IpsOFsocpAwZxeTMKCOQ90qhrnhQBI0+5LbHukRWU8W5BsxvXLMb9CU
FartGZcgWKbhdGvyR52a+AK5Ey+JzcqOxkoAbWoXyoagG0dSU3FhPCQotWqSl5La
iCjsp1XHEHees3aRJz0I6gn0QmGI2LXZj43tTTNinAj9oEZ09TI6lqKQlJDcC8Sr
7Rpjw/jtvUrtGuc2JMBeIOAelnaTZ7u762FTsN9E9KrRy7oHIuZLLUt6+Z0yn3vt
AySY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:05 2024 by rpki-client on console-ams.rpki-client.org