Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/P1N0YpK3GVYUdXZfEw-eoFyTAV8.roa
File:                     P1N0YpK3GVYUdXZfEw-eoFyTAV8.roa (raw, json)
Hash identifier:          yBDQGKitpbjnysunClmiLnMfM9Z9k8t1oIMgFmITO5c=
Subject key identifier:   3F:53:74:62:92:B7:19:56:14:75:76:5F:13:0F:9E:A0:5C:93:01:5F
Certificate issuer:       /CN=4e69b402b67d75936f45dc8bc54b86814e0636ba
Certificate serial:       01856DEF7CC8D00663920E5656CA31B7FB5E
Authority key identifier: 4E:69:B4:02:B6:7D:75:93:6F:45:DC:8B:C5:4B:86:81:4E:06:36:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/P1N0YpK3GVYUdXZfEw-eoFyTAV8.roa
Signing time:             Sun 01 Jan 2023 15:24:49 +0000
ROA not before:           Sun 01 Jan 2023 15:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2119
IP address blocks:        80.89.160.0/20 maxlen: 20
                          80.94.208.0/20 maxlen: 20
                          88.83.128.0/19 maxlen: 19
                          2a00:6e80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:ef:7c:c8:d0:06:63:92:0e:56:56:ca:31:b7:fb:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e69b402b67d75936f45dc8bc54b86814e0636ba
        Validity
            Not Before: Jan  1 15:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f53746292b719561475765f130f9ea05c93015f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:8b:ac:76:dc:8e:5c:59:80:62:72:40:e6:5a:
                    ef:15:38:53:8a:4e:9e:f6:0f:a2:36:59:95:ff:c3:
                    1c:6c:06:2d:40:93:e1:29:44:12:c3:0e:3e:04:a5:
                    34:68:f9:c7:13:fb:62:6d:57:66:0c:7c:d9:99:43:
                    5b:6e:d8:bd:de:0f:80:4e:27:70:47:71:de:ef:26:
                    fe:5e:65:3d:59:32:47:5c:6b:d6:af:20:93:51:17:
                    10:1c:90:d9:e2:97:35:28:16:77:e0:c5:13:41:b8:
                    a5:c8:61:a2:78:5c:4a:44:3f:58:d2:4a:56:59:5c:
                    83:31:e2:2f:e0:c6:56:7e:43:b1:52:63:35:06:31:
                    dd:ef:5f:6c:20:dc:37:90:2d:43:fc:71:66:f1:05:
                    1d:d6:5c:5b:f3:57:b6:cd:fd:be:79:cb:89:29:bf:
                    fe:7e:e3:35:fd:00:bc:70:4c:5e:15:10:32:3d:ad:
                    ef:52:55:20:46:12:42:79:0f:a4:4d:3c:cb:47:a8:
                    44:bb:20:96:1f:10:bb:b3:61:36:12:62:9a:32:1b:
                    5f:9c:03:7e:17:f1:31:24:95:ca:d2:2e:40:01:4c:
                    ef:d7:48:b7:63:af:21:77:d2:a5:fb:1f:42:1d:79:
                    3f:a6:6c:75:e2:e1:ac:48:a1:e4:92:ec:d3:7a:07:
                    76:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:53:74:62:92:B7:19:56:14:75:76:5F:13:0F:9E:A0:5C:93:01:5F
            X509v3 Authority Key Identifier:
                keyid:4E:69:B4:02:B6:7D:75:93:6F:45:DC:8B:C5:4B:86:81:4E:06:36:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/P1N0YpK3GVYUdXZfEw-eoFyTAV8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.89.160.0/20
