Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/aRwya75XZ5axLXlpl140znNUBpI.roa
File:                     aRwya75XZ5axLXlpl140znNUBpI.roa (raw, json)
Hash identifier:          XwCNXkrhk3VaP8PgcfA5OKGcRPD4nN8+6Dx4GNUGjwU=
Subject key identifier:   69:1C:32:6B:BE:57:67:96:B1:2D:79:69:97:5E:34:CE:73:54:06:92
Certificate issuer:       /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial:       01856BEEC40530A2F7BCE3A48D292E3C44DB
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/aRwya75XZ5axLXlpl140znNUBpI.roa
Signing time:             Sun 01 Jan 2023 06:04:47 +0000
ROA not before:           Sun 01 Jan 2023 06:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211590
IP address blocks:        89.104.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:c4:05:30:a2:f7:bc:e3:a4:8d:29:2e:3c:44:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
        Validity
            Not Before: Jan  1 06:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=691c326bbe576796b12d7969975e34ce73540692
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:06:be:82:11:cf:78:d9:ae:df:09:e3:c6:6e:
                    6a:40:d6:3d:a8:4c:79:28:7f:3e:45:94:6d:7e:ca:
                    10:78:8c:bf:68:ac:bd:eb:8a:b1:ff:f3:28:59:ed:
                    cd:fe:22:22:34:65:98:44:1e:0e:42:6b:39:44:8b:
                    27:fa:22:1f:b5:54:ad:f5:23:d0:c8:1c:0b:c0:2e:
                    fb:ec:dd:72:83:a3:09:bb:d8:31:84:03:28:20:e8:
                    78:f4:45:2b:e9:e8:77:d7:26:e8:91:d5:ee:06:1b:
                    73:3d:8e:ce:fb:0c:25:85:75:8a:78:9f:86:b8:be:
                    f4:c8:49:52:96:55:58:7e:a1:b5:24:26:d7:74:ab:
                    a3:3d:55:17:c2:dc:f5:15:01:e5:ff:96:81:f1:49:
                    8a:41:64:c0:aa:51:21:00:9f:64:ea:69:97:b0:74:
                    66:5a:62:cc:e2:0d:e4:28:2a:40:fe:30:69:7c:4b:
                    a8:3c:be:a5:31:3f:2b:6f:fc:87:bb:a2:57:c5:5c:
                    fd:13:36:43:09:62:b4:7c:fb:fe:44:07:29:66:8c:
                    49:bf:a3:ef:af:5b:ed:52:88:09:2a:3a:0a:58:94:
                    a7:f5:bb:69:45:12:30:40:98:cd:1a:13:5a:e3:34:
                    81:af:2b:ce:b2:e7:6d:08:59:4f:36:96:b6:76:fd:
                    f7:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:1C:32:6B:BE:57:67:96:B1:2D:79:69:97:5E:34:CE:73:54:06:92
            X509v3 Authority Key Identifier:
                keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/aRwya75XZ5axLXlpl140znNUBpI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.104.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:a0:f9:43:96:d6:e7:6f:96:03:6c:7f:19:35:21:3b:1e:99:
         d5:1e:1e:24:f9:4e:04:62:96:0a:cd:f3:65:a3:06:fd:c5:ba:
         62:8a:d4:a6:d3:42:6c:a6:d1:a5:8a:9f:9a:b4:e7:84:b4:3b:
         61:1b:68:96:e9:93:57:2e:ce:d6:bf:de:3d:8e:f0:a1:11:98:
         e6:04:bf:3f:4e:fe:62:5c:45:2a:c1:1c:12:26:d1:c3:90:a9:
         e4:c4:d3:bf:89:f8:58:23:96:f4:78:66:b9:90:bf:4f:63:e7:
         50:7c:03:54:d4:52:fa:5c:f7:28:09:4b:07:53:6c:21:90:bf:
         bf:04:0c:c1:ef:8f:4f:17:0d:b6:09:0d:90:e6:ab:ad:26:fb:
         54:e2:21:81:d9:b5:0e:0d:7b:c0:8f:8d:cf:c2:30:98:9f:0f:
         ed:26:c2:7a:c4:8e:a7:18:e2:e7:84:d1:ed:06:6d:a4:9f:02:
         cb:4e:42:f6:40:4d:e6:9c:bc:aa:8e:6c:1f:5b:1e:14:97:ca:
         e4:35:15:e9:ba:f2:69:c9:fe:b8:79:c7:b9:6c:38:65:7b:26:
         33:1f:fb:d1:7f:45:ed:0d:73:5d:b2:17:9b:c4:05:b9:6e:8f:
         2d:25:11:cb:eb:98:a8:2f:c9:36:01:0d:1e:a3:b2:75:ba:04:
         97:dd:7f:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sQFMKL3vOOkjSkuPETbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFjMzI2YmJlNTc2Nzk2YjEyZDc5Njk5NzVlMzRjZTczNTQwNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQa+ghHPeNmu3wnjxm5qQNY9qEx5
KH8+RZRtfsoQeIy/aKy964qx//MoWe3N/iIiNGWYRB4OQms5RIsn+iIftVSt9SPQ
yBwLwC777N1yg6MJu9gxhAMoIOh49EUr6eh31ybokdXuBhtzPY7O+wwlhXWKeJ+G
uL70yElSllVYfqG1JCbXdKujPVUXwtz1FQHl/5aB8UmKQWTAqlEhAJ9k6mmXsHRm
WmLM4g3kKCpA/jBpfEuoPL6lMT8rb/yHu6JXxVz9EzZDCWK0fPv+RAcpZoxJv6Pv
r1vtUogJKjoKWJSn9btpRRIwQJjNGhNa4zSBryvOsudtCFlPNpa2dv33gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkcMmu+V2eWsS15aZdeNM5zVAaSMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvYVJ3eWE3NVhaNWF4TFhscGwxNDB6bk5VQnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWh+MA0G
CSqGSIb3DQEBCwUAA4IBAQAboPlDltbnb5YDbH8ZNSE7HpnVHh4k+U4EYpYKzfNl
owb9xbpiitSm00JsptGlip+atOeEtDthG2iW6ZNXLs7Wv949jvChEZjmBL8/Tv5i
XEUqwRwSJtHDkKnkxNO/ifhYI5b0eGa5kL9PY+dQfANU1FL6XPcoCUsHU2whkL+/
BAzB749PFw22CQ2Q5qutJvtU4iGB2bUODXvAj43PwjCYnw/tJsJ6xI6nGOLnhNHt
Bm2knwLLTkL2QE3mnLyqjmwfWx4Ul8rkNRXpuvJpyf64ece5bDhleyYzH/vRf0Xt
DXNdshebxAW5bo8tJRHL65ioL8k2AQ0eo7J1ugSX3X9X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:33 2024 by rpki-client on console-ams.rpki-client.org