Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rYOrEkXaUyYBiB0CiNxDuiTv67M.roa
File:                     rYOrEkXaUyYBiB0CiNxDuiTv67M.roa (raw, json)
Hash identifier:          dyPBFV4ISu3UizhJFyejJ2wVX+WJjFZ54PhGtO18oog=
Subject key identifier:   AD:83:AB:12:45:DA:53:26:01:88:1D:02:88:DC:43:BA:24:EF:EB:B3
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018CB103B255741530076CDA9DCBD978A6E8
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rYOrEkXaUyYBiB0CiNxDuiTv67M.roa
Signing time:             Thu 28 Dec 2023 15:20:58 +0000
ROA not before:           Thu 28 Dec 2023 15:20:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396998
IP address blocks:        89.47.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b1:03:b2:55:74:15:30:07:6c:da:9d:cb:d9:78:a6:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Dec 28 15:20:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad83ab1245da532601881d0288dc43ba24efebb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:1b:7b:b1:0a:d3:5c:f6:e4:1e:5a:49:8c:d6:
                    3d:77:f7:ce:e5:7a:b9:77:46:0f:64:43:55:9e:40:
                    0f:06:41:f4:bb:b2:3a:1f:53:7b:a8:3d:6a:0e:66:
                    69:94:0b:de:2e:d4:b9:1c:81:dc:8a:54:1d:11:ba:
                    43:b1:0a:86:44:6f:64:18:e7:1b:3f:f7:e0:91:db:
                    0f:fc:d5:10:04:44:ca:31:8e:d8:8f:b5:94:f5:8f:
                    e4:8e:66:f6:3b:8d:11:cd:dc:63:c2:4d:7b:cf:3c:
                    65:1d:88:7a:36:3f:e6:96:e0:47:98:6f:c6:57:4d:
                    1e:58:71:5c:2e:52:7d:6d:62:1c:65:39:e3:76:6f:
                    87:f7:da:28:36:4d:a5:a4:b1:51:e2:d4:00:41:2c:
                    28:b9:12:e2:a4:9e:46:8f:fc:93:a9:63:44:5d:f0:
                    53:b6:02:24:1d:72:99:c4:0a:81:bf:03:b7:60:bb:
                    57:bc:a4:f5:86:81:72:71:a4:c2:ef:08:e1:60:9d:
                    1b:76:cf:d1:79:c7:81:7b:fe:4d:c1:5a:4c:8c:7c:
                    7e:67:44:e3:36:d8:d1:2b:9f:39:e0:f5:76:47:78:
                    32:63:2e:3d:0c:95:79:00:0d:76:ae:1d:d5:c6:51:
                    66:18:0b:ab:28:92:8d:4a:b1:9d:3c:35:f4:9d:69:
                    b5:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:83:AB:12:45:DA:53:26:01:88:1D:02:88:DC:43:BA:24:EF:EB:B3
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rYOrEkXaUyYBiB0CiNxDuiTv67M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.47.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:77:0d:18:d6:15:61:40:2d:3b:4f:8d:3a:e8:83:20:fc:d2:
         13:87:99:9f:46:01:ab:ec:04:2a:bb:62:fc:c9:aa:75:fe:e6:
         f8:5b:2c:08:c6:16:67:df:82:e3:c8:c5:26:66:32:e5:09:3b:
         a2:c8:51:96:c2:8a:e3:f0:32:c1:c2:ca:b9:99:d8:e9:77:b2:
         83:32:fc:74:e5:5b:da:a7:df:f6:34:48:8d:d6:1d:97:84:45:
         9f:ba:b9:e7:41:01:a1:8a:e0:ae:89:7c:99:83:3b:07:74:35:
         e0:7d:a1:e1:9b:1b:0d:84:42:9b:4c:4a:73:2f:13:2f:b2:e3:
         0c:03:e6:3d:16:e8:28:69:f2:97:3d:4d:60:07:35:10:5e:ef:
         7c:b2:5e:d2:25:4c:b1:7e:e9:3f:b6:e6:fc:4e:90:a9:2d:c4:
         31:47:d9:fc:04:c4:6a:73:d7:0d:97:cd:6d:4f:ae:98:f4:21:
         8e:84:08:b4:a2:66:6a:d6:48:9e:d1:70:84:61:97:1a:cd:fa:
         32:16:09:f8:e4:dc:09:76:37:4b:33:dd:2e:c0:d1:a2:a9:fd:
         04:89:15:39:d4:ea:75:9f:0d:04:d9:a7:cc:40:ba:a2:4f:33:
         72:46:0e:a1:43:a4:bd:ed:2d:fb:91:97:99:b4:c4:c2:6e:f8:
         a7:8a:e1:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyxA7JVdBUwB2zancvZeKboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMjI4MTUyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDgzYWIxMjQ1ZGE1MzI2MDE4ODFkMDI4OGRjNDNiYTI0ZWZlYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xt7sQrTXPbkHlpJjNY9d/fO5Xq5
d0YPZENVnkAPBkH0u7I6H1N7qD1qDmZplAveLtS5HIHcilQdEbpDsQqGRG9kGOcb
P/fgkdsP/NUQBETKMY7Yj7WU9Y/kjmb2O40Rzdxjwk17zzxlHYh6Nj/mluBHmG/G
V00eWHFcLlJ9bWIcZTnjdm+H99ooNk2lpLFR4tQAQSwouRLipJ5Gj/yTqWNEXfBT
tgIkHXKZxAqBvwO3YLtXvKT1hoFycaTC7wjhYJ0bds/ReceBe/5NwVpMjHx+Z0Tj
NtjRK5854PV2R3gyYy49DJV5AA12rh3VxlFmGAurKJKNSrGdPDX0nWm1vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2DqxJF2lMmAYgdAojcQ7ok7+uzMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcllPckVrWGFVeVlCaUIwQ2lOeER1aVR2NjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS9+MA0G
CSqGSIb3DQEBCwUAA4IBAQBldw0Y1hVhQC07T4066IMg/NITh5mfRgGr7AQqu2L8
yap1/ub4WywIxhZn34LjyMUmZjLlCTuiyFGWworj8DLBwsq5mdjpd7KDMvx05Vva
p9/2NEiN1h2XhEWfurnnQQGhiuCuiXyZgzsHdDXgfaHhmxsNhEKbTEpzLxMvsuMM
A+Y9FugoafKXPU1gBzUQXu98sl7SJUyxfuk/tub8TpCpLcQxR9n8BMRqc9cNl81t
T66Y9CGOhAi0omZq1kie0XCEYZcazfoyFgn45NwJdjdLM90uwNGiqf0EiRU51Op1
nw0E2afMQLqiTzNyRg6hQ6S97S37kZeZtMTCbviniuF8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org