                  80.94.208.0/20
                  88.83.128.0/19
                IPv6:
                  2a00:6e80::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:c9:3b:31:76:43:5c:c7:b8:4d:79:cb:8d:02:86:74:ed:86:
         33:90:64:41:16:7d:93:27:da:b6:16:a2:2d:82:c7:c6:83:a4:
         06:54:bc:32:8d:a9:74:de:5a:0f:5e:70:19:8a:7b:28:a2:b0:
         5c:91:17:45:0f:3e:40:0e:34:1b:f0:e2:69:7f:eb:4b:d9:24:
         e1:7e:42:a2:5a:96:55:2b:e2:62:02:91:3f:2d:1f:cb:69:6c:
         5d:5c:ea:80:7a:f2:aa:f3:9d:13:43:3c:46:af:97:9e:57:4c:
         8e:5c:ab:0c:55:b4:6a:ad:14:d1:1b:bd:c7:cd:ce:dd:ee:cb:
         80:46:9f:68:1a:bc:23:4f:7c:41:2a:e4:b2:31:91:75:42:82:
         94:98:0d:57:21:5d:d6:36:be:11:4b:36:dd:e9:cd:ce:ce:64:
         83:55:5c:ca:5c:2a:7f:d0:9b:ec:b7:21:ae:c2:af:94:26:a5:
         92:ac:75:4f:71:ae:9b:c6:dd:c9:bb:00:b1:90:e9:a8:22:07:
         5e:5f:8f:07:25:1d:07:c8:82:0c:fc:8e:6d:39:49:75:6b:8a:
         f1:71:98:62:df:d0:f7:6f:4d:22:18:b7:e5:f6:af:38:36:d8:
         fc:51:69:78:96:1f:1c:ae:c3:1f:c0:b7:9b:22:27:c0:53:e0:
         0b:d5:de:7d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVt73zI0AZjkg5WVsoxt/teMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNjliNDAyYjY3ZDc1OTM2ZjQ1ZGM4YmM1NGI4NjgxNGUw
NjM2YmEwHhcNMjMwMTAxMTUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUzNzQ2MjkyYjcxOTU2MTQ3NTc2NWYxMzBmOWVhMDVjOTMwMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4usdtyOXFmAYnJA5lrvFThTik6e
9g+iNlmV/8McbAYtQJPhKUQSww4+BKU0aPnHE/tibVdmDHzZmUNbbti93g+ATidw
R3He7yb+XmU9WTJHXGvWryCTURcQHJDZ4pc1KBZ34MUTQbilyGGieFxKRD9Y0kpW
WVyDMeIv4MZWfkOxUmM1BjHd719sINw3kC1D/HFm8QUd1lxb81e2zf2+ecuJKb/+
fuM1/QC8cExeFRAyPa3vUlUgRhJCeQ+kTTzLR6hEuyCWHxC7s2E2EmKaMhtfnAN+
F/ExJJXK0i5AAUzv10i3Y68hd9Kl+x9CHXk/pmx14uGsSKHkkuzTegd26QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD9TdGKStxlWFHV2XxMPnqBckwFfMB8GA1UdIwQY
MBaAFE5ptAK2fXWTb0Xci8VLhoFOBja6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG1tMEFyWjlkWk52UmR5THhVdUdnVTRHTnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82ODlhYjUtMzBkMi00NmEzLThjNTQt
MTZiNDE5NmZhMjk0LzEvUDFOMFlwSzNHVllVZFhaZkV3LWVvRnlUQVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82ODlhYjUtMzBkMi00NmEzLThjNTQtMTZiNDE5NmZhMjk0
LzEvVG1tMEFyWjlkWk52UmR5THhVdUdnVTRHTnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUFmgAwQE
UF7QAwQFWFOAMA0EAgACMAcDBQAqAG6AMA0GCSqGSIb3DQEBCwUAA4IBAQBqyTsx
dkNcx7hNecuNAoZ07YYzkGRBFn2TJ9q2FqItgsfGg6QGVLwyjal03loPXnAZinso
orBckRdFDz5ADjQb8OJpf+tL2SThfkKiWpZVK+JiApE/LR/LaWxdXOqAevKq850T
QzxGr5eeV0yOXKsMVbRqrRTRG73Hzc7d7suARp9oGrwjT3xBKuSyMZF1QoKUmA1X
IV3WNr4RSzbd6c3OzmSDVVzKXCp/0JvstyGuwq+UJqWSrHVPca6bxt3JuwCxkOmo
IgdeX48HJR0HyIIM/I5tOUl1a4rxcZhi39D3b00iGLfl9q84Ntj8UWl4lh8crsMf
wLebIifAU+AL1d59
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:16 2024 by rpki-client on console-fra.rpki-client.org