Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/f0dv4fHBYVRTRPIXZdx4qMCbDOM.roa
File:                     f0dv4fHBYVRTRPIXZdx4qMCbDOM.roa (raw, json)
Hash identifier:          zfo5nfkoFtTkAzDwZV5RahAJakmZHvADVF/f7uCbL+w=
Subject key identifier:   7F:47:6F:E1:F1:C1:61:54:53:44:F2:17:65:DC:78:A8:C0:9B:0C:E3
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0189DB766D29A1A00C339D8621DA9D8C6325
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/f0dv4fHBYVRTRPIXZdx4qMCbDOM.roa
Signing time:             Wed 09 Aug 2023 18:01:58 +0000
ROA not before:           Wed 09 Aug 2023 18:01:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51722
IP address blocks:        89.35.155.0/24 maxlen: 24
                          188.212.158.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Aug 2023 11:55:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:db:76:6d:29:a1:a0:0c:33:9d:86:21:da:9d:8c:63:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Aug  9 18:01:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f476fe1f1c161545344f21765dc78a8c09b0ce3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:bf:18:c3:34:9d:a3:01:6f:bb:ba:05:43:75:
                    a8:0d:6b:ff:41:94:a1:d5:ae:af:a3:2b:36:27:1c:
                    63:9d:b9:cb:01:74:d5:a6:4c:34:61:99:fe:69:fa:
                    c0:c4:b6:e0:6e:12:7b:d9:7c:7f:cb:57:70:0c:e2:
                    e7:2d:b2:d1:31:09:68:ea:79:93:c9:e8:80:ae:19:
                    7b:14:37:0f:94:33:6c:3c:54:29:8e:cd:3e:da:01:
                    62:00:0e:24:2c:ab:5e:59:ae:43:c1:42:aa:31:56:
                    52:43:65:89:43:83:4b:00:69:0a:48:a3:0b:fa:2b:
                    e3:03:80:ea:3e:87:9e:89:71:2a:a5:cd:67:05:3b:
                    2b:2b:33:c4:79:97:e3:de:99:9a:0f:91:04:aa:ac:
                    cf:d4:c0:de:de:1f:33:9c:40:30:cf:86:c4:f0:5a:
                    68:9e:e4:0e:37:85:e2:c7:1c:b1:61:c8:47:b7:c5:
                    b2:0f:54:fe:3a:65:c5:f0:f0:07:c3:fd:46:7f:bf:
                    c9:7f:9b:a8:c1:b7:30:85:0b:33:91:fd:ee:96:3f:
                    8e:12:8f:a5:3e:7f:6e:6a:db:2d:88:23:e5:73:3f:
                    9b:dc:15:51:7f:eb:ad:c4:82:c0:db:a6:7b:cb:10:
                    9f:86:22:48:2d:ed:34:0e:8c:0e:60:b8:9b:c3:87:
                    5a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:47:6F:E1:F1:C1:61:54:53:44:F2:17:65:DC:78:A8:C0:9B:0C:E3
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/f0dv4fHBYVRTRPIXZdx4qMCbDOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.35.155.0/24
                  188.212.155.0/24
                  188.212.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:a2:8f:62:34:d7:df:09:9e:f6:4a:2e:c7:2d:ed:61:86:12:
         70:cb:a5:18:dc:3d:a8:ea:c0:a2:9a:c7:fe:8e:e7:21:6f:f2:
         82:0d:60:6a:ed:10:47:00:62:d2:46:8d:8c:72:41:5c:07:88:
         77:d0:5b:4b:09:1e:5d:cf:37:96:38:8f:63:ef:74:e6:3b:72:
         c3:87:59:72:59:6f:78:03:dd:8d:6f:ec:f0:ca:93:d3:23:43:
         40:eb:d2:d1:ab:53:5d:a5:8d:98:1c:36:3b:0c:5f:5d:0c:f9:
         8b:a4:6d:2b:a6:62:31:48:51:c5:68:3f:5d:48:1f:07:b4:6a:
         0b:6f:b5:ad:b4:5e:3f:f8:60:7f:3c:49:f6:c9:1d:8d:f0:9d:
         15:a9:8b:26:ec:8e:8e:eb:72:d1:f8:72:17:fb:f2:18:06:6c:
         78:1c:56:0a:aa:d7:c8:4a:09:2f:6a:22:9d:72:8e:36:fa:5a:
         fe:fd:ae:09:08:07:b8:09:82:23:9f:78:53:ca:63:75:1c:7a:
         0e:b7:76:75:f8:89:3d:2d:ff:05:ca:76:2b:58:56:17:34:bb:
         d5:4e:41:8c:bc:32:b0:24:c0:7c:1a:c6:24:ac:98:22:7d:7e:
         14:97:34:06:cf:7f:c6:2c:f3:8a:8a:52:e1:0f:04:38:11:71:
         84:c1:71:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnbdm0poaAMM52GIdqdjGMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODA5MTgwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ3NmZlMWYxYzE2MTU0NTM0NGYyMTc2NWRjNzhhOGMwOWIwY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4b8YwzSdowFvu7oFQ3WoDWv/QZSh
1a6voys2JxxjnbnLAXTVpkw0YZn+afrAxLbgbhJ72Xx/y1dwDOLnLbLRMQlo6nmT
yeiArhl7FDcPlDNsPFQpjs0+2gFiAA4kLKteWa5DwUKqMVZSQ2WJQ4NLAGkKSKML
+ivjA4DqPoeeiXEqpc1nBTsrKzPEeZfj3pmaD5EEqqzP1MDe3h8znEAwz4bE8Fpo
nuQON4XixxyxYchHt8WyD1T+OmXF8PAHw/1Gf7/Jf5uowbcwhQszkf3ulj+OEo+l
Pn9uatstiCPlcz+b3BVRf+utxILA26Z7yxCfhiJILe00DowOYLibw4dawQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH9Hb+HxwWFUU0TyF2XceKjAmwzjMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZjBkdjRmSEJZVlJUUlBJWFpkeDRxTUNiRE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSObAwQA
vNSbAwQAvNSeMA0GCSqGSIb3DQEBCwUAA4IBAQAYoo9iNNffCZ72Si7HLe1hhhJw
y6UY3D2o6sCimsf+juchb/KCDWBq7RBHAGLSRo2MckFcB4h30FtLCR5dzzeWOI9j
73TmO3LDh1lyWW94A92Nb+zwypPTI0NA69LRq1NdpY2YHDY7DF9dDPmLpG0rpmIx
SFHFaD9dSB8HtGoLb7WttF4/+GB/PEn2yR2N8J0VqYsm7I6O63LR+HIX+/IYBmx4
HFYKqtfISgkvaiKdco42+lr+/a4JCAe4CYIjn3hTymN1HHoOt3Z1+Ik9Lf8FynYr
WFYXNLvVTkGMvDKwJMB8GsYkrJgifX4UlzQGz3/GLPOKilLhDwQ4EXGEwXF4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org