Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H6Y94_gq6mAhTKw0e0zkuwTAprE.roa
File:                     H6Y94_gq6mAhTKw0e0zkuwTAprE.roa (raw, json)
Hash identifier:          qa8GDOUDKWktSXIvpmvYhTd80lO9WGHgkpci8ZBj+sg=
Subject key identifier:   1F:A6:3D:E3:F8:2A:EA:60:21:4C:AC:34:7B:4C:E4:BB:04:C0:A6:B1
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0189086275603330544C6EA6CFC99C902550
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H6Y94_gq6mAhTKw0e0zkuwTAprE.roa
Signing time:             Thu 29 Jun 2023 18:20:17 +0000
ROA not before:           Thu 29 Jun 2023 18:20:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199654
IP address blocks:        89.33.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:08:62:75:60:33:30:54:4c:6e:a6:cf:c9:9c:90:25:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun 29 18:20:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1fa63de3f82aea60214cac347b4ce4bb04c0a6b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fb:1e:7f:75:ec:ca:bf:a1:94:a2:23:2d:e0:
                    d4:f1:87:5b:6c:49:9e:aa:e5:be:f8:f4:e1:a5:8a:
                    ad:ee:fb:e7:b7:5d:b3:8d:e2:05:8e:09:1c:af:60:
                    4b:98:f1:12:eb:40:9c:56:26:ce:a0:4c:89:1d:b7:
                    aa:b1:4c:7e:65:3e:19:50:94:e6:e2:5c:8a:f6:28:
                    29:54:6e:b4:7c:8c:56:dd:a2:7b:89:94:cc:62:5f:
                    2a:58:4a:b1:98:ed:66:59:bd:6a:4d:7e:e3:d5:80:
                    8a:6e:bb:e1:54:2f:fb:ea:70:01:5c:42:d5:b2:b5:
                    88:f1:b6:f1:e4:30:c6:bd:7c:57:f2:14:55:68:4b:
                    9e:f1:28:94:07:3a:f3:ff:1e:14:21:b0:9b:18:c5:
                    74:fe:db:80:dd:85:2d:2f:7e:e3:ae:16:e4:b8:a8:
                    19:4c:d8:08:04:27:b8:a9:03:f3:3f:19:a3:16:59:
                    55:85:da:48:14:f4:9a:f4:29:d5:b7:fd:38:08:55:
                    e9:d2:d7:21:42:33:8d:39:d4:4f:a1:30:63:fd:7d:
                    80:ec:dd:76:ca:c0:ac:a5:09:7e:94:f3:19:e7:fb:
                    db:46:99:44:2e:8c:69:63:3f:5d:41:0c:84:db:31:
                    e0:b9:01:e8:3e:61:56:ae:74:8c:c8:3e:55:86:f9:
                    c9:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:A6:3D:E3:F8:2A:EA:60:21:4C:AC:34:7B:4C:E4:BB:04:C0:A6:B1
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H6Y94_gq6mAhTKw0e0zkuwTAprE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:7a:1f:23:0c:16:31:4a:9d:d9:98:91:df:e8:1e:f7:c1:17:
         3c:9b:95:77:92:9b:2f:a3:98:e4:c8:0b:be:f1:7b:25:43:3d:
         c3:b1:ea:76:cb:a3:9d:47:96:2b:59:8d:c2:73:05:e5:35:b7:
         eb:51:9b:da:90:7c:70:30:a7:ac:37:8d:51:c1:69:5f:94:a5:
         be:04:05:de:11:f4:26:11:bb:b7:1a:72:61:fb:ab:d4:eb:ca:
         f7:db:fc:09:12:a2:66:93:94:ec:d9:bb:a8:f7:86:43:bf:8d:
         ec:e5:1d:3b:f5:6e:82:76:74:05:00:52:20:a8:5e:e2:3e:bd:
         36:30:e9:08:fd:41:20:53:a1:02:2e:80:fe:f7:04:60:79:1f:
         dc:5b:e4:c7:89:7b:3c:ca:65:16:ba:1e:c3:c4:8a:2e:cd:db:
         80:3d:ab:88:e1:fe:f5:ab:b6:37:7c:52:b9:f7:ba:a3:bc:54:
         83:14:cd:30:96:b5:35:1e:32:d4:50:d2:a0:cc:d7:5e:5a:ad:
         de:32:7c:d8:8b:29:0b:ec:81:9e:57:f4:57:d7:45:84:51:27:
         c9:ff:a2:8b:df:a8:c1:34:53:60:11:66:e8:5f:d7:c3:fa:26:
         0b:06:87:a5:dc:cd:7f:ab:23:0d:16:3c:5c:36:60:9d:c3:23:
         46:ec:37:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkIYnVgMzBUTG6mz8mckCVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjI5MTgyMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmE2M2RlM2Y4MmFlYTYwMjE0Y2FjMzQ3YjRjZTRiYjA0YzBhNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvsef3Xsyr+hlKIjLeDU8YdbbEme
quW++PThpYqt7vvnt12zjeIFjgkcr2BLmPES60CcVibOoEyJHbeqsUx+ZT4ZUJTm
4lyK9igpVG60fIxW3aJ7iZTMYl8qWEqxmO1mWb1qTX7j1YCKbrvhVC/76nABXELV
srWI8bbx5DDGvXxX8hRVaEue8SiUBzrz/x4UIbCbGMV0/tuA3YUtL37jrhbkuKgZ
TNgIBCe4qQPzPxmjFllVhdpIFPSa9CnVt/04CFXp0tchQjONOdRPoTBj/X2A7N12
ysCspQl+lPMZ5/vbRplELoxpYz9dQQyE2zHguQHoPmFWrnSMyD5VhvnJ8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+mPeP4KupgIUysNHtM5LsEwKaxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSDZZOTRfZ3E2bUFoVEt3MGUwemt1d1RBcHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSFVMA0G
CSqGSIb3DQEBCwUAA4IBAQB1eh8jDBYxSp3ZmJHf6B73wRc8m5V3kpsvo5jkyAu+
8XslQz3Dsep2y6OdR5YrWY3CcwXlNbfrUZvakHxwMKesN41RwWlflKW+BAXeEfQm
Ebu3GnJh+6vU68r32/wJEqJmk5Ts2buo94ZDv43s5R079W6CdnQFAFIgqF7iPr02
MOkI/UEgU6ECLoD+9wRgeR/cW+THiXs8ymUWuh7DxIouzduAPauI4f71q7Y3fFK5
97qjvFSDFM0wlrU1HjLUUNKgzNdeWq3eMnzYiykL7IGeV/RX10WEUSfJ/6KL36jB
NFNgEWboX9fD+iYLBoel3M1/qyMNFjxcNmCdwyNG7Ddq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org