Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/F3u2YlNtaE3WNjv-h6sqEy4E4nQ.roa
File:                     F3u2YlNtaE3WNjv-h6sqEy4E4nQ.roa (raw, json)
Hash identifier:          9AUWLFsMwY0H+6x1ewb1S8XdTlcJ3N1REHK1Oh5jkfU=
Subject key identifier:   17:7B:B6:62:53:6D:68:4D:D6:36:3B:FE:87:AB:2A:13:2E:04:E2:74
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       01867D67C30526E000F4F7F102F8D5C57D17
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/F3u2YlNtaE3WNjv-h6sqEy4E4nQ.roa
Signing time:             Thu 23 Feb 2023 08:33:17 +0000
ROA not before:           Thu 23 Feb 2023 08:33:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        88.209.245.0/24 maxlen: 24
                          88.209.244.0/24 maxlen: 24
                          88.151.56.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Feb 2023 09:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7d:67:c3:05:26:e0:00:f4:f7:f1:02:f8:d5:c5:7d:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Feb 23 08:33:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=177bb662536d684dd6363bfe87ab2a132e04e274
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:64:06:30:5a:b7:25:a8:18:4d:39:74:14:d8:
                    23:40:4e:a4:3a:16:e5:60:8b:81:9f:27:26:8b:34:
                    7e:d4:98:47:c5:ff:8a:4d:13:30:e5:af:bc:03:90:
                    7b:3d:e6:2a:d2:d5:49:54:df:7c:c1:3c:38:19:ce:
                    ff:bf:66:b1:35:25:4b:9b:50:71:5f:07:e4:1e:50:
                    88:68:ca:e5:f7:65:3a:4a:68:8a:0b:df:0c:cd:85:
                    88:49:ae:67:cf:04:bc:84:de:c3:89:38:d3:d1:91:
                    66:63:5a:db:a4:b1:3c:dd:8e:11:06:c2:de:b3:9c:
                    15:4b:12:b2:24:fe:b2:47:32:12:e3:52:5c:33:4b:
                    72:5b:00:59:d5:75:f7:46:df:51:de:20:18:0a:f0:
                    0b:e2:b0:46:45:38:48:ca:24:7d:50:32:95:61:90:
                    19:83:bf:1f:20:b6:8f:85:39:1f:2d:97:af:20:4f:
                    f4:ab:85:cc:24:f1:07:87:d7:ec:94:cc:2d:c5:2c:
                    10:16:8b:51:46:10:c4:e8:28:c0:ab:d3:d7:20:14:
                    d5:2b:ba:b9:5e:bd:73:42:0e:ef:25:41:b8:b0:7b:
                    f2:86:c9:2a:ed:2a:1c:40:6e:e4:82:be:96:d3:7f:
                    23:8a:e8:55:50:61:00:4d:7c:8b:5b:f7:15:73:62:
                    ab:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:7B:B6:62:53:6D:68:4D:D6:36:3B:FE:87:AB:2A:13:2E:04:E2:74
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/F3u2YlNtaE3WNjv-h6sqEy4E4nQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.151.56.0/24
                  88.209.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b9:c0:3c:a6:38:ee:2e:79:ac:98:06:e4:ea:3d:a2:b9:5b:2d:
         54:16:c5:c4:34:a1:f2:f5:9f:80:ce:bb:90:c2:00:5d:29:1f:
         80:93:bf:79:39:d3:26:64:ec:3d:0a:0f:1d:2d:d5:77:d0:f6:
         df:9e:e4:bc:3f:17:2b:cf:94:52:f6:c4:54:08:36:20:b1:1c:
         39:3c:06:b2:85:e6:5b:e9:89:a0:41:a5:e7:49:ec:77:7c:98:
         86:c1:6a:cc:3b:65:c1:de:16:16:fd:c9:ee:d8:89:9b:b7:a5:
         51:b8:fc:d6:f4:7e:70:35:4d:81:a6:f3:65:1a:23:31:de:13:
         d4:a0:88:d9:7e:38:6d:60:db:a6:f0:5e:2e:31:25:80:30:9b:
         b7:60:d2:b8:fa:91:aa:7a:c2:0e:70:e6:75:16:75:5a:59:47:
         ee:ee:3b:5b:21:df:a0:9f:86:c0:a5:1a:75:1a:d6:29:29:fb:
         35:17:a4:e4:d3:43:9e:fd:16:59:e8:0f:7a:39:ad:6e:94:5e:
         cf:32:2e:11:fc:a3:69:32:66:9c:c3:95:11:aa:46:33:f7:cf:
         11:f8:fb:07:2a:99:0c:14:12:bd:80:9c:15:b0:d7:9d:51:78:
         21:fb:07:b9:f1:ae:0c:e6:85:6d:f7:81:2d:fd:cb:e3:b6:95:
         0c:a5:13:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ9Z8MFJuAA9PfxAvjVxX0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjIzMDgzMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzdiYjY2MjUzNmQ2ODRkZDYzNjNiZmU4N2FiMmExMzJlMDRlMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2QGMFq3JagYTTl0FNgjQE6kOhbl
YIuBnycmizR+1JhHxf+KTRMw5a+8A5B7PeYq0tVJVN98wTw4Gc7/v2axNSVLm1Bx
XwfkHlCIaMrl92U6SmiKC98MzYWISa5nzwS8hN7DiTjT0ZFmY1rbpLE83Y4RBsLe
s5wVSxKyJP6yRzIS41JcM0tyWwBZ1XX3Rt9R3iAYCvAL4rBGRThIyiR9UDKVYZAZ
g78fILaPhTkfLZevIE/0q4XMJPEHh9fslMwtxSwQFotRRhDE6CjAq9PXIBTVK7q5
Xr1zQg7vJUG4sHvyhskq7SocQG7kgr6W038jiuhVUGEATXyLW/cVc2KrgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBd7tmJTbWhN1jY7/oerKhMuBOJ0MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRjN1MllsTnRhRTNXTmp2LWg2c3FFeTRFNG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWJc4AwQB
WNH0MA0GCSqGSIb3DQEBCwUAA4IBAQC5wDymOO4ueayYBuTqPaK5Wy1UFsXENKHy
9Z+AzruQwgBdKR+Ak795OdMmZOw9Cg8dLdV30PbfnuS8Pxcrz5RS9sRUCDYgsRw5
PAayheZb6YmgQaXnSex3fJiGwWrMO2XB3hYW/cnu2Imbt6VRuPzW9H5wNU2BpvNl
GiMx3hPUoIjZfjhtYNum8F4uMSWAMJu3YNK4+pGqesIOcOZ1FnVaWUfu7jtbId+g
n4bApRp1GtYpKfs1F6Tk00Oe/RZZ6A96Oa1ulF7PMi4R/KNpMmacw5URqkYz988R
+PsHKpkMFBK9gJwVsNedUXgh+we58a4M5oVt94Et/cvjtpUMpROH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org