Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nbUb2IXUJzS64y5CKJJ9k1Ytyn0.roa
File:                     nbUb2IXUJzS64y5CKJJ9k1Ytyn0.roa (raw, json)
Hash identifier:          F0lPyXpW2j7ITnlIFAqPxUