Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/RyxvYRfaaWK5z89Qr5EEGomARAk.roa
File:                     RyxvYRfaaWK5z89Qr5EEGomARAk.roa (raw, json)
Hash identifier:          QH521nOQNsXBn30AI+z0wYt3VXjZJC9yc1raQFrLDhE=
Subject key identifier:   47:2C:6F:61:17:DA:69:62:B9:CF:CF:50:AF:91:04:1A:89:80:44:09
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       018B85089D7503F49AD8627B00CC94A46206
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/RyxvYRfaaWK5z89Qr5EEGomARAk.roa
Signing time:             Tue 31 Oct 2023 09:20:16 +0000
ROA not before:           Tue 31 Oct 2023 09:20:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        88.209.229.0/24 maxlen: 24
                          88.209.244.0/24 maxlen: 24
                          88.209.247.0/24 maxlen: 24
                          88.209.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Nov 2023 12:53:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:85:08:9d:75:03:f4:9a:d8:62:7b:00:cc:94:a4:62:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Oct 31 09:20:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=472c6f6117da6962b9cfcf50af91041a89804409
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:09:9c:eb:92:97:e2:89:8a:d4:e3:b0:0a:97:
                    3f:f7:31:65:54:e4:7e:82:dc:ff:c0:47:d6:86:3f:
                    de:2f:b0:0f:49:64:db:c4:91:a9:30:83:d4:d1:6c:
                    bc:87:6a:66:d0:e4:b7:b5:95:8d:7b:67:95:b9:03:
                    47:6f:dc:a2:68:ae:5b:3e:55:f5:aa:f5:70:68:85:
                    ad:f0:65:51:48:44:82:00:03:eb:5c:c5:da:08:bb:
                    00:57:d5:ea:e4:63:72:75:fd:25:d7:3a:a3:dc:a5:
                    a7:6b:f6:5f:b2:ac:76:45:2c:e0:96:32:f3:95:42:
                    d3:b3:ba:b3:09:18:6a:23:35:ca:03:c1:fb:cd:09:
                    a1:e6:08:b0:09:46:fb:4c:b6:f2:e8:50:22:1a:ac:
                    f1:05:73:8e:f9:44:fb:2e:c3:de:da:04:a8:0d:e0:
                    53:53:0c:d6:52:1c:ba:a8:73:94:4b:29:9e:24:3d:
                    61:47:1b:85:5c:3e:40:eb:ef:40:2f:e9:6e:da:95:
                    45:83:d8:a2:14:dc:44:a7:0f:1d:84:a3:59:2e:36:
                    d2:cb:bf:16:88:36:1d:ae:a4:74:99:9a:74:9a:3f:
                    e4:7c:e7:89:80:a5:3c:f2:a6:f4:a1:19:54:b2:ed:
                    76:5a:9f:42:6c:51:0d:5f:57:14:7d:72:d5:b8:b3:
                    d1:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:2C:6F:61:17:DA:69:62:B9:CF:CF:50:AF:91:04:1A:89:80:44:09
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/RyxvYRfaaWK5z89Qr5EEGomARAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.229.0/24
                  88.209.244.0/24
                  88.209.247.0-88.209.248.255

    Signature Algorithm: sha256WithRSAEncryption
         57:a1:1f:12:e9:a1:1c:c8:c8:8f:d2:47:eb:21:b0:75:43:5d:
         9a:ff:b1:9c:15:81:39:01:2f:49:db:6b:c5:72:46:62:bf:19:
         af:95:30:f2:c0:eb:3c:74:7f:50:ae:4b:3a:5e:c9:42:4b:64:
         78:be:33:14:da:0b:84:16:21:96:4b:d9:b2:4e:ae:e7:c1:cf:
         35:99:2e:51:26:f4:c8:ee:dd:32:49:49:74:81:d4:b7:37:b0:
         13:56:dc:f4:f1:47:10:47:a0:53:64:f4:ea:84:69:3b:2b:25:
         46:87:0a:36:04:44:d1:c1:8b:96:12:21:94:42:ec:2f:34:57:
         59:66:6b:b6:8c:fe:a6:8a:29:6f:71:b1:38:3b:23:46:e9:12:
         83:34:ed:7e:3b:c4:ba:9a:78:8a:d0:d0:95:ff:b5:56:b3:37:
         65:3d:42:82:e1:ac:d7:f3:c1:c7:99:d0:83:19:df:f5:50:31:
         c4:22:cf:48:49:52:ed:c7:98:b8:31:d5:61:1b:9e:8b:39:65:
         1b:cd:45:31:ba:da:92:2e:9d:f1:03:fc:47:e3:64:9d:7d:6e:
         59:be:33:a9:21:52:cb:6b:de:80:b7:28:93:71:3a:39:4b:43:
         23:f6:ff:af:60:09:77:2a:e3:08:c5:15:7f:43:ba:37:d0:c9:
         2d:26:2a:d3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYuFCJ11A/Sa2GJ7AMyUpGIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDMxMDkyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJjNmY2MTE3ZGE2OTYyYjljZmNmNTBhZjkxMDQxYTg5ODA0NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAmc65KX4omK1OOwCpc/9zFlVOR+
gtz/wEfWhj/eL7APSWTbxJGpMIPU0Wy8h2pm0OS3tZWNe2eVuQNHb9yiaK5bPlX1
qvVwaIWt8GVRSESCAAPrXMXaCLsAV9Xq5GNydf0l1zqj3KWna/Zfsqx2RSzgljLz
lULTs7qzCRhqIzXKA8H7zQmh5giwCUb7TLby6FAiGqzxBXOO+UT7LsPe2gSoDeBT
UwzWUhy6qHOUSymeJD1hRxuFXD5A6+9AL+lu2pVFg9iiFNxEpw8dhKNZLjbSy78W
iDYdrqR0mZp0mj/kfOeJgKU88qb0oRlUsu12Wp9CbFENX1cUfXLVuLPRQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEcsb2EX2mliuc/PUK+RBBqJgEQJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUnl4dllSZmFhV0s1ejg5UXI1RUVHb21BUkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWNHlAwQA
WNH0MAwDBABY0fcDBABY0fgwDQYJKoZIhvcNAQELBQADggEBAFehHxLpoRzIyI/S
R+shsHVDXZr/sZwVgTkBL0nba8VyRmK/Ga+VMPLA6zx0f1CuSzpeyUJLZHi+MxTa
C4QWIZZL2bJOrufBzzWZLlEm9Mju3TJJSXSB1Lc3sBNW3PTxRxBHoFNk9OqEaTsr
JUaHCjYERNHBi5YSIZRC7C80V1lma7aM/qaKKW9xsTg7I0bpEoM07X47xLqaeIrQ
0JX/tVazN2U9QoLhrNfzwceZ0IMZ3/VQMcQiz0hJUu3HmLgx1WEbnos5ZRvNRTG6
2pIunfED/EfjZJ19blm+M6khUstr3oC3KJNxOjlLQyP2/69gCXcq4wjFFX9DujfQ
yS0mKtM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org