Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/y6zSVWukpcpQ8cwSS0QdkEz712A.roa
File:                     y6zSVWukpcpQ8cwSS0QdkEz712A.roa (raw, json)
Hash identifier:          gwNWfYRp+TrdNOitAIIhRMO0XnfPC/WqtjmU682Geas=
Subject key identifier:   CB:AC:D2:55:6B:A4:A5:CA:50:F1:CC:12:4B:44:1D:90:4C:FB:D7:60
Certificate issuer:       /CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Certificate serial:       018A7F303C683581400EBAEA93B345BBF279
Authority key identifier: D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/y6zSVWukpcpQ8cwSS0QdkEz712A.roa
Signing time:             Sun 10 Sep 2023 13:03:02 +0000
ROA not before:           Sun 10 Sep 2023 13:03:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39370
IP address blocks:        89.147.3.0/24 maxlen: 24
                          89.147.4.0/24 maxlen: 24
                          89.147.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Sep 2023 12:37:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:7f:30:3c:68:35:81:40:0e:ba:ea:93:b3:45:bb:f2:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
        Validity
            Not Before: Sep 10 13:03:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cbacd2556ba4a5ca50f1cc124b441d904cfbd760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:52:ba:29:5c:38:cb:47:8a:cc:c6:55:e7:47:
                    5b:de:67:19:41:ea:ea:94:0a:40:74:3c:bc:ff:e9:
                    cc:d4:c1:19:e6:a9:69:3d:2c:1f:4a:43:db:db:c8:
                    f1:32:3b:fc:55:87:4f:65:1c:da:2e:fd:07:26:eb:
                    cc:bc:41:75:13:3a:db:6e:bf:4b:c0:46:0c:2a:99:
                    97:e4:ba:41:bf:78:1a:e5:38:65:80:d9:55:c0:b3:
                    8c:eb:3b:44:52:1c:7c:90:2b:dc:72:90:d3:5d:4d:
                    c6:6f:07:49:2e:9e:bd:ca:5e:f5:e3:0c:84:17:ed:
                    82:25:92:01:be:c7:60:c3:43:ce:71:7f:a5:a5:16:
                    b3:39:ca:69:9d:9b:7a:1f:f6:33:22:2d:1f:5a:d0:
                    49:c3:99:7d:0a:d8:73:43:bf:c5:0d:a5:6d:f4:ca:
                    8c:ec:04:26:d6:78:0c:40:67:b8:26:4c:77:6c:b9:
                    70:e9:c8:f2:47:bb:ef:4d:49:be:18:b4:51:d7:d6:
                    1e:2a:34:de:ae:e6:a2:c1:13:3e:85:88:c4:f3:3a:
                    dd:9f:0e:bd:ea:c8:0b:0a:48:6f:7f:47:e9:28:77:
                    8c:73:22:30:e1:a7:50:e0:4b:52:f8:59:c4:3e:25:
                    24:f6:39:ee:11:69:c0:0e:56:9b:93:4b:f8:60:29:
                    ed:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:AC:D2:55:6B:A4:A5:CA:50:F1:CC:12:4B:44:1D:90:4C:FB:D7:60
            X509v3 Authority Key Identifier:
                keyid:D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/y6zSVWukpcpQ8cwSS0QdkEz712A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.147.2.0-89.147.4.255

    Signature Algorithm: sha256WithRSAEncryption
         66:54:7d:fa:78:b5:07:cf:16:9e:d8:c9:da:25:b2:37:79:f4:
         b4:e4:dd:d2:35:7f:8d:21:6f:41:a3:3c:6e:56:d8:20:85:60:
         fa:52:58:85:dc:ea:e9:ea:c5:50:fa:75:a2:b1:d6:37:74:8d:
         bd:74:b2:ce:b8:be:99:21:90:99:c2:fa:0c:10:cd:06:79:7f:
         48:30:a7:6c:4a:68:ad:cb:a3:5d:10:08:08:27:23:81:4b:09:
         1b:ce:16:a2:d8:2a:31:b9:fe:20:5e:e9:f6:b7:eb:6a:0e:6b:
         e4:bc:41:e1:de:d4:26:df:7a:05:f5:17:50:c1:5d:a9:fc:09:
         95:ff:9f:b3:88:c8:ab:c9:19:38:55:10:93:76:f5:f3:11:ee:
         8f:27:6b:b3:36:7c:5b:48:89:ae:a8:04:b1:fb:c8:af:6c:b4:
         bb:cd:ef:f4:0b:09:a9:28:89:4c:dd:61:a7:2c:d3:32:a3:b1:
         d8:69:62:61:f8:6e:a8:1a:5f:e3:3c:0a:e2:a8:38:7e:7e:7e:
         b6:47:96:eb:00:74:63:6b:38:91:cd:cc:7c:01:af:35:00:54:
         ab:90:b1:bf:c5:0f:8c:59:c6:cb:48:cd:fc:ea:53:00:36:01:
         14:6a:a9:a2:c1:ae:c3:fc:d4:78:c2:84:da:03:16:6a:bc:b5:
         73:23:b5:a2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYp/MDxoNYFADrrqk7NFu/J5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZDA2NzRiZDZmMGNjOTE3NTIxOWEzMjhjOGIzOTY4Mjlm
NmMwYWYwHhcNMjMwOTEwMTMwMzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmFjZDI1NTZiYTRhNWNhNTBmMWNjMTI0YjQ0MWQ5MDRjZmJkNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlK6KVw4y0eKzMZV50db3mcZQerq
lApAdDy8/+nM1MEZ5qlpPSwfSkPb28jxMjv8VYdPZRzaLv0HJuvMvEF1Ezrbbr9L
wEYMKpmX5LpBv3ga5ThlgNlVwLOM6ztEUhx8kCvccpDTXU3GbwdJLp69yl714wyE
F+2CJZIBvsdgw0POcX+lpRazOcppnZt6H/YzIi0fWtBJw5l9CthzQ7/FDaVt9MqM
7AQm1ngMQGe4Jkx3bLlw6cjyR7vvTUm+GLRR19YeKjTeruaiwRM+hYjE8zrdnw69
6sgLCkhvf0fpKHeMcyIw4adQ4EtS+FnEPiUk9jnuEWnADlabk0v4YCntkQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMus0lVrpKXKUPHMEktEHZBM+9dgMB8GA1UdIwQY
MBaAFNfQZ0vW8MyRdSGaMoyLOWgp9sCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2It
ODIzMmZhM2U2MjlkLzEveTZ6U1ZXdWtwY3BROGN3U1MwUWRrRXo3MTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2ItODIzMmZhM2U2Mjlk
LzEvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFZkwID
BABZkwQwDQYJKoZIhvcNAQELBQADggEBAGZUffp4tQfPFp7Yydolsjd59LTk3dI1
f40hb0GjPG5W2CCFYPpSWIXc6unqxVD6daKx1jd0jb10ss64vpkhkJnC+gwQzQZ5
f0gwp2xKaK3Lo10QCAgnI4FLCRvOFqLYKjG5/iBe6fa362oOa+S8QeHe1CbfegX1
F1DBXan8CZX/n7OIyKvJGThVEJN29fMR7o8na7M2fFtIia6oBLH7yK9stLvN7/QL
CakoiUzdYacs0zKjsdhpYmH4bqgaX+M8CuKoOH5+frZHlusAdGNrOJHNzHwBrzUA
VKuQsb/FD4xZxstIzfzqUwA2ARRqqaLBrsP81HjChNoDFmq8tXMjtaI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:21 2024 by rpki-client on console-fra.rpki-client.org