Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KvjSWOmcOXZdZ7eXfhIsMFQt0sI.roa
File:                     KvjSWOmcOXZdZ7eXfhIsMFQt0sI.roa (raw, json)
Hash identifier:          1TTnGgrk6LkATwwl+6jV+ZDEoEjA9FaNlL/q2/deMgk=
Subject key identifier:   2A:F8:D2:58:E9:9C:39:76:5D:67:B7:97:7E:12:2C:30:54:2D:D2:C2
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018C1546A90749D06098593D7C06D3C56EF4
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KvjSWOmcOXZdZ7eXfhIsMFQt0sI.roa
Signing time:             Tue 28 Nov 2023 09:33:21 +0000
ROA not before:           Tue 28 Nov 2023 09:33:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36113
IP address blocks:        89.47.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Dec 2023 07:37:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:15:46:a9:07:49:d0:60:98:59:3d:7c:06:d3:c5:6e:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Nov 28 09:33:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2af8d258e99c39765d67b7977e122c30542dd2c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4d:89:9b:5c:5a:7a:fb:44:2b:19:a9:8a:07:
                    87:aa:f6:12:ec:36:d3:63:4b:a1:45:50:65:1a:cb:
                    6a:ba:4d:e5:ef:4e:a6:5f:9f:00:68:90:26:69:4f:
                    6a:4a:18:49:91:f5:15:92:61:c5:e6:4c:1e:1a:b5:
                    9c:d0:62:74:ce:fb:32:7a:fb:6b:f8:d2:1e:1b:6e:
                    9f:b2:e6:dc:68:24:84:10:e6:89:a7:43:35:27:cb:
                    28:1e:f9:8c:6d:d2:bc:dd:35:65:c5:5a:c4:85:96:
                    c5:cf:67:11:e7:47:8e:fc:fb:6d:5e:0a:07:1f:78:
                    96:71:88:c0:79:16:99:43:2d:3f:c0:5e:01:06:5b:
                    2e:66:c5:4a:09:f5:4a:b9:ed:fd:42:65:dd:14:4c:
                    35:8c:0c:be:06:c9:dd:81:c2:1e:0a:4b:39:53:dd:
                    97:41:2c:6b:23:24:75:30:ef:cd:ae:d8:3f:f0:25:
                    d1:02:71:6f:a0:66:ee:42:8c:32:a9:84:8d:4c:0f:
                    a1:cd:61:b8:f7:8e:b4:21:da:ef:0b:fb:16:42:89:
                    cb:ed:12:c3:b9:21:2c:ce:e3:d1:4e:8c:d0:8f:db:
                    e6:fd:31:d6:f0:b9:40:0b:2d:b6:1d:ee:dd:33:f4:
                    da:1c:b6:dc:32:f1:78:88:27:1e:52:af:ff:15:dd:
                    98:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:F8:D2:58:E9:9C:39:76:5D:67:B7:97:7E:12:2C:30:54:2D:D2:C2
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KvjSWOmcOXZdZ7eXfhIsMFQt0sI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.47.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:3a:35:c6:fa:8c:55:02:64:26:05:16:7b:a9:57:f3:ac:c5:
         b7:65:f1:f7:e6:b5:b7:6f:de:90:99:22:77:15:b6:5f:41:93:
         d6:a2:ed:57:46:e4:e5:6a:b9:7e:e4:bb:c5:69:1c:b2:f5:03:
         f3:26:2b:0c:b1:74:1d:3d:9b:71:7e:38:e5:2d:6a:02:23:7a:
         27:7b:da:57:15:9e:4c:94:de:68:a9:32:cc:7c:42:da:e7:f2:
         51:b0:01:e0:80:b6:c9:f1:cd:e3:94:ab:1a:cb:ac:09:14:33:
         19:b7:ef:5a:27:9c:6b:09:f5:f2:c9:ec:c8:d5:24:d5:8d:db:
         cb:4c:62:82:de:80:9c:74:54:1f:8a:9b:a6:20:3d:53:95:55:
         50:77:28:4e:e5:73:27:61:52:25:a2:55:dd:f9:bd:da:01:aa:
         3e:72:04:ef:64:ee:7d:6f:34:5d:c7:29:c1:f7:1d:0c:2c:d8:
         ef:bf:b8:60:c3:09:b3:20:e4:d4:c9:cb:bb:fd:22:39:50:90:
         da:05:17:52:20:c1:7c:50:14:4b:ae:31:74:f7:93:f2:81:3a:
         1f:6b:81:ed:c9:9f:61:67:a3:2d:31:38:1c:c2:62:d1:94:ef:
         d4:71:30:7a:93:8d:9f:c8:52:9c:f2:a7:0f:68:c0:59:71:64:
         85:a9:f1:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwVRqkHSdBgmFk9fAbTxW70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI4MDkzMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY4ZDI1OGU5OWMzOTc2NWQ2N2I3OTc3ZTEyMmMzMDU0MmRkMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr02Jm1xaevtEKxmpigeHqvYS7DbT
Y0uhRVBlGstquk3l706mX58AaJAmaU9qShhJkfUVkmHF5kweGrWc0GJ0zvsyevtr
+NIeG26fsubcaCSEEOaJp0M1J8soHvmMbdK83TVlxVrEhZbFz2cR50eO/PttXgoH
H3iWcYjAeRaZQy0/wF4BBlsuZsVKCfVKue39QmXdFEw1jAy+BsndgcIeCks5U92X
QSxrIyR1MO/Nrtg/8CXRAnFvoGbuQowyqYSNTA+hzWG49460IdrvC/sWQonL7RLD
uSEszuPRTozQj9vm/THW8LlACy22He7dM/TaHLbcMvF4iCceUq//Fd2YAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCr40ljpnDl2XWe3l34SLDBULdLCMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvS3ZqU1dPbWNPWFpkWjdlWGZoSXNNRlF0MHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS99MA0G
CSqGSIb3DQEBCwUAA4IBAQBAOjXG+oxVAmQmBRZ7qVfzrMW3ZfH35rW3b96QmSJ3
FbZfQZPWou1XRuTlarl+5LvFaRyy9QPzJisMsXQdPZtxfjjlLWoCI3one9pXFZ5M
lN5oqTLMfELa5/JRsAHggLbJ8c3jlKsay6wJFDMZt+9aJ5xrCfXyyezI1STVjdvL
TGKC3oCcdFQfipumID1TlVVQdyhO5XMnYVIlolXd+b3aAao+cgTvZO59bzRdxynB
9x0MLNjvv7hgwwmzIOTUycu7/SI5UJDaBRdSIMF8UBRLrjF095PygTofa4HtyZ9h
Z6MtMTgcwmLRlO/UcTB6k42fyFKc8qcPaMBZcWSFqfH6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org