Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/iKBkiowGCNMZ1MR4DNr1vzmC_Yk.roa
File:                     iKBkiowGCNMZ1MR4DNr1vzmC_Yk.roa (raw, json)
Hash identifier:          x7wQa1ayCrTkLJGR2RhcL+Xq+TnXjaa+tjPy+5Pu6+w=
Subject key identifier:   88:A0:64:8A:8C:06:08:D3:19:D4:C4:78:0C:DA:F5:BF:39:82:FD:89
Certificate issuer:       /CN=13440366007eb56f10e9f99e95204d330508b9b0
Certificate serial:       0185710BE4138D7FAA37AFEB53FDDC4A666D
Authority key identifier: 13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/iKBkiowGCNMZ1MR4DNr1vzmC_Yk.roa
Signing time:             Mon 02 Jan 2023 05:54:42 +0000
ROA not before:           Mon 02 Jan 2023 05:54:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4755
IP address blocks:        89.31.192.0/24 maxlen: 24
                          89.31.192.0/21 maxlen: 21
                          89.31.193.0/24 maxlen: 24
                          89.31.194.0/24 maxlen: 24
                          89.31.195.0/24 maxlen: 24
                          89.31.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0b:e4:13:8d:7f:aa:37:af:eb:53:fd:dc:4a:66:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13440366007eb56f10e9f99e95204d330508b9b0
        Validity
            Not Before: Jan  2 05:54:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88a0648a8c0608d319d4c4780cdaf5bf3982fd89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:e1:c8:8f:14:15:20:8c:e2:bd:3f:dd:8c:39:
                    49:fb:52:53:32:bd:c1:47:b3:19:c6:b6:1f:7d:b5:
                    de:cb:78:56:14:0a:84:88:a0:3e:c6:1b:1d:cd:bc:
                    d3:a5:f2:75:cd:a0:a0:7f:14:43:fe:5f:65:c0:68:
                    ac:58:75:a0:f9:f4:fd:8f:8a:50:da:84:65:a2:79:
                    4b:3b:c9:e3:49:7a:d0:b2:8a:db:96:3a:08:16:16:
                    f5:48:fe:19:b8:a5:a9:2a:0d:12:87:bc:80:a3:b1:
                    2a:76:db:48:d3:a1:64:da:40:8c:af:34:8a:6c:3e:
                    9f:8c:92:6a:7b:5f:aa:99:30:a7:db:22:8e:65:84:
                    94:8d:4e:29:4b:49:d1:ac:10:1c:8a:a9:30:5c:69:
                    9b:78:2f:f3:7c:be:25:dc:e1:0c:6d:04:d4:ca:3c:
                    c9:69:cc:76:bf:cc:14:2f:53:1f:23:20:a3:bd:0d:
                    83:c5:d6:cc:39:23:24:fc:ff:d1:5f:96:60:b1:b9:
                    3c:8b:ce:1e:f6:45:39:2e:1c:62:88:2d:36:40:f8:
                    a2:de:7d:57:a5:be:7d:f1:3c:d8:99:a3:fa:5e:5f:
                    93:51:6b:40:74:11:9f:d6:f5:fe:91:15:9b:72:b2:
                    f8:7a:4c:64:8d:ff:f5:06:d4:e2:d8:f5:89:26:ca:
                    b8:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:A0:64:8A:8C:06:08:D3:19:D4:C4:78:0C:DA:F5:BF:39:82:FD:89
            X509v3 Authority Key Identifier:
