Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MFtlYoh8_yCYJT_iU49ARMXDeoE.roa
File:                     MFtlYoh8_yCYJT_iU49ARMXDeoE.roa (raw, json)
Hash identifier:          Wmxnrz5wMJ/ztmLc/pqjrHSwp9AvevpQhLDPrQ9W/AU=
Subject key identifier:   30:5B:65:62:88:7C:FF:20:98:25:3F:E2:53:8F:40:44:C5:C3:7A:81
Certificate issuer:       /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial:       01856C6EF354CE31B4FAA30FBDA01EA5B119
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MFtlYoh8_yCYJT_iU49ARMXDeoE.roa
Signing time:             Sun 01 Jan 2023 08:24:48 +0000
ROA not before:           Sun 01 Jan 2023 08:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8751
IP address blocks:        89.42.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:f3:54:ce:31:b4:fa:a3:0f:bd:a0:1e:a5:b1:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
        Validity
            Not Before: Jan  1 08:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=305b6562887cff2098253fe2538f4044c5c37a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:03:c3:1a:0f:b8:e4:1a:04:65:8f:d4:0e:0e:
                    4c:dc:da:70:c7:66:25:17:c2:5a:8d:98:2a:a1:de:
                    86:90:a3:63:88:b2:05:92:89:a5:67:04:cc:ed:a3:
                    13:04:f1:ba:4d:34:8a:9e:7a:ec:df:22:87:69:77:
                    e2:6f:ee:c7:1a:fc:4d:8d:a6:ee:48:9f:26:b4:e7:
                    88:cf:76:b8:cb:c6:1c:90:2b:8b:80:48:88:98:6f:
                    2c:a8:87:0a:3f:b1:23:a4:c4:cc:00:6c:a4:01:8b:
                    47:d3:9c:e2:f9:f0:4c:6c:61:e5:56:2a:bc:6c:2d:
                    89:5c:8f:0d:5d:24:8e:7e:9d:ca:0c:fb:e9:61:c1:
                    11:0a:82:8d:6c:ec:b7:0d:ee:a5:f5:42:1a:7b:d1:
                    68:7e:55:a1:73:b3:6a:db:12:16:03:4a:ce:bc:ff:
                    1b:03:12:0f:e2:b1:03:1b:22:22:a6:0c:a7:12:1e:
                    44:39:bf:63:a5:6e:ac:ae:a9:66:2c:80:58:e6:5d:
                    89:be:11:76:58:a6:d3:1f:c9:89:06:92:44:4e:5a:
                    54:63:f6:b8:0b:57:ec:06:01:ab:8c:fe:da:2a:04:
                    b9:02:3f:00:d1:9c:c8:6c:b4:79:d2:17:fa:cd:19:
                    f6:fa:30:9d:c9:5a:24:62:2c:7d:3a:68:25:bf:86:
                    55:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:5B:65:62:88:7C:FF:20:98:25:3F:E2:53:8F:40:44:C5:C3:7A:81
            X509v3 Authority Key Identifier:
                keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MFtlYoh8_yCYJT_iU49ARMXDeoE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.42.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:08:a9:40:01:8e:00:ce:35:f9:1a:3f:42:03:91:60:98:7a:
         3e:a0:aa:c0:00:69:ef:c6:23:a9:4b:16:73:8b:ea:52:58:e1:
         71:c6:96:28:cc:ae:0f:39:af:29:d7:34:a9:24:11:c9:a1:7c:
         70:83:b8:c4:a1:4f:53:55:d7:7d:07:ce:60:f0:6c:78:02:a8:
         7c:e1:cd:a4:79:84:2b:9f:53:cf:1c:67:5b:cc:0a:c9:26:60:
         19:87:a8:d1:bc:50:cb:3e:b3:4b:11:2f:35:ea:38:f5:f1:92:
         20:b4:63:56:f3:ec:73:73:b0:9f:45:ff:f1:0b:b7:cb:81:b6:
         bd:05:e0:67:42:12:a2:87:a5:d2:9b:a2:87:47:52:76:82:81:
         f7:1a:38:7b:68:c5:db:1e:1b:47:7a:5f:f5:6d:07:59:e2:ff:
         5f:ae:34:e9:0c:63:f1:47:29:9e:0a:84:cc:71:ad:29:f7:09:
         76:59:56:f7:a2:9c:a4:87:e2:c4:ab:59:c0:07:02:6e:57:e6:
         ea:26:2c:0d:dc:09:57:9c:ea:6b:cf:02:f7:ec:f4:4a:36:81:
         03:c7:03:13:7d:4e:16:29:97:d4:ac:0e:49:6c:1f:fa:a9:4f:
         d4:46:5a:20:76:96:0e:c2:fe:55:92:da:74:90:40:08:e0:12:
         46:ee:01:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvNUzjG0+qMPvaAepbEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDViNjU2Mjg4N2NmZjIwOTgyNTNmZTI1MzhmNDA0NGM1YzM3YTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQPDGg+45BoEZY/UDg5M3Npwx2Yl
F8JajZgqod6GkKNjiLIFkomlZwTM7aMTBPG6TTSKnnrs3yKHaXfib+7HGvxNjabu
SJ8mtOeIz3a4y8YckCuLgEiImG8sqIcKP7EjpMTMAGykAYtH05zi+fBMbGHlViq8
bC2JXI8NXSSOfp3KDPvpYcERCoKNbOy3De6l9UIae9FoflWhc7Nq2xIWA0rOvP8b
AxIP4rEDGyIipgynEh5EOb9jpW6srqlmLIBY5l2JvhF2WKbTH8mJBpJETlpUY/a4
C1fsBgGrjP7aKgS5Aj8A0ZzIbLR50hf6zRn2+jCdyVokYix9Omglv4ZVLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBbZWKIfP8gmCU/4lOPQETFw3qBMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvTUZ0bFlvaDhfeUNZSlRfaVU0OUFSTVhEZW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSqEMA0G
CSqGSIb3DQEBCwUAA4IBAQA7CKlAAY4AzjX5Gj9CA5FgmHo+oKrAAGnvxiOpSxZz
i+pSWOFxxpYozK4POa8p1zSpJBHJoXxwg7jEoU9TVdd9B85g8Gx4Aqh84c2keYQr
n1PPHGdbzArJJmAZh6jRvFDLPrNLES816jj18ZIgtGNW8+xzc7CfRf/xC7fLgba9
BeBnQhKih6XSm6KHR1J2goH3Gjh7aMXbHhtHel/1bQdZ4v9frjTpDGPxRymeCoTM
ca0p9wl2WVb3opykh+LEq1nABwJuV+bqJiwN3AlXnOprzwL37PRKNoEDxwMTfU4W
KZfUrA5JbB/6qU/URlogdpYOwv5Vktp0kEAI4BJG7gFu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:42 2024 by rpki-client on console-ams.rpki-client.org