Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8mNfEySvTVFsb4dujaBIuYhLPZY.roa
File:                     8mNfEySvTVFsb4dujaBIuYhLPZY.roa (raw, json)
Hash identifier:          AM0evX4S0x7VI9MJqirsIay3KnopBjihMxphPiFQ1H0=
Subject key identifier:   F2:63:5F:13:24:AF:4D:51:6C:6F:87:6E:8D:A0:48:B9:88:4B:3D:96
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       01887BAEC8DD030751E4E6C58DD8222ACD5B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8mNfEySvTVFsb4dujaBIuYhLPZY.roa
Signing time:             Fri 02 Jun 2023 10:37:12 +0000
ROA not before:           Fri 02 Jun 2023 10:37:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        88.209.245.0/24 maxlen: 24
                          88.209.248.0/24 maxlen: 24
                          88.209.211.0/24 maxlen: 24
                          88.209.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 03 Jun 2023 11:16:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7b:ae:c8:dd:03:07:51:e4:e6:c5:8d:d8:22:2a:cd:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jun  2 10:37:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2635f1324af4d516c6f876e8da048b9884b3d96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:53:26:70:9a:1a:8c:ee:39:2a:32:8a:c3:44:
                    86:2a:ae:c6:02:fa:47:5b:52:bb:bf:7f:f5:10:df:
                    e7:7d:7e:dc:d9:fa:9d:51:d1:b9:f6:37:75:ea:f5:
                    2d:99:a9:a0:f7:95:c9:00:a8:c9:a0:21:c1:13:00:
                    d5:bf:c3:44:a4:23:0c:a7:0a:68:71:aa:63:06:d0:
                    83:96:88:e5:a5:9e:1c:e2:69:bf:30:7e:d1:91:e5:
                    58:fb:09:90:c1:88:60:5a:41:37:62:07:ed:35:d5:
                    11:84:4d:f0:0c:25:ef:f7:25:e2:be:19:cb:c2:2b:
                    d6:e8:3f:67:bf:9a:b9:a7:6e:18:36:8b:d9:2d:e0:
                    49:7d:48:f2:be:b9:58:ac:69:cb:f1:f6:89:b8:00:
                    9c:20:d8:5e:e4:30:ea:e3:3c:ff:a8:42:72:5e:a3:
                    80:67:e3:83:f8:df:41:57:8f:12:30:3c:f8:d4:49:
                    c3:05:6d:dd:e5:a0:3d:84:ec:cb:88:b8:2b:3f:aa:
                    30:92:a6:06:7b:f9:cd:ca:81:c5:98:0c:5d:d6:8a:
                    c1:dc:90:ac:cc:2c:df:be:9d:b1:73:81:25:5b:63:
                    01:bc:39:4a:58:ba:b7:d2:dd:2d:0b:27:d3:09:7f:
                    0e:a8:dc:98:23:95:34:05:e7:71:31:4c:46:0f:20:
                    83:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:63:5F:13:24:AF:4D:51:6C:6F:87:6E:8D:A0:48:B9:88:4B:3D:96
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8mNfEySvTVFsb4dujaBIuYhLPZY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.211.0/24
                  88.209.222.0/24
                  88.209.245.0/24
                  88.209.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:28:cb:14:af:a0:70:47:a4:39:14:50:58:58:64:33:32:56:
         60:9a:2b:32:e2:f5:d4:5c:e6:01:d4:e1:47:bd:f8:53:fa:33:
         63:63:23:88:6a:f1:48:ec:69:9b:16:4c:60:54:38:6f:a5:73:
         88:c5:67:be:bc:22:b4:43:65:7e:22:28:84:c8:d4:5a:a0:65:
         8e:97:16:26:24:97:a8:94:ef:5b:f1:f6:e2:75:f0:0e:54:a8:
         73:22:f6:26:f4:a8:77:f7:3a:f2:1e:fd:da:ec:88:fb:5f:be:
         b4:73:3a:58:d9:35:13:f1:49:fe:21:4d:62:66:0b:fd:21:d0:
         de:31:85:1c:fa:cf:6d:b8:3a:d1:0e:fa:09:c3:36:c0:5d:f6:
         8e:96:28:bd:69:e7:8e:3f:f5:68:69:66:25:f4:73:24:18:9f:
         c1:f8:91:5a:f2:a2:f8:9c:a2:54:63:35:f7:f7:e7:e6:24:e4:
         78:fc:b8:25:3c:04:5f:87:7d:f6:e5:39:37:39:d7:f7:da:d2:
         35:fd:85:f8:d6:f2:93:a0:80:1f:3f:f2:a5:d7:6c:42:a1:5c:
         a8:35:dc:8a:b9:7e:9a:cb:f8:51:0c:79:74:9e:4e:ed:74:fc:
         22:0c:5f:4b:86:91:b0:1c:7c:6d:4d:3d:b3:72:c3:4e:d5:a2:
         33:9e:b2:b6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYh7rsjdAwdR5ObFjdgiKs1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjAyMTAzNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjYzNWYxMzI0YWY0ZDUxNmM2Zjg3NmU4ZGEwNDhiOTg4NGIzZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFMmcJoajO45KjKKw0SGKq7GAvpH
W1K7v3/1EN/nfX7c2fqdUdG59jd16vUtmamg95XJAKjJoCHBEwDVv8NEpCMMpwpo
capjBtCDlojlpZ4c4mm/MH7RkeVY+wmQwYhgWkE3YgftNdURhE3wDCXv9yXivhnL
wivW6D9nv5q5p24YNovZLeBJfUjyvrlYrGnL8faJuACcINhe5DDq4zz/qEJyXqOA
Z+OD+N9BV48SMDz41EnDBW3d5aA9hOzLiLgrP6owkqYGe/nNyoHFmAxd1orB3JCs
zCzfvp2xc4ElW2MBvDlKWLq30t0tCyfTCX8OqNyYI5U0BedxMUxGDyCDmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPJjXxMkr01RbG+Hbo2gSLmISz2WMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvOG1OZkV5U3ZUVkZzYjRkdWphQkl1WWhMUFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNHTAwQA
WNHeAwQAWNH1AwQAWNH4MA0GCSqGSIb3DQEBCwUAA4IBAQAoKMsUr6BwR6Q5FFBY
WGQzMlZgmisy4vXUXOYB1OFHvfhT+jNjYyOIavFI7GmbFkxgVDhvpXOIxWe+vCK0
Q2V+IiiEyNRaoGWOlxYmJJeolO9b8fbidfAOVKhzIvYm9Kh39zryHv3a7Ij7X760
czpY2TUT8Un+IU1iZgv9IdDeMYUc+s9tuDrRDvoJwzbAXfaOlii9aeeOP/VoaWYl
9HMkGJ/B+JFa8qL4nKJUYzX39+fmJOR4/LglPARfh3325Tk3Odf32tI1/YX41vKT
oIAfP/Kl12xCoVyoNdyKuX6ay/hRDHl0nk7tdPwiDF9LhpGwHHxtTT2zcsNO1aIz
nrK2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org