                keyid:13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/iKBkiowGCNMZ1MR4DNr1vzmC_Yk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.31.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9f:5c:59:89:69:74:8a:21:ca:48:12:93:68:dd:d1:31:67:10:
         7e:5c:01:00:4d:7b:43:fa:3b:05:9d:5e:1b:2e:05:80:2a:fb:
         bb:50:3d:c4:e9:9f:4b:c7:b9:89:13:c2:97:c7:5d:e4:b7:7b:
         d1:b1:33:c6:63:9d:09:67:24:43:18:a0:14:2e:49:8b:2d:fc:
         7c:fb:b3:fc:ca:38:2a:e2:f6:c4:d4:1d:24:e4:b0:66:ce:41:
         48:83:e7:4c:cb:50:31:76:7b:4c:45:53:71:fc:a8:16:c8:7c:
         96:dc:b8:a4:1c:15:75:fd:3f:17:0d:c4:48:e0:4f:1f:80:74:
         c6:23:7b:d4:98:24:a4:47:19:fd:d5:a5:49:fb:6f:97:a7:29:
         d3:86:91:1b:7a:4f:39:ad:12:ac:6c:fe:75:d1:88:c8:97:8e:
         ef:82:ac:25:fd:62:4e:b0:97:56:ca:2c:d9:1f:14:97:d3:1d:
         55:6c:20:54:0d:8e:95:1e:3d:46:f6:8e:8d:c9:ed:cb:a4:0c:
         29:4a:d8:54:c1:99:62:5e:86:99:c4:2b:49:56:b3:85:34:54:
         24:40:11:a8:35:15:a1:6d:6b:84:9c:29:a5:1d:fc:ba:b5:d7:
         73:ec:cf:95:f1:1a:0d:db:0f:65:32:aa:19:ad:9b:c6:a2:40:
         dd:ca:be:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxC+QTjX+qN6/rU/3cSmZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNDQwMzY2MDA3ZWI1NmYxMGU5Zjk5ZTk1MjA0ZDMzMDUw
OGI5YjAwHhcNMjMwMTAyMDU1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGEwNjQ4YThjMDYwOGQzMTlkNGM0NzgwY2RhZjViZjM5ODJmZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+HIjxQVIIzivT/djDlJ+1JTMr3B
R7MZxrYffbXey3hWFAqEiKA+xhsdzbzTpfJ1zaCgfxRD/l9lwGisWHWg+fT9j4pQ
2oRlonlLO8njSXrQsorbljoIFhb1SP4ZuKWpKg0Sh7yAo7EqdttI06Fk2kCMrzSK
bD6fjJJqe1+qmTCn2yKOZYSUjU4pS0nRrBAciqkwXGmbeC/zfL4l3OEMbQTUyjzJ
acx2v8wUL1MfIyCjvQ2DxdbMOSMk/P/RX5Zgsbk8i84e9kU5LhxiiC02QPii3n1X
pb598TzYmaP6Xl+TUWtAdBGf1vX+kRWbcrL4ekxkjf/1BtTi2PWJJsq4GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIigZIqMBgjTGdTEeAza9b85gv2JMB8GA1UdIwQY
MBaAFBNEA2YAfrVvEOn5npUgTTMFCLmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYt
NDRjMWE0ZWI5NjljLzEvaUtCa2lvd0dDTk1aMU1SNEROcjF2em1DX1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYtNDRjMWE0ZWI5Njlj
LzEvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWR/AMA0G
CSqGSIb3DQEBCwUAA4IBAQCfXFmJaXSKIcpIEpNo3dExZxB+XAEATXtD+jsFnV4b
LgWAKvu7UD3E6Z9Lx7mJE8KXx13kt3vRsTPGY50JZyRDGKAULkmLLfx8+7P8yjgq
4vbE1B0k5LBmzkFIg+dMy1AxdntMRVNx/KgWyHyW3LikHBV1/T8XDcRI4E8fgHTG
I3vUmCSkRxn91aVJ+2+XpynThpEbek85rRKsbP510YjIl47vgqwl/WJOsJdWyizZ
HxSX0x1VbCBUDY6VHj1G9o6Nye3LpAwpSthUwZliXoaZxCtJVrOFNFQkQBGoNRWh
bWuEnCmlHfy6tddz7M+V8RoN2w9lMqoZrZvGokDdyr7a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:26 2024 by rpki-client on console-fra.rpki-client.org