Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YbeNL4FxEMw3NDN_UHYt3GMQdhM.roa
File:                     YbeNL4FxEMw3NDN_UHYt3GMQdhM.roa (raw, json)
Hash identifier:          1EuUnvUT6SRXPDBENXt5W1laXMbvI1g21516cRCNzpI=
Subject key identifier:   61:B7:8D:2F:81:71:10:CC:37:34:33:7F:50:76:2D:DC:63:10:76:13
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018C0ABF5A11E4FB26BA8E6EDCA64959CCE2
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YbeNL4FxEMw3NDN_UHYt3GMQdhM.roa
Signing time:             Sun 26 Nov 2023 08:29:21 +0000
ROA not before:           Sun 26 Nov 2023 08:29:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        89.42.91.0/24 maxlen: 24
                          89.37.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:0a:bf:5a:11:e4:fb:26:ba:8e:6e:dc:a6:49:59:cc:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Nov 26 08:29:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61b78d2f817110cc3734337f50762ddc63107613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f5:51:8f:34:66:b1:93:90:39:db:2d:20:de:
                    1e:eb:40:88:3c:de:22:7d:4d:da:60:5a:fb:ed:92:
                    f8:9d:2b:c1:6d:c0:97:a7:43:b3:7f:f6:2b:31:6a:
                    63:82:02:32:ae:e7:f3:e5:aa:e2:c1:93:e4:0d:57:
                    78:9c:14:3f:99:67:1b:63:9f:9e:dd:20:9a:95:4e:
                    42:59:fd:10:1b:0e:74:e8:95:1a:5f:44:9d:0a:dc:
                    c8:fa:a2:a6:93:89:47:65:c7:a5:fa:e7:6e:db:7f:
                    be:83:92:8e:07:f5:af:e8:d9:18:bf:ad:71:5b:f2:
                    2b:6b:a3:69:42:51:3f:69:25:8a:d0:37:21:47:f7:
                    79:35:f0:44:55:1e:5d:fc:e5:35:77:47:a9:9e:88:
                    12:63:94:34:84:59:5c:b7:55:99:1d:fb:00:ed:c3:
                    00:9f:6f:b0:66:96:c4:c6:e0:2a:68:ec:ab:be:71:
                    5e:da:cb:fe:6d:05:61:88:37:73:38:9a:08:ae:d4:
                    bb:bc:65:b4:59:b0:5f:4d:2e:6a:5a:44:f3:6a:b6:
                    f9:5a:c0:86:2f:4e:bf:0b:41:71:9b:a9:c2:7f:72:
                    0e:3a:d4:c3:62:c1:77:e0:89:f1:b0:b2:97:39:f0:
                    46:77:b3:6c:18:04:2e:6a:1c:ac:99:44:86:fc:e8:
                    f0:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:B7:8D:2F:81:71:10:CC:37:34:33:7F:50:76:2D:DC:63:10:76:13
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YbeNL4FxEMw3NDN_UHYt3GMQdhM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.37.119.0/24
                  89.42.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:71:94:28:25:49:a2:89:68:ab:02:9a:2d:e6:5b:d3:db:c4:
         fb:85:bc:17:77:b4:ef:41:bb:54:5b:fa:a0:ea:f5:37:7a:26:
         17:77:01:49:42:36:80:88:3a:bd:3e:b6:29:4f:02:c3:10:d0:
         e3:96:14:95:21:b8:08:92:51:a7:10:64:c1:26:55:ba:2b:14:
         32:b9:42:a6:4b:5b:8e:f6:8a:de:18:96:62:9a:6d:df:c1:32:
         a0:1f:a8:80:c7:93:70:74:d6:c0:5f:b5:75:88:bc:e7:e2:a2:
         c9:77:69:33:1c:e0:04:0d:a1:a0:1f:49:cd:54:97:a4:4a:a7:
         e4:f4:70:de:ba:a5:89:f1:04:9f:f5:34:c3:c2:66:16:65:79:
         00:27:6b:48:32:4d:a3:3e:80:52:47:56:b9:52:64:58:a3:66:
         30:f4:15:86:b3:07:80:c4:3d:6d:11:6b:48:b2:5a:52:6b:b9:
         ef:df:e6:29:43:cf:bc:1e:f9:17:c2:e9:f2:c2:e3:00:a3:dd:
         7c:24:ce:38:b0:81:fc:03:61:74:c3:71:ad:2c:9d:53:28:cb:
         9f:14:f8:ad:d2:e6:ed:c5:bd:45:1c:ac:9f:31:74:2b:6c:99:
         fe:f9:e4:70:aa:e3:b7:97:5b:fa:c0:49:e8:05:52:ee:6c:89:
         f2:cf:61:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwKv1oR5Psmuo5u3KZJWcziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI2MDgyOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI3OGQyZjgxNzExMGNjMzczNDMzN2Y1MDc2MmRkYzYzMTA3NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfVRjzRmsZOQOdstIN4e60CIPN4i
fU3aYFr77ZL4nSvBbcCXp0Ozf/YrMWpjggIyrufz5ariwZPkDVd4nBQ/mWcbY5+e
3SCalU5CWf0QGw506JUaX0SdCtzI+qKmk4lHZcel+udu23++g5KOB/Wv6NkYv61x
W/Ira6NpQlE/aSWK0DchR/d5NfBEVR5d/OU1d0epnogSY5Q0hFlct1WZHfsA7cMA
n2+wZpbExuAqaOyrvnFe2sv+bQVhiDdzOJoIrtS7vGW0WbBfTS5qWkTzarb5WsCG
L06/C0Fxm6nCf3IOOtTDYsF34InxsLKXOfBGd7NsGAQuahysmUSG/OjwUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGG3jS+BcRDMNzQzf1B2LdxjEHYTMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWWJlTkw0RnhFTXczTkROX1VIWXQzR01RZGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSV3AwQA
WSpbMA0GCSqGSIb3DQEBCwUAA4IBAQAUcZQoJUmiiWirApot5lvT28T7hbwXd7Tv
QbtUW/qg6vU3eiYXdwFJQjaAiDq9PrYpTwLDENDjlhSVIbgIklGnEGTBJlW6KxQy
uUKmS1uO9oreGJZimm3fwTKgH6iAx5NwdNbAX7V1iLzn4qLJd2kzHOAEDaGgH0nN
VJekSqfk9HDeuqWJ8QSf9TTDwmYWZXkAJ2tIMk2jPoBSR1a5UmRYo2Yw9BWGsweA
xD1tEWtIslpSa7nv3+YpQ8+8HvkXwunywuMAo918JM44sIH8A2F0w3GtLJ1TKMuf
FPit0ubtxb1FHKyfMXQrbJn++eRwquO3l1v6wEnoBVLubInyz2H2
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:12 2024 by rpki-client on console-ams.rpki-client.org