Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XOd7p87fzT2gsr8fZ-0u2ZElAAU.roa
File:                     XOd7p87fzT2gsr8fZ-0u2ZElAAU.roa (raw, json)
Hash identifier:          K2gBSUAwWky+JyiIWvTYKdSq9IK20NCilounVyHHUIc=
Subject key identifier:   5C:E7:7B:A7:CE:DF:CD:3D:A0:B2:BF:1F:67:ED:2E:D9:91:25:00:05
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018CC26D31720D4AAA059AC6AC569A9457E8
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XOd7p87fzT2gsr8fZ-0u2ZElAAU.roa
Signing time:             Mon 01 Jan 2024 00:29:45 +0000
ROA not before:           Mon 01 Jan 2024 00:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     396998
IP address blocks:        89.47.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 06:06:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:31:72:0d:4a:aa:05:9a:c6:ac:56:9a:94:57:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Jan  1 00:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ce77ba7cedfcd3da0b2bf1f67ed2ed991250005
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:31:26:9f:03:d1:b6:f1:fb:cd:87:f8:87:2f:
                    9a:62:e8:36:8a:be:92:a2:2f:65:40:84:b2:95:35:
                    bd:00:1d:e3:40:9b:7a:48:e7:42:78:7f:71:3b:58:
                    30:ee:c3:bd:31:2d:b1:7d:df:92:36:f9:21:0b:2f:
                    d6:23:77:53:9e:5c:f5:29:92:ca:30:f2:43:59:d2:
                    07:f8:ef:c5:04:74:9a:6e:8c:ce:ea:d5:a9:08:e6:
                    5a:a8:7f:28:00:5f:dd:48:25:aa:5b:45:9b:ee:8a:
                    47:57:9f:59:9e:20:a1:91:36:da:da:3f:03:90:4a:
                    fa:01:d6:8a:4e:91:16:a8:58:fd:df:54:0b:f8:61:
                    79:1e:06:80:a2:ce:bc:ee:05:12:22:d9:7e:7a:be:
                    ea:87:ec:cb:a5:3e:5e:9e:bc:64:57:91:ff:92:00:
                    9d:c3:bf:c4:03:d4:c1:a1:fb:a6:6c:58:47:85:5b:
                    8f:c5:89:7a:17:3e:12:b0:f7:7a:70:39:bd:0e:6d:
                    8b:e6:4c:e1:25:51:bd:67:ed:fc:2b:6f:08:d0:b0:
                    d6:8a:a3:67:c1:bb:62:17:b2:57:87:07:ee:f4:dd:
                    31:d9:95:45:89:53:75:dc:84:4e:e6:a8:53:0c:0d:
                    f9:f2:59:75:a8:de:da:79:db:86:ef:96:10:34:3a:
                    14:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:E7:7B:A7:CE:DF:CD:3D:A0:B2:BF:1F:67:ED:2E:D9:91:25:00:05
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XOd7p87fzT2gsr8fZ-0u2ZElAAU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.47.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:9a:ad:1e:9c:82:e9:0f:2f:ba:49:55:bd:af:3c:44:18:9a:
         d9:98:1c:c7:bb:b0:aa:20:7a:2c:98:33:a9:fc:14:62:0c:7e:
         0f:89:76:51:d3:c4:ea:d4:77:3b:87:e0:d1:a4:da:21:9d:7a:
         1e:83:4f:6d:94:85:c5:0e:c1:e5:d0:b5:a2:ae:9f:66:6f:6f:
         2e:f3:1b:5c:dc:60:fb:c6:b1:74:55:f4:4e:32:85:28:c9:ed:
         21:3b:87:6c:68:3d:f8:3b:cf:8d:2a:a5:3b:d7:c1:9a:78:9a:
         ce:11:89:03:f7:1e:84:06:a6:4f:0c:78:af:4d:7c:01:02:ca:
         7b:57:f7:cb:ad:1e:2c:ca:cc:2e:08:a7:94:3d:71:23:7f:2a:
         46:84:3a:f1:b2:cc:30:08:e9:35:01:23:a6:dc:e1:a7:2b:fd:
         79:60:a5:cf:10:bf:7c:27:0c:fd:24:e4:4f:9e:6f:2b:0b:17:
         19:09:de:d4:2f:1a:ce:dd:cd:ce:bf:96:42:91:20:dc:dd:bc:
         61:43:bc:f0:f7:54:b1:6e:a9:36:b1:5b:c0:4e:d2:53:4d:69:
         51:22:f3:29:d3:21:a6:24:a3:f4:8a:2a:a4:86:0a:ac:20:30:
         5f:c2:30:1a:3e:f4:59:a7:67:45:04:db:9e:1b:0e:2b:a3:16:
         7c:b2:56:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbTFyDUqqBZrGrFaalFfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U3N2JhN2NlZGZjZDNkYTBiMmJmMWY2N2VkMmVkOTkxMjUwMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDEmnwPRtvH7zYf4hy+aYug2ir6S
oi9lQISylTW9AB3jQJt6SOdCeH9xO1gw7sO9MS2xfd+SNvkhCy/WI3dTnlz1KZLK
MPJDWdIH+O/FBHSabozO6tWpCOZaqH8oAF/dSCWqW0Wb7opHV59ZniChkTba2j8D
kEr6AdaKTpEWqFj931QL+GF5HgaAos687gUSItl+er7qh+zLpT5enrxkV5H/kgCd
w7/EA9TBofumbFhHhVuPxYl6Fz4SsPd6cDm9Dm2L5kzhJVG9Z+38K28I0LDWiqNn
wbtiF7JXhwfu9N0x2ZVFiVN13IRO5qhTDA358ll1qN7aeduG75YQNDoU/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzne6fO3809oLK/H2ftLtmRJQAFMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWE9kN3A4N2Z6VDJnc3I4ZlotMHUyWkVsQUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS9+MA0G
CSqGSIb3DQEBCwUAA4IBAQAEmq0enILpDy+6SVW9rzxEGJrZmBzHu7CqIHosmDOp
/BRiDH4PiXZR08Tq1Hc7h+DRpNohnXoeg09tlIXFDsHl0LWirp9mb28u8xtc3GD7
xrF0VfROMoUoye0hO4dsaD34O8+NKqU718GaeJrOEYkD9x6EBqZPDHivTXwBAsp7
V/fLrR4syswuCKeUPXEjfypGhDrxsswwCOk1ASOm3OGnK/15YKXPEL98Jwz9JORP
nm8rCxcZCd7ULxrO3c3Ov5ZCkSDc3bxhQ7zw91Sxbqk2sVvATtJTTWlRIvMp0yGm
JKP0iiqkhgqsIDBfwjAaPvRZp2dFBNueGw4roxZ8slag
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org