Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/IBH0yBgHui3Fhx3xrZsHDyf6MO8.roa
File:                     IBH0yBgHui3Fhx3xrZsHDyf6MO8.roa (raw, json)
Hash identifier:          IQ+57BGROarq4r539p9REKoGPr8F4QQHyjZar4fOe8k=
Subject key identifier:   20:11:F4:C8:18:07:BA:2D:C5:87:1D:F1:AD:9B:07:0F:27:FA:30:EF
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       01857115527440A12DDAC99B6183BCEF05B1
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/IBH0yBgHui3Fhx3xrZsHDyf6MO8.roa
Signing time:             Mon 02 Jan 2023 06:05:00 +0000
ROA not before:           Mon 02 Jan 2023 06:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61338
IP address blocks:        89.174.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:52:74:40:a1:2d:da:c9:9b:61:83:bc:ef:05:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  2 06:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2011f4c81807ba2dc5871df1ad9b070f27fa30ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2c:c2:44:a5:36:2d:f3:8c:bc:52:9e:fa:50:
                    80:95:23:a8:03:0c:72:d3:2e:f9:97:28:e0:3d:74:
                    f7:da:86:3f:a9:89:a5:db:ff:23:65:02:16:2f:39:
                    9d:3b:18:eb:e0:6e:06:b6:f1:d7:20:15:04:fc:0f:
                    06:a8:ae:33:81:52:ed:07:96:8d:4b:f6:f6:0e:94:
                    74:c2:c1:84:7f:26:b0:b1:01:de:87:f1:30:01:a1:
                    d7:97:0b:ec:8b:ae:9c:76:85:7d:3f:47:eb:64:6c:
                    6d:f3:36:9f:1b:6f:59:6b:e0:98:5d:de:51:8e:49:
                    35:24:48:47:eb:78:47:c3:b0:14:9d:b7:bc:52:fa:
                    e9:87:0b:2c:81:06:f1:3a:c2:c6:80:a5:3e:d6:cc:
                    e8:f9:34:35:18:cd:ec:30:de:6b:82:5c:03:1f:ee:
                    67:47:9d:9b:ee:0f:ff:cf:ba:35:2b:e9:f1:89:1b:
                    f2:49:26:e5:c5:f2:21:41:45:e5:0b:a7:0d:92:42:
                    84:4b:49:80:73:f5:57:aa:8d:9a:ce:55:3b:df:b7:
                    89:fe:85:ef:03:e4:c5:89:37:18:77:d3:f8:00:82:
                    fb:f4:32:0d:aa:d6:11:00:eb:f0:16:de:70:f3:b3:
                    58:1e:a3:5b:a3:b7:88:ae:95:2c:3b:6e:e1:68:ca:
                    d9:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:11:F4:C8:18:07:BA:2D:C5:87:1D:F1:AD:9B:07:0F:27:FA:30:EF
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/IBH0yBgHui3Fhx3xrZsHDyf6MO8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.174.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:26:6b:b8:aa:fc:3b:02:33:b8:a5:59:bb:df:cd:69:81:72:
         33:72:6d:4e:c2:8a:b0:3b:9d:29:d4:5a:7d:ab:d6:de:b8:c5:
         12:e4:ed:c1:1b:bc:71:1e:51:3b:af:96:8d:45:9c:cd:68:74:
         8d:75:38:9c:5a:37:a4:ba:05:47:14:16:ac:b7:65:d7:57:0e:
         36:6e:61:ec:9e:e4:64:7a:30:87:de:51:73:71:f3:7e:09:f2:
         41:90:45:62:66:a6:ba:c0:35:5e:32:ad:61:18:47:76:77:c4:
         c3:ed:7c:09:98:54:fb:ba:96:82:b9:ae:db:53:fc:61:9d:0a:
         79:fa:e2:86:1f:e1:3b:ff:ff:d9:2b:a6:76:e5:64:4c:a9:7e:
         98:a2:ee:99:cd:5f:b4:cc:61:ff:76:e1:4d:ce:6e:fb:d4:cc:
         79:ef:78:45:77:7d:de:9b:b5:ca:a5:62:74:7c:fe:16:c4:0d:
         3b:90:2b:16:d1:90:8b:d1:5e:8d:b0:72:3d:b1:91:77:c8:3f:
         2a:9f:4d:36:0d:e8:ac:d8:bc:75:f8:84:d5:47:a9:5a:26:5a:
         94:4d:dc:cc:b2:8d:51:51:98:75:5d:d3:67:ca:af:87:62:7c:
         36:4d:b1:d2:4d:8c:95:af:4d:4a:66:0f:27:33:eb:55:be:d6:
         a6:f4:35:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVJ0QKEt2smbYYO87wWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDExZjRjODE4MDdiYTJkYzU4NzFkZjFhZDliMDcwZjI3ZmEzMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxizCRKU2LfOMvFKe+lCAlSOoAwxy
0y75lyjgPXT32oY/qYml2/8jZQIWLzmdOxjr4G4GtvHXIBUE/A8GqK4zgVLtB5aN
S/b2DpR0wsGEfyawsQHeh/EwAaHXlwvsi66cdoV9P0frZGxt8zafG29Za+CYXd5R
jkk1JEhH63hHw7AUnbe8UvrphwssgQbxOsLGgKU+1szo+TQ1GM3sMN5rglwDH+5n
R52b7g//z7o1K+nxiRvySSblxfIhQUXlC6cNkkKES0mAc/VXqo2azlU737eJ/oXv
A+TFiTcYd9P4AIL79DINqtYRAOvwFt5w87NYHqNbo7eIrpUsO27haMrZqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAR9MgYB7otxYcd8a2bBw8n+jDvMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvSUJIMHlCZ0h1aTNGaHgzeHJac0hEeWY2TU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWa6jMA0G
CSqGSIb3DQEBCwUAA4IBAQBwJmu4qvw7AjO4pVm7381pgXIzcm1OwoqwO50p1Fp9
q9beuMUS5O3BG7xxHlE7r5aNRZzNaHSNdTicWjekugVHFBast2XXVw42bmHsnuRk
ejCH3lFzcfN+CfJBkEViZqa6wDVeMq1hGEd2d8TD7XwJmFT7upaCua7bU/xhnQp5
+uKGH+E7///ZK6Z25WRMqX6You6ZzV+0zGH/duFNzm771Mx573hFd33em7XKpWJ0
fP4WxA07kCsW0ZCL0V6NsHI9sZF3yD8qn002Deis2Lx1+ITVR6laJlqUTdzMso1R
UZh1XdNnyq+HYnw2TbHSTYyVr01KZg8nM+tVvtam9DW7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org