Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7CEhq9erdaggjSmKQdR1VvJJsDs.roa
File:                     7CEhq9erdaggjSmKQdR1VvJJsDs.roa (raw, json)
Hash identifier:          7L7tyGvT3+njIgCQNisG82+c7lCtmYwUxTmrOwCw+K8=
Subject key identifier:   EC:21:21:AB:D7:AB:75:A8:20:8D:29:8A:41:D4:75:56:F2:49:B0:3B
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018CC26D1F6ADD41B37969A0921D560B1706
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7CEhq9erdaggjSmKQdR1VvJJsDs.roa
Signing time:             Mon 01 Jan 2024 00:29:40 +0000
ROA not before:           Mon 01 Jan 2024 00:29:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     24940
IP address blocks:        89.42.83.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Jul 2024 05:24:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:1f:6a:dd:41:b3:79:69:a0:92:1d:56:0b:17:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Jan  1 00:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ec2121abd7ab75a8208d298a41d47556f249b03b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b3:51:24:95:3d:6f:ae:87:6e:31:6b:49:94:
                    d9:65:ce:0b:a1:3e:0f:69:b0:9c:bf:85:13:ab:ce:
                    30:e5:9d:7e:2f:43:51:71:3b:70:b3:17:9f:e9:39:
                    4d:8b:99:a8:41:b0:cc:cb:5a:eb:be:82:da:86:fe:
                    ef:3a:5a:3b:ae:45:90:70:6e:e4:be:0a:0f:c1:d7:
                    91:ca:06:ae:6f:f4:d7:1f:ac:b7:8e:40:cd:c2:a4:
                    fc:97:ef:6c:61:0d:b8:22:7a:31:66:c4:ca:b0:5a:
                    1d:c8:b8:49:bc:0e:5c:5e:17:fa:3d:86:5e:8a:0c:
                    3d:24:ce:a2:61:52:f9:cc:4e:c8:fb:c1:89:d9:8c:
                    01:28:28:72:fb:44:33:7e:84:b2:58:c6:37:bd:b2:
                    70:47:19:c1:f8:dd:f6:d7:d0:6b:d1:8e:c1:46:19:
                    18:84:c9:82:02:cf:48:3c:ac:6f:5a:0e:b1:19:ee:
                    94:db:56:90:d7:14:2b:eb:1a:81:e2:0e:f7:a2:67:
                    4a:a0:4a:e5:4b:3d:05:ab:fe:58:e9:72:c4:e7:6c:
                    6a:9b:ad:b7:b9:58:32:e1:38:1a:d4:ff:e5:fd:0b:
                    b2:42:72:09:bc:93:cd:dc:cc:d3:5e:4a:d3:c7:49:
                    0b:8b:28:d3:58:af:e2:70:1e:0c:92:d5:96:ab:13:
                    aa:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:21:21:AB:D7:AB:75:A8:20:8D:29:8A:41:D4:75:56:F2:49:B0:3B
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7CEhq9erdaggjSmKQdR1VvJJsDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.42.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:ee:5b:29:ec:cc:76:f9:b0:ed:25:1d:bc:71:55:33:ea:e2:
         7f:e8:26:bd:bf:06:54:25:3b:74:2f:d4:08:fb:c8:7e:be:32:
         d2:da:41:35:bc:73:f5:b9:13:50:29:6f:41:3b:96:df:78:12:
         8d:77:dd:ab:12:21:19:1a:14:ea:57:8c:20:93:5c:59:68:f6:
         70:74:1d:89:44:c4:77:87:e7:46:e4:6d:f3:6d:5b:d2:a1:3a:
         a0:e6:31:8e:5b:01:9f:97:f0:3e:7b:a2:ce:0e:30:d6:13:cd:
         c5:6c:f4:d4:10:28:0e:58:a4:fa:4e:7e:22:06:e7:fe:5c:ea:
         a6:01:22:51:e2:37:d4:19:56:c8:be:b1:cc:67:ea:b5:e4:f1:
         bc:99:d5:dc:78:99:60:76:25:56:91:59:6a:44:11:16:af:c1:
         e5:33:c7:e8:32:68:3b:52:c8:48:42:2d:29:ad:55:77:b7:71:
         01:d1:c4:2d:6f:8c:0f:6a:cf:56:70:43:6a:05:79:4b:e3:45:
         a6:39:44:3b:b2:09:02:c1:01:eb:6e:50:5b:36:16:e6:14:89:
         20:32:d8:4d:d2:9c:4a:54:fd:9b:b7:2d:1f:41:34:41:39:f9:
         10:db:7e:68:37:4b:ae:dc:21:c7:14:d9:49:7f:d3:fa:f0:43:
         c5:5b:56:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbR9q3UGzeWmgkh1WCxcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzIxMjFhYmQ3YWI3NWE4MjA4ZDI5OGE0MWQ0NzU1NmYyNDliMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7NRJJU9b66HbjFrSZTZZc4LoT4P
abCcv4UTq84w5Z1+L0NRcTtwsxef6TlNi5moQbDMy1rrvoLahv7vOlo7rkWQcG7k
vgoPwdeRygaub/TXH6y3jkDNwqT8l+9sYQ24InoxZsTKsFodyLhJvA5cXhf6PYZe
igw9JM6iYVL5zE7I+8GJ2YwBKChy+0QzfoSyWMY3vbJwRxnB+N3219Br0Y7BRhkY
hMmCAs9IPKxvWg6xGe6U21aQ1xQr6xqB4g73omdKoErlSz0Fq/5Y6XLE52xqm623
uVgy4Tga1P/l/QuyQnIJvJPN3MzTXkrTx0kLiyjTWK/icB4MktWWqxOq3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOwhIavXq3WoII0pikHUdVbySbA7MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvN0NFaHE5ZXJkYWdnalNtS1FkUjFWdkpKc0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpTMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ7lsp7Mx2+bDtJR28cVUz6uJ/6Ca9vwZUJTt0L9QI
+8h+vjLS2kE1vHP1uRNQKW9BO5bfeBKNd92rEiEZGhTqV4wgk1xZaPZwdB2JRMR3
h+dG5G3zbVvSoTqg5jGOWwGfl/A+e6LODjDWE83FbPTUECgOWKT6Tn4iBuf+XOqm
ASJR4jfUGVbIvrHMZ+q15PG8mdXceJlgdiVWkVlqRBEWr8HlM8foMmg7UshIQi0p
rVV3t3EB0cQtb4wPas9WcENqBXlL40WmOUQ7sgkCwQHrblBbNhbmFIkgMthN0pxK
VP2bty0fQTRBOfkQ235oN0uu3CHHFNlJf9P68EPFW1aW
-----END CERTIFICATE-----
Generated at Thu Jul 25 06:45:49 2024 by rpki-client on console-fra.rpki-client.org