Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7poiGfy6Nwfs-jTtfJoewBbrd4A.roa
File:                     7poiGfy6Nwfs-jTtfJoewBbrd4A.roa (raw, json)
Hash identifier:          xqVsoNu4KXT+5rvUQ3lxUHq6xEv3+q1hyEh8pK2FHX4=
Subject key identifier:   EE:9A:22:19:FC:BA:37:07:EC:FA:34:ED:7C:9A:1E:C0:16:EB:77:80
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       018571E7A488C5897A4B4163D3521D8904A5
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7poiGfy6Nwfs-jTtfJoewBbrd4A.roa
Signing time:             Mon 02 Jan 2023 09:54:44 +0000
ROA not before:           Mon 02 Jan 2023 09:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49392
IP address blocks:        88.209.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 03 Oct 2023 07:13:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:e7:a4:88:c5:89:7a:4b:41:63:d3:52:1d:89:04:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jan  2 09:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee9a2219fcba3707ecfa34ed7c9a1ec016eb7780
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:57:98:4e:ba:ce:a6:c9:a2:34:82:e4:3d:b8:
                    20:00:2f:0b:a4:e3:7d:79:93:34:b3:48:c8:d5:89:
                    e8:ad:91:5b:71:cb:72:5a:4a:1a:27:64:65:1f:2d:
                    53:20:89:d0:23:46:a6:71:84:8d:db:40:9a:d3:ab:
                    93:a1:67:32:f6:d7:4c:d9:1f:51:d3:93:5f:f2:53:
                    45:dd:bc:65:ca:f7:c1:55:f3:8b:72:1e:a3:04:cf:
                    fe:0a:5e:a0:8a:2c:3b:a8:88:83:8d:7d:44:26:6a:
                    59:3a:ba:59:ef:47:ce:92:83:62:53:2e:2a:72:0c:
                    9e:04:05:3e:14:2c:f8:1e:df:80:af:43:a1:76:36:
                    19:c9:0f:c1:fd:77:40:af:27:bd:4b:cf:f7:92:8a:
                    68:c3:04:a8:73:36:5a:5d:67:fc:fd:62:02:bd:3f:
                    56:e6:78:d2:57:dc:8e:b0:4d:bd:a0:ea:33:00:0d:
                    54:a7:a0:d2:3e:6f:9a:8d:9d:a9:12:42:4a:5d:5a:
                    b8:48:5d:d6:ca:ac:ae:3f:e5:b1:a4:6d:38:3d:fc:
                    3b:cf:96:f3:77:2a:5d:34:f7:ec:1b:cf:f2:70:da:
                    c4:72:6f:14:f8:8a:52:76:8b:43:a3:ab:c0:3e:48:
                    25:f2:d1:7f:e2:5e:98:6b:1c:9d:e3:01:bf:5d:42:
                    65:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:9A:22:19:FC:BA:37:07:EC:FA:34:ED:7C:9A:1E:C0:16:EB:77:80
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7poiGfy6Nwfs-jTtfJoewBbrd4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:7d:22:36:17:de:58:3a:d0:ef:45:73:aa:8a:b0:31:31:57:
         1e:f7:27:51:fb:46:b1:c6:1a:d5:12:45:3d:54:27:cc:9a:4c:
         a9:f9:1b:49:b2:33:d3:24:ca:7f:ef:47:a9:1c:cd:f7:e9:7a:
         42:1a:f6:84:2e:ef:f7:b8:4d:80:9f:81:26:6e:95:b8:a9:17:
         39:c0:c4:86:71:06:d1:72:14:f1:d8:f1:c8:85:b7:9d:c1:aa:
         73:76:6d:3b:d7:31:e9:21:0f:e4:05:16:9e:3f:07:27:4a:3c:
         0a:0e:b1:a5:16:34:a2:cf:8e:5a:77:4c:e7:78:06:d2:83:15:
         3d:f0:3e:37:0c:6a:b1:43:3d:41:47:63:b7:d7:69:56:65:ac:
         28:8c:da:d3:69:05:04:7e:22:ef:64:11:ce:1c:86:04:49:35:
         93:31:5f:44:19:12:b8:cf:f0:25:4e:74:48:86:48:cc:2e:37:
         3b:54:c5:2e:e1:9c:df:b8:ac:df:89:5a:95:0a:0a:f0:ec:0b:
         b2:c5:c4:11:7f:ba:e6:7c:d2:96:0e:86:af:ca:97:da:fb:d3:
         cd:e3:55:c5:dc:79:8f:12:08:64:6b:94:6d:c9:21:56:af:5c:
         13:aa:24:ea:b7:93:bf:fa:82:df:bf:bb:cd:ff:3c:cf:8a:d3:
         8a:e8:7b:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx56SIxYl6S0Fj01IdiQSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTlhMjIxOWZjYmEzNzA3ZWNmYTM0ZWQ3YzlhMWVjMDE2ZWI3NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1eYTrrOpsmiNILkPbggAC8LpON9
eZM0s0jI1YnorZFbcctyWkoaJ2RlHy1TIInQI0amcYSN20Ca06uToWcy9tdM2R9R
05Nf8lNF3bxlyvfBVfOLch6jBM/+Cl6giiw7qIiDjX1EJmpZOrpZ70fOkoNiUy4q
cgyeBAU+FCz4Ht+Ar0OhdjYZyQ/B/XdArye9S8/3kopowwSoczZaXWf8/WICvT9W
5njSV9yOsE29oOozAA1Up6DSPm+ajZ2pEkJKXVq4SF3WyqyuP+WxpG04Pfw7z5bz
dypdNPfsG8/ycNrEcm8U+IpSdotDo6vAPkgl8tF/4l6Yaxyd4wG/XUJlywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6aIhn8ujcH7Po07XyaHsAW63eAMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvN3BvaUdmeTZOd2ZzLWpUdGZKb2V3QmJyZDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHIMA0G
CSqGSIb3DQEBCwUAA4IBAQCufSI2F95YOtDvRXOqirAxMVce9ydR+0axxhrVEkU9
VCfMmkyp+RtJsjPTJMp/70epHM336XpCGvaELu/3uE2An4EmbpW4qRc5wMSGcQbR
chTx2PHIhbedwapzdm071zHpIQ/kBRaePwcnSjwKDrGlFjSiz45ad0zneAbSgxU9
8D43DGqxQz1BR2O312lWZawojNrTaQUEfiLvZBHOHIYESTWTMV9EGRK4z/AlTnRI
hkjMLjc7VMUu4ZzfuKzfiVqVCgrw7AuyxcQRf7rmfNKWDoavypfa+9PN41XF3HmP
Eghka5RtySFWr1wTqiTqt5O/+oLfv7vN/zzPitOK6Hub
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org