Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-YaMS399C2WQtcSwwbm-bq-EYWM.roa
File:                     1-YaMS399C2WQtcSwwbm-bq-EYWM.roa (raw, json)
Hash identifier:          muBtBTQkNGGwYhTB4Tz3Vc4j1mNCFJbpJz1c0wNsO6U=
Subject key identifier:   F9:86:8C:4B:7F:7D:0B:65:90:B5:C4:B0:C1:B9:BE:6E:AF:84:61:63
Certificate issuer:       /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial:       018972C03AEBD3078FE6D48105C65042E57A
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-YaMS399C2WQtcSwwbm-bq-EYWM.roa
Signing time:             Thu 20 Jul 2023 10:02:27 +0000
ROA not before:           Thu 20 Jul 2023 10:02:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205220
IP address blocks:        89.191.224.0/24 maxlen: 24
                          194.31.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Sep 2023 04:50:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:72:c0:3a:eb:d3:07:8f:e6:d4:81:05:c6:50:42:e5:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
        Validity
            Not Before: Jul 20 10:02:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9868c4b7f7d0b6590b5c4b0c1b9be6eaf846163
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:d1:73:bc:ce:c8:be:5b:91:7a:4c:35:c4:67:
                    be:f4:0a:71:e5:da:db:79:6c:9a:9b:bf:1c:10:e4:
                    16:b9:23:1a:f9:06:f1:4d:58:a3:a2:1e:21:7a:2d:
                    95:17:20:18:93:e9:8b:5e:13:96:45:c6:2b:91:33:
                    b7:cc:01:6c:39:39:9c:a6:e6:fe:5f:f5:7a:d0:b3:
                    d2:58:68:ee:87:14:20:d9:6a:71:ba:7e:5b:94:89:
                    88:50:6f:69:20:e1:5c:85:20:f5:0d:69:69:7f:e1:
                    35:7e:4f:6d:a7:0a:29:24:c1:53:6e:32:b1:81:15:
                    87:46:d8:3d:69:7d:d7:82:11:8f:c8:03:42:dd:8a:
                    48:06:33:85:9b:a5:21:87:73:4e:15:63:02:0b:91:
                    aa:5c:fa:c8:5f:55:55:4a:e0:17:2e:13:9a:50:8e:
                    78:fc:5b:50:fc:04:a2:2f:03:55:52:3f:27:6e:a0:
                    39:08:fd:56:23:74:c5:1e:0f:a4:24:65:12:75:8f:
                    96:ca:24:12:89:e0:18:c5:59:e6:0a:e0:b4:57:a4:
                    eb:2f:b6:cc:82:2a:41:ba:a2:94:ef:0d:49:49:5b:
                    b2:7e:d2:23:30:f2:ca:c8:d8:81:61:02:52:c3:96:
                    6f:38:45:7d:08:f1:8f:02:d1:62:81:3f:06:f0:e1:
                    2e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:86:8C:4B:7F:7D:0B:65:90:B5:C4:B0:C1:B9:BE:6E:AF:84:61:63
            X509v3 Authority Key Identifier:
                keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-YaMS399C2WQtcSwwbm-bq-EYWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.191.224.0/24
                  194.31.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:ed:08:87:14:cb:32:34:40:60:bb:9a:19:30:d6:dd:04:2c:
         4c:91:5c:03:af:1e:f3:89:98:7f:46:9e:fd:b2:85:74:32:b2:
         7d:24:2a:88:4a:ed:d3:eb:53:76:28:79:e9:3f:68:05:80:3e:
         1b:9b:32:58:21:5e:cd:8c:b5:00:e4:96:8c:89:f8:c4:24:68:
         cd:5b:ab:85:96:99:09:07:4c:80:b3:3c:12:75:9f:6b:40:62:
         e3:52:83:1b:2d:72:3b:68:a8:a8:65:d9:a6:fd:e5:ad:d0:1b:
         c7:b7:fb:46:6e:34:a5:9d:01:f0:66:22:b1:55:e6:92:32:e8:
         a8:b8:69:14:d9:c2:78:1e:85:4f:ad:03:57:78:98:5b:b8:a9:
         d7:dd:86:12:ea:d1:ef:a9:f9:c1:18:f9:d9:8e:c6:eb:c6:78:
         01:4a:c2:aa:d7:4a:ba:eb:c6:24:8b:16:11:9c:8c:17:dc:82:
         46:bc:d6:37:5a:06:6c:94:54:7a:f6:56:60:a6:f0:52:26:25:
         8b:59:fb:bb:50:a9:85:f4:54:cb:44:12:32:38:22:5f:e1:a6:
         2b:0e:e9:05:e9:1f:93:09:ed:c3:f7:8d:92:4f:52:4a:a6:6b:
         9e:e1:ad:ab:8c:ed:77:ab:23:48:c5:93:6b:77:90:8b:49:66:
         87:97:cc:11
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYlywDrr0weP5tSBBcZQQuV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzIwMTAwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg2OGM0YjdmN2QwYjY1OTBiNWM0YjBjMWI5YmU2ZWFmODQ2MTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdFzvM7IvluRekw1xGe+9Apx5drb
eWyam78cEOQWuSMa+QbxTVijoh4hei2VFyAYk+mLXhOWRcYrkTO3zAFsOTmcpub+
X/V60LPSWGjuhxQg2Wpxun5blImIUG9pIOFchSD1DWlpf+E1fk9tpwopJMFTbjKx
gRWHRtg9aX3XghGPyANC3YpIBjOFm6Uhh3NOFWMCC5GqXPrIX1VVSuAXLhOaUI54
/FtQ/ASiLwNVUj8nbqA5CP1WI3TFHg+kJGUSdY+WyiQSieAYxVnmCuC0V6TrL7bM
gipBuqKU7w1JSVuyftIjMPLKyNiBYQJSw5ZvOEV9CPGPAtFigT8G8OEuNQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPmGjEt/fQtlkLXEsMG5vm6vhGFjMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMS1ZYU1TMzk5QzJXUXRjU3d3Ym0tYnEtRVlXTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgy
OC8xL0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFm/4AME
AMIfrDANBgkqhkiG9w0BAQsFAAOCAQEAju0IhxTLMjRAYLuaGTDW3QQsTJFcA68e
84mYf0ae/bKFdDKyfSQqiErt0+tTdih56T9oBYA+G5syWCFezYy1AOSWjIn4xCRo
zVurhZaZCQdMgLM8EnWfa0Bi41KDGy1yO2ioqGXZpv3lrdAbx7f7Rm40pZ0B8GYi
sVXmkjLoqLhpFNnCeB6FT60DV3iYW7ip192GEurR76n5wRj52Y7G68Z4AUrCqtdK
uuvGJIsWEZyMF9yCRrzWN1oGbJRUevZWYKbwUiYli1n7u1CphfRUy0QSMjgiX+Gm
Kw7pBekfkwntw/eNkk9SSqZrnuGtq4ztd6sjSMWTa3eQi0lmh5fMEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org