Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JfGTbyiwR4YE-OlrmyW37OXvhDw.roa
File:                     JfGTbyiwR4YE-OlrmyW37OXvhDw.roa (raw, json)
Hash identifier:          YbbPdrfjWfUbKHfCNClj6t9vdYH3OMTRMuQXYvJWDNA=
Subject key identifier:   25:F1:93:6F:28:B0:47:86:04:F8:E9:6B:9B:25:B7:EC:E5:EF:84:3C
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       0189CFC9380296A68EFE04B370741107E1A0
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JfGTbyiwR4YE-OlrmyW37OXvhDw.roa
Signing time:             Mon 07 Aug 2023 11:36:58 +0000
ROA not before:           Mon 07 Aug 2023 11:36:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        89.42.90.0/24 maxlen: 24
                          89.42.95.0/24 maxlen: 24
                          89.42.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 08 Aug 2023 05:57:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:cf:c9:38:02:96:a6:8e:fe:04:b3:70:74:11:07:e1:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Aug  7 11:36:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25f1936f28b0478604f8e96b9b25b7ece5ef843c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d5:f5:15:23:14:df:f4:c0:73:23:4d:c0:28:
                    23:b1:aa:b1:cf:dd:58:c8:5e:e0:81:f3:7b:04:ff:
                    15:4d:b9:84:64:f0:82:d4:de:bb:32:d7:91:41:a5:
                    8e:80:d1:eb:fa:77:15:32:3b:fa:c5:90:38:cc:be:
                    34:e7:5c:c0:59:b0:ce:d5:f0:e7:51:59:da:bb:ce:
                    04:14:f2:ba:d1:49:45:99:28:e8:e5:fd:b0:1c:2e:
                    13:cb:f0:ec:97:d4:37:a5:22:70:97:bb:d6:6e:a1:
                    0e:50:cf:2f:c6:bf:20:6b:da:03:66:6d:e1:90:e0:
                    eb:be:cf:24:19:3c:f0:bc:df:83:ad:1e:1f:99:61:
                    a2:4a:c9:f2:30:34:b9:2d:26:06:ca:a0:1a:18:ea:
                    3b:cd:ab:f7:80:53:b3:75:ea:d1:6b:f3:72:30:b0:
                    e0:9c:82:ac:eb:2e:76:7d:2a:3a:0c:98:1a:2e:ec:
                    d2:b5:30:4f:8d:6d:11:a4:b4:23:e6:45:ab:eb:5a:
                    82:06:fe:8a:e6:e6:24:01:0a:17:27:4a:50:c1:9c:
                    d0:1d:d4:dd:aa:f1:96:62:e9:5f:05:0b:c6:7f:10:
                    ba:30:d2:31:8f:6e:e1:07:77:98:2f:d6:bf:b4:9d:
                    b9:07:ea:f3:17:14:9d:6d:8a:fa:b3:89:14:b0:d4:
                    4b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:F1:93:6F:28:B0:47:86:04:F8:E9:6B:9B:25:B7:EC:E5:EF:84:3C
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/JfGTbyiwR4YE-OlrmyW37OXvhDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.42.90.0/24
                  89.42.93.0/24
                  89.42.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:86:09:3c:3b:79:ca:7e:30:e1:c9:0b:80:13:70:1c:c2:00:
         17:61:4f:01:35:1a:87:6f:df:8c:65:21:8f:51:c5:d7:2b:68:
         fb:df:87:c9:28:10:c5:49:de:8d:c1:70:90:17:f9:59:8a:42:
         55:15:7b:5d:df:b4:f4:87:71:1c:41:e8:49:c1:52:2a:2c:21:
         00:da:2a:bf:a8:3e:b3:a2:ce:bb:ab:fd:87:db:f5:fb:18:b4:
         92:4a:d7:01:53:79:bb:62:6e:f3:19:f2:29:a8:84:7d:02:67:
         47:bb:dd:d2:cd:12:5b:f2:a4:5e:d3:b5:0a:0f:31:80:07:cd:
         1e:56:aa:b5:ff:bf:2f:b1:c1:4f:d5:cc:7f:6c:83:04:0b:36:
         ef:14:ad:51:5e:50:54:32:dd:e4:9e:2b:9c:14:dc:f1:e8:9a:
         23:84:eb:f8:05:c2:e7:39:ec:8f:24:c5:34:65:5d:87:59:81:
         60:af:6b:95:f0:d6:99:50:94:ca:8f:b9:53:70:58:2d:67:2c:
         78:38:02:18:66:0e:60:38:50:be:22:7f:a0:eb:e9:e0:63:98:
         57:fa:13:c3:64:7c:54:1c:84:a3:c0:96:de:a3:95:34:5f:d0:
         f8:0c:0a:f1:38:27:26:2d:ac:82:43:b0:ff:47:43:9e:fe:9f:
         0e:e0:07:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnPyTgClqaO/gSzcHQRB+GgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODA3MTEzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWYxOTM2ZjI4YjA0Nzg2MDRmOGU5NmI5YjI1YjdlY2U1ZWY4NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9X1FSMU3/TAcyNNwCgjsaqxz91Y
yF7ggfN7BP8VTbmEZPCC1N67MteRQaWOgNHr+ncVMjv6xZA4zL4051zAWbDO1fDn
UVnau84EFPK60UlFmSjo5f2wHC4Ty/Dsl9Q3pSJwl7vWbqEOUM8vxr8ga9oDZm3h
kODrvs8kGTzwvN+DrR4fmWGiSsnyMDS5LSYGyqAaGOo7zav3gFOzderRa/NyMLDg
nIKs6y52fSo6DJgaLuzStTBPjW0RpLQj5kWr61qCBv6K5uYkAQoXJ0pQwZzQHdTd
qvGWYulfBQvGfxC6MNIxj27hB3eYL9a/tJ25B+rzFxSdbYr6s4kUsNRLDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCXxk28osEeGBPjpa5slt+zl74Q8MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSmZHVGJ5aXdSNFlFLU9scm15VzM3T1h2aER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSpaAwQA
WSpdAwQAWSpfMA0GCSqGSIb3DQEBCwUAA4IBAQAUhgk8O3nKfjDhyQuAE3AcwgAX
YU8BNRqHb9+MZSGPUcXXK2j734fJKBDFSd6NwXCQF/lZikJVFXtd37T0h3EcQehJ
wVIqLCEA2iq/qD6zos67q/2H2/X7GLSSStcBU3m7Ym7zGfIpqIR9AmdHu93SzRJb
8qRe07UKDzGAB80eVqq1/78vscFP1cx/bIMECzbvFK1RXlBUMt3kniucFNzx6Joj
hOv4BcLnOeyPJMU0ZV2HWYFgr2uV8NaZUJTKj7lTcFgtZyx4OAIYZg5gOFC+In+g
6+ngY5hX+hPDZHxUHISjwJbeo5U0X9D4DArxOCcmLayCQ7D/R0Oe/p8O4Afa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org