Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e5965a-0a27-4587-8ac6-5cc28426c588/1/PEaSS9pLIo9N2n_tRTCVuokCGjE.roa
File:                     PEaSS9pLIo9N2n_tRTCVuokCGjE.roa (raw, json)
Hash identifier:          MGvn3+uA0wy1YGBXeHTbFpq3CCTdcrLF8EkHM8168Bk=
Subject key identifier:   3C:46:92:4B:DA:4B:22:8F:4D:DA:7F:ED:45:30:95:BA:89:02:1A:31
Certificate issuer:       /CN=50b49fa114a0ec3553c72132dbc56a2ebbef79df
Certificate serial:       01857368544C6C2E15D8C84568D5B7F9F83E
Authority key identifier: 50:B4:9F:A1:14:A0:EC:35:53:C7:21:32:DB:C5:6A:2E:BB:EF:79:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ULSfoRSg7DVTxyEy28VqLrvved8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e5965a-0a27-4587-8ac6-5cc28426c588/1/PEaSS9pLIo9N2n_tRTCVuokCGjE.roa
Signing time:             Mon 02 Jan 2023 16:54:55 +0000
ROA not before:           Mon 02 Jan 2023 16:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        89.106.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:68:54:4c:6c:2e:15:d8:c8:45:68:d5:b7:f9:f8:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50b49fa114a0ec3553c72132dbc56a2ebbef79df
        Validity
            Not Before: Jan  2 16:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3c46924bda4b228f4dda7fed453095ba89021a31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:67:cc:c0:f3:6e:0e:41:84:04:3c:a1:c1:1c:
                    97:0e:e8:b1:c7:e6:93:a2:7a:1e:92:0c:c2:6b:98:
                    e4:b4:d3:d7:d2:a8:90:03:0b:1e:93:26:17:5b:b7:
                    62:fb:8f:6a:22:2a:be:27:fe:0e:3b:47:73:29:09:
                    44:4f:00:04:6d:ed:0c:1b:d7:ea:bd:89:f0:10:a2:
                    c0:ae:e6:cb:cb:af:51:78:f6:25:e3:75:6d:76:93:
                    fe:73:28:d3:80:49:31:f7:88:a7:2f:d3:e1:70:67:
                    62:d9:79:22:31:d4:ed:71:b8:19:d5:aa:75:a5:1a:
                    78:2f:cb:c1:12:95:57:78:90:38:b1:02:eb:97:31:
                    8a:df:2e:10:44:28:78:dd:fe:77:f8:12:09:8f:b5:
                    d7:72:79:c7:69:77:06:0d:00:20:88:cb:a9:92:53:
                    21:27:fd:d0:b8:25:c7:e2:8c:87:c7:c0:9a:28:f6:
                    1b:78:0c:33:d5:83:bb:7d:d0:46:3d:d2:2e:56:95:
                    b7:81:af:ca:ec:7b:b9:ab:f1:f9:5f:48:ee:1b:e4:
                    7c:0f:bf:e5:87:db:36:ee:6e:af:a9:0b:f6:9c:b9:
                    8d:e9:c5:0d:51:4f:53:d7:55:f2:bf:c8:dc:d3:8c:
                    38:8a:da:12:6f:82:9b:e5:d5:92:cf:0d:d3:9a:b6:
                    10:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:46:92:4B:DA:4B:22:8F:4D:DA:7F:ED:45:30:95:BA:89:02:1A:31
            X509v3 Authority Key Identifier:
                keyid:50:B4:9F:A1:14:A0:EC:35:53:C7:21:32:DB:C5:6A:2E:BB:EF:79:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULSfoRSg7DVTxyEy28VqLrvved8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e5965a-0a27-4587-8ac6-5cc28426c588/1/PEaSS9pLIo9N2n_tRTCVuokCGjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e5965a-0a27-4587-8ac6-5cc28426c588/1/ULSfoRSg7DVTxyEy28VqLrvved8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.106.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:7c:2d:e4:ac:f0:85:44:2a:80:29:58:58:4d:e5:5d:b2:c5:
         85:d9:8f:96:a8:b8:30:bb:46:eb:30:ef:66:27:69:f0:a2:b4:
         e8:f5:3b:6f:ee:88:20:b8:42:f4:dd:c3:89:5f:55:29:bb:62:
         a9:c0:53:03:d7:31:62:8c:e6:a4:72:a5:89:41:92:bd:9e:08:
         1f:40:c7:b1:1d:bb:a3:97:b6:72:4f:12:14:f2:d1:a6:47:b4:
         47:b7:e2:63:f1:17:84:2c:ee:1c:b9:23:13:d1:bd:f2:62:2f:
         ce:46:3a:38:8e:3d:14:91:a4:32:6f:1f:d1:0d:98:c6:40:98:
         20:68:4a:0f:10:b9:de:1d:37:32:cf:94:fa:8b:0f:10:aa:67:
         cc:bc:b0:7b:70:43:85:ea:89:7a:d7:d7:7e:b1:f0:c7:38:71:
         84:fa:58:d4:2b:b3:42:9d:64:6c:ba:78:3b:cd:44:fe:9e:4d:
         97:42:df:9d:50:8a:99:cf:72:5c:78:b7:50:0b:cc:2f:f4:27:
         84:d6:90:c6:11:14:0f:01:a2:4a:d8:ca:39:e8:64:a8:e8:aa:
         ed:d2:fe:bd:e1:37:44:a0:7d:11:fe:6a:fb:71:c6:58:a3:b4:
         7e:47:a6:04:7d:bb:c5:8e:f2:26:a7:a3:a9:c3:4b:cd:be:32:
         ec:83:c3:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzaFRMbC4V2MhFaNW3+fg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYjQ5ZmExMTRhMGVjMzU1M2M3MjEzMmRiYzU2YTJlYmJl
Zjc5ZGYwHhcNMjMwMTAyMTY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzQ2OTI0YmRhNGIyMjhmNGRkYTdmZWQ0NTMwOTViYTg5MDIxYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWfMwPNuDkGEBDyhwRyXDuixx+aT
onoekgzCa5jktNPX0qiQAwsekyYXW7di+49qIiq+J/4OO0dzKQlETwAEbe0MG9fq
vYnwEKLArubLy69RePYl43VtdpP+cyjTgEkx94inL9PhcGdi2XkiMdTtcbgZ1ap1
pRp4L8vBEpVXeJA4sQLrlzGK3y4QRCh43f53+BIJj7XXcnnHaXcGDQAgiMupklMh
J/3QuCXH4oyHx8CaKPYbeAwz1YO7fdBGPdIuVpW3ga/K7Hu5q/H5X0juG+R8D7/l
h9s27m6vqQv2nLmN6cUNUU9T11Xyv8jc04w4itoSb4Kb5dWSzw3TmrYQvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxGkkvaSyKPTdp/7UUwlbqJAhoxMB8GA1UdIwQY
MBaAFFC0n6EUoOw1U8chMtvFai6773nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUxTZm9SU2c3RFZUeHlFeTI4VnFMcnZ2ZWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNTk2NWEtMGEyNy00NTg3LThhYzYt
NWNjMjg0MjZjNTg4LzEvUEVhU1M5cExJbzlOMm5fdFJUQ1Z1b2tDR2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNTk2NWEtMGEyNy00NTg3LThhYzYtNWNjMjg0MjZjNTg4
LzEvVUxTZm9SU2c3RFZUeHlFeTI4VnFMcnZ2ZWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWrNMA0G
CSqGSIb3DQEBCwUAA4IBAQAcfC3krPCFRCqAKVhYTeVdssWF2Y+WqLgwu0brMO9m
J2nworTo9Ttv7ogguEL03cOJX1Upu2KpwFMD1zFijOakcqWJQZK9nggfQMexHbuj
l7ZyTxIU8tGmR7RHt+Jj8ReELO4cuSMT0b3yYi/ORjo4jj0UkaQybx/RDZjGQJgg
aEoPELneHTcyz5T6iw8QqmfMvLB7cEOF6ol619d+sfDHOHGE+ljUK7NCnWRsung7
zUT+nk2XQt+dUIqZz3JceLdQC8wv9CeE1pDGERQPAaJK2Mo56GSo6Krt0v694TdE
oH0R/mr7ccZYo7R+R6YEfbvFjvImp6Opw0vNvjLsg8No
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:38 2024 by rpki-client on console-ams.rpki-client.org