Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/shHwm9xHqvP_Rz2FaiwsWRd1e2U.roa
File:                     shHwm9xHqvP_Rz2FaiwsWRd1e2U.roa (raw, json)
Hash identifier:          wN6TShxnHNFQ7t7xpa1224KmMMBD5o+aw+XDopQ4FbE=
Subject key identifier:   B2:11:F0:9B:DC:47:AA:F3:FF:47:3D:85:6A:2C:2C:59:17:75:7B:65
Certificate issuer:       /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial:       01857139B67A5417F37CB17724A9B0499A88
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/shHwm9xHqvP_Rz2FaiwsWRd1e2U.roa
Signing time:             Mon 02 Jan 2023 06:44:45 +0000
ROA not before:           Mon 02 Jan 2023 06:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15730
IP address blocks:        89.46.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:b6:7a:54:17:f3:7c:b1:77:24:a9:b0:49:9a:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
        Validity
            Not Before: Jan  2 06:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b211f09bdc47aaf3ff473d856a2c2c5917757b65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:1c:ff:46:5a:ac:e9:21:67:a0:b4:ea:47:65:
                    fb:18:cc:09:31:f8:31:47:c1:2f:43:9f:74:2f:07:
                    74:40:96:61:98:45:5c:37:06:00:31:d5:3c:6b:29:
                    58:e8:0a:9a:03:15:a5:09:87:fb:61:58:a9:74:8f:
                    3a:59:d1:47:f9:72:f7:c7:b1:48:e5:29:5c:07:55:
                    18:84:f8:91:b2:27:1a:59:fd:be:7a:40:bf:6e:69:
                    8b:a1:70:60:34:24:31:a7:64:e6:3d:d7:f8:7e:5f:
                    d3:c6:50:75:bb:b6:43:a1:3b:51:3b:a4:e8:4e:d3:
                    a1:e0:0f:4e:6e:a3:c0:97:19:6d:bc:3b:df:fc:89:
                    3c:62:f7:99:df:09:e6:56:c5:93:4f:00:57:49:b7:
                    14:06:bc:22:4f:89:d1:5f:e3:48:04:d0:e1:66:cf:
                    0a:e8:28:f5:08:71:c9:b6:2e:47:00:63:35:c1:04:
                    7f:68:68:5f:1a:89:18:8c:21:b8:1a:c5:fa:44:43:
                    29:9b:7b:d4:af:32:76:13:dc:d3:46:7f:c6:a2:f4:
                    7f:a5:06:e2:1e:48:82:24:d5:fd:9d:c9:15:75:38:
                    fa:5c:c0:d6:cd:b4:72:5a:f3:b5:4c:4b:d4:c6:8a:
                    67:c7:1c:4d:6f:58:be:ca:3d:02:7c:f6:66:d9:45:
                    03:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:11:F0:9B:DC:47:AA:F3:FF:47:3D:85:6A:2C:2C:59:17:75:7B:65
            X509v3 Authority Key Identifier:
                keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/shHwm9xHqvP_Rz2FaiwsWRd1e2U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.46.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:29:86:25:b8:85:d7:05:4f:7f:18:87:d2:a7:b6:c2:10:c2:
         19:d7:6c:44:ee:41:85:f6:11:8f:78:29:40:1b:4b:6c:c4:bf:
         6a:0f:e3:2d:94:0c:25:11:93:13:4a:d7:2a:ed:e0:9f:50:24:
         84:83:dc:20:5d:79:0d:a4:eb:ab:75:74:ff:dd:a0:2a:44:70:
         ec:38:e2:54:9d:93:79:4e:07:c2:72:97:39:1f:6f:ab:73:78:
         b0:38:cc:11:d5:10:b4:2b:13:ee:45:b3:f3:68:de:fb:d0:3a:
         01:de:75:78:53:3b:65:74:c1:f8:3f:6c:94:fc:b4:83:76:db:
         00:48:dd:ee:19:3f:24:87:41:4c:11:ae:b9:64:c8:a5:7f:d8:
         25:ff:8a:d0:4d:e5:ce:bb:6c:92:3c:df:2b:d9:7d:4c:08:5a:
         64:24:52:1b:2c:5c:fc:30:66:e2:b2:7d:ea:08:75:32:d5:09:
         f1:88:be:86:80:3e:ff:5c:c3:7d:09:44:d2:3c:56:a1:da:9e:
         4a:6d:d1:ca:42:84:36:25:2f:9a:42:95:fb:e1:50:de:5e:77:
         6c:94:b1:5f:9a:a1:65:16:bc:8a:79:f2:0e:57:d9:72:32:41:
         c5:ed:da:1e:33:db:02:c0:ae:d2:1f:53:cc:76:2e:23:52:20:
         c8:7e:b8:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxObZ6VBfzfLF3JKmwSZqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjMwMTAyMDY0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjExZjA5YmRjNDdhYWYzZmY0NzNkODU2YTJjMmM1OTE3NzU3YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Rz/Rlqs6SFnoLTqR2X7GMwJMfgx
R8EvQ590Lwd0QJZhmEVcNwYAMdU8aylY6AqaAxWlCYf7YVipdI86WdFH+XL3x7FI
5SlcB1UYhPiRsicaWf2+ekC/bmmLoXBgNCQxp2TmPdf4fl/TxlB1u7ZDoTtRO6To
TtOh4A9ObqPAlxltvDvf/Ik8YveZ3wnmVsWTTwBXSbcUBrwiT4nRX+NIBNDhZs8K
6Cj1CHHJti5HAGM1wQR/aGhfGokYjCG4GsX6REMpm3vUrzJ2E9zTRn/GovR/pQbi
HkiCJNX9nckVdTj6XMDWzbRyWvO1TEvUxopnxxxNb1i+yj0CfPZm2UUDGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIR8JvcR6rz/0c9hWosLFkXdXtlMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvc2hId205eEhxdlBfUnoyRmFpd3NXUmQxZTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS54MA0G
CSqGSIb3DQEBCwUAA4IBAQBNKYYluIXXBU9/GIfSp7bCEMIZ12xE7kGF9hGPeClA
G0tsxL9qD+MtlAwlEZMTStcq7eCfUCSEg9wgXXkNpOurdXT/3aAqRHDsOOJUnZN5
TgfCcpc5H2+rc3iwOMwR1RC0KxPuRbPzaN770DoB3nV4UztldMH4P2yU/LSDdtsA
SN3uGT8kh0FMEa65ZMilf9gl/4rQTeXOu2ySPN8r2X1MCFpkJFIbLFz8MGbisn3q
CHUy1QnxiL6GgD7/XMN9CUTSPFah2p5KbdHKQoQ2JS+aQpX74VDeXndslLFfmqFl
FryKefIOV9lyMkHF7doeM9sCwK7SH1PMdi4jUiDIfriB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org