Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HteBwN0cZi68025OmmfvZm88Fb4.roa
File:                     HteBwN0cZi68025OmmfvZm88Fb4.roa (raw, json)
Hash identifier:          rK9kQ6CEBy0cwjzlPrT1uUboCZrwX0Soq0iGFsxrZJA=
Subject key identifier:   1E:D7:81:C0:DD:1C:66:2E:BC:D3:6E:4E:9A:67:EF:66:6F:3C:15:BE
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018CC26D2AFBFF3582145E9B4A985ABE7E0F
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HteBwN0cZi68025OmmfvZm88Fb4.roa
Signing time:             Mon 01 Jan 2024 00:29:43 +0000
ROA not before:           Mon 01 Jan 2024 00:29:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197842
IP address blocks:        89.47.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 02 Mar 2024 08:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:2a:fb:ff:35:82:14:5e:9b:4a:98:5a:be:7e:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Jan  1 00:29:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1ed781c0dd1c662ebcd36e4e9a67ef666f3c15be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d9:b7:86:80:0d:86:14:19:4d:ec:8a:66:2a:
                    15:d6:ff:8d:86:fb:f2:58:67:7b:9f:86:14:8d:a7:
                    55:37:43:be:18:e8:36:c1:33:9b:b4:64:1f:fa:4c:
                    cf:c5:bc:a8:45:b5:67:5a:99:c5:fa:bc:1c:59:ca:
                    f1:ca:af:08:e9:f5:3b:22:27:df:18:93:bb:cd:18:
                    b5:83:98:81:2c:d3:af:82:67:99:f4:3b:0f:fb:b1:
                    8e:a4:5e:77:be:d0:02:e3:ad:60:1f:ca:d3:f1:ea:
                    ec:43:2b:c1:29:de:75:31:65:4e:10:69:50:9d:9a:
                    9c:a0:76:20:a1:0c:56:4b:38:e8:07:d6:d7:79:91:
                    56:28:38:24:2e:8e:a8:da:ef:7a:5a:33:2e:cc:01:
                    0c:3d:f9:49:da:22:95:fb:f7:28:4c:fb:14:13:12:
                    2d:81:d2:59:6d:32:58:dc:32:de:53:cd:c5:0d:d3:
                    cb:0f:9d:bb:4f:52:58:54:2f:d1:e3:c0:fa:2a:39:
                    d6:9c:f5:4d:49:5c:5c:68:5b:f6:67:1e:50:47:c9:
                    a8:a7:78:5e:bb:de:b1:89:5e:f7:db:5a:7c:72:37:
                    1b:83:f3:44:d8:57:f7:cc:0e:59:9c:61:e1:d5:18:
                    db:7e:fd:c4:ff:3f:7e:f2:2b:f3:7d:be:db:9e:b0:
                    93:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:D7:81:C0:DD:1C:66:2E:BC:D3:6E:4E:9A:67:EF:66:6F:3C:15:BE
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HteBwN0cZi68025OmmfvZm88Fb4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.47.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:43:e3:b7:8e:7f:2e:fd:f9:f4:f8:a8:8a:c7:00:66:5e:e4:
         cf:27:67:f8:96:3e:38:ed:f0:b9:a5:6d:7a:27:2f:60:83:6d:
         ee:1f:74:be:71:15:ce:9f:ff:98:99:d4:04:b8:c9:ed:e3:53:
         35:5d:ff:3e:e1:c6:06:35:c7:3b:1b:97:96:4a:8d:ad:7d:7f:
         51:9c:94:08:fc:99:8b:99:b0:5d:02:db:35:4f:fb:c4:cc:5e:
         24:c4:b2:2b:5b:a2:d9:b2:36:53:4d:10:bb:b2:6a:56:fc:59:
         b9:a4:8f:68:8f:81:c8:57:d2:bc:4a:60:35:4a:07:53:bf:b3:
         dd:9d:e1:1b:21:ac:4b:45:82:ea:ef:6f:85:03:23:66:5e:f9:
         4b:1d:7d:68:3e:90:7a:57:00:40:29:cb:8a:d0:3e:e2:5e:ca:
         76:bd:6f:20:ca:4b:3c:8e:af:f3:a2:aa:f6:50:e5:4f:79:19:
         a3:9a:d8:e9:47:4f:fe:f8:ec:3d:f2:c8:19:d0:8e:10:9e:2b:
         2e:22:a9:25:43:94:1a:1d:9d:13:02:56:8b:75:0a:26:4f:a8:
         ce:d6:fe:e0:3f:98:f3:7c:46:16:83:25:8c:39:43:8e:c0:bc:
         c8:5f:08:0d:e8:5a:b8:7a:6d:53:02:d7:bb:95:65:bc:51:0c:
         73:ac:83:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbSr7/zWCFF6bSphavn4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ3ODFjMGRkMWM2NjJlYmNkMzZlNGU5YTY3ZWY2NjZmM2MxNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNm3hoANhhQZTeyKZioV1v+Nhvvy
WGd7n4YUjadVN0O+GOg2wTObtGQf+kzPxbyoRbVnWpnF+rwcWcrxyq8I6fU7Iiff
GJO7zRi1g5iBLNOvgmeZ9DsP+7GOpF53vtAC461gH8rT8ersQyvBKd51MWVOEGlQ
nZqcoHYgoQxWSzjoB9bXeZFWKDgkLo6o2u96WjMuzAEMPflJ2iKV+/coTPsUExIt
gdJZbTJY3DLeU83FDdPLD527T1JYVC/R48D6KjnWnPVNSVxcaFv2Zx5QR8mop3he
u96xiV7321p8cjcbg/NE2Ff3zA5ZnGHh1Rjbfv3E/z9+8ivzfb7bnrCT5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7XgcDdHGYuvNNuTppn72ZvPBW+MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSHRlQndOMGNaaTY4MDI1T21tZnZabTg4RmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS9xMA0G
CSqGSIb3DQEBCwUAA4IBAQAyQ+O3jn8u/fn0+KiKxwBmXuTPJ2f4lj447fC5pW16
Jy9gg23uH3S+cRXOn/+YmdQEuMnt41M1Xf8+4cYGNcc7G5eWSo2tfX9RnJQI/JmL
mbBdAts1T/vEzF4kxLIrW6LZsjZTTRC7smpW/Fm5pI9oj4HIV9K8SmA1SgdTv7Pd
neEbIaxLRYLq72+FAyNmXvlLHX1oPpB6VwBAKcuK0D7iXsp2vW8gyks8jq/zoqr2
UOVPeRmjmtjpR0/++Ow98sgZ0I4QnisuIqklQ5QaHZ0TAlaLdQomT6jO1v7gP5jz
fEYWgyWMOUOOwLzIXwgN6Fq4em1TAte7lWW8UQxzrIMT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org