Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/LZjTGc9M0WTCt2mBM5F31gj9ak4.roa
File:                     LZjTGc9M0WTCt2mBM5F31gj9ak4.roa (raw, json)
Hash identifier:          YLVo+f1Ya3zQ95BC6Trqs4wjxPYoc6tY8rUSF/Xj5Ho=
Subject key identifier:   2D:98:D3:19:CF:4C:D1:64:C2:B7:69:81:33:91:77:D6:08:FD:6A:4E
Certificate issuer:       /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial:       01856FA7096AEFF61B0E64B92FB250EB7179
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/LZjTGc9M0WTCt2mBM5F31gj9ak4.roa
Signing time:             Sun 01 Jan 2023 23:24:55 +0000
ROA not before:           Sun 01 Jan 2023 23:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46071
IP address blocks:        94.207.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a7:09:6a:ef:f6:1b:0e:64:b9:2f:b2:50:eb:71:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
        Validity
            Not Before: Jan  1 23:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2d98d319cf4cd164c2b76981339177d608fd6a4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:cf:2e:fc:86:96:65:a8:ce:41:4a:1d:71:23:
                    6e:ee:f0:24:df:0d:01:42:be:56:b0:6f:92:d1:66:
                    4e:a3:20:88:8e:ed:09:4a:87:ce:3c:63:5b:6a:34:
                    e0:2b:7f:ea:6d:1d:1b:a8:7c:05:b6:05:0f:bb:61:
                    fc:72:c0:2e:5e:10:78:ae:b0:23:18:71:09:79:ae:
                    14:75:ca:c5:17:bc:9d:82:f2:2f:04:0f:7f:e9:2f:
                    cb:d4:b7:44:ec:30:93:6a:53:dc:2f:40:13:39:35:
                    f6:f8:44:92:c4:43:89:2d:07:b9:9a:fd:69:80:4c:
                    90:07:af:ef:e4:b0:d6:c7:16:64:7a:f6:84:b0:34:
                    44:8e:9c:f1:52:56:7f:c3:96:27:f6:45:17:c1:d9:
                    ce:e4:33:41:d8:6c:12:fd:a3:9a:eb:99:03:ec:95:
                    05:a1:23:a4:be:bf:28:ff:97:75:7f:94:a6:5e:8f:
                    ea:03:6b:2d:c9:66:59:59:b7:db:d9:9a:93:9c:c4:
                    85:b5:ff:2e:96:b3:ba:88:b9:e2:2b:4c:ab:2f:43:
                    d9:d0:8f:8a:6f:50:92:fe:b2:a2:d3:2e:09:7e:97:
                    26:19:42:b1:ff:3d:3e:c8:c0:fb:95:02:7f:53:63:
                    d5:66:36:c9:b9:71:26:a4:92:e7:c2:95:d8:12:99:
                    83:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:98:D3:19:CF:4C:D1:64:C2:B7:69:81:33:91:77:D6:08:FD:6A:4E
            X509v3 Authority Key Identifier:
                keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/LZjTGc9M0WTCt2mBM5F31gj9ak4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.207.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:36:6a:a6:c1:8d:54:32:26:e6:80:87:1b:c8:14:77:40:80:
         e7:b4:95:8d:75:98:f4:47:90:32:cc:03:40:1a:12:9e:83:41:
         6c:87:f4:7e:ef:f5:3d:7f:22:47:06:d5:e0:8c:71:8d:d7:ba:
         38:90:52:13:99:08:59:f0:82:56:65:39:79:e5:a9:ea:f4:c8:
         c3:63:3f:05:47:92:a7:98:ad:11:10:0f:79:27:d6:5c:c0:2e:
         ae:16:4d:6d:f9:f5:10:57:6c:86:61:49:1b:39:7b:e2:33:c1:
         af:b0:b4:43:30:9a:89:35:8d:9e:aa:25:07:79:61:00:af:d9:
         67:ef:8b:0f:8d:02:cc:ad:dc:28:93:49:19:d2:f2:eb:0d:0a:
         fd:2b:18:c9:0d:7a:2d:24:39:36:68:8a:60:7b:b6:89:b2:4b:
         e7:e8:52:30:b2:b2:36:5a:b3:b9:23:c0:59:09:50:b7:5d:18:
         e0:1a:f5:2e:64:b3:91:fd:59:de:72:14:d4:4a:5b:48:28:dc:
         56:d5:80:b2:46:07:4b:bd:2c:7d:93:16:d4:a3:e3:6b:7c:df:
         ac:2f:ef:f2:64:86:7e:ca:d8:af:38:92:8f:b9:4f:be:1d:2b:
         76:3f:bd:79:cc:02:d7:78:8e:f4:15:5b:ff:b6:1e:76:2d:72:
         89:3b:a6:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpwlq7/YbDmS5L7JQ63F5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGE2MGYwNDlkZmJhMzRiZTRiNGU4NDE4YjlmZjQ5MjEy
NWM0NDkwHhcNMjMwMTAxMjMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDk4ZDMxOWNmNGNkMTY0YzJiNzY5ODEzMzkxNzdkNjA4ZmQ2YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc8u/IaWZajOQUodcSNu7vAk3w0B
Qr5WsG+S0WZOoyCIju0JSofOPGNbajTgK3/qbR0bqHwFtgUPu2H8csAuXhB4rrAj
GHEJea4UdcrFF7ydgvIvBA9/6S/L1LdE7DCTalPcL0ATOTX2+ESSxEOJLQe5mv1p
gEyQB6/v5LDWxxZkevaEsDREjpzxUlZ/w5Yn9kUXwdnO5DNB2GwS/aOa65kD7JUF
oSOkvr8o/5d1f5SmXo/qA2styWZZWbfb2ZqTnMSFtf8ulrO6iLniK0yrL0PZ0I+K
b1CS/rKi0y4JfpcmGUKx/z0+yMD7lQJ/U2PVZjbJuXEmpJLnwpXYEpmDdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2Y0xnPTNFkwrdpgTORd9YI/WpOMB8GA1UdIwQY
MBaAFInaYPBJ37o0vktOhBi5/0khJcRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUt
Njk4OTBjODI5ZTMzLzEvTFpqVEdjOU0wV1RDdDJtQk01RjMxZ2o5YWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUtNjk4OTBjODI5ZTMz
LzEvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXs8oMA0G
CSqGSIb3DQEBCwUAA4IBAQBdNmqmwY1UMibmgIcbyBR3QIDntJWNdZj0R5AyzANA
GhKeg0Fsh/R+7/U9fyJHBtXgjHGN17o4kFITmQhZ8IJWZTl55anq9MjDYz8FR5Kn
mK0REA95J9ZcwC6uFk1t+fUQV2yGYUkbOXviM8GvsLRDMJqJNY2eqiUHeWEAr9ln
74sPjQLMrdwok0kZ0vLrDQr9KxjJDXotJDk2aIpge7aJskvn6FIwsrI2WrO5I8BZ
CVC3XRjgGvUuZLOR/VnechTUSltIKNxW1YCyRgdLvSx9kxbUo+NrfN+sL+/yZIZ+
ytivOJKPuU++HSt2P715zALXeI70FVv/th52LXKJO6aN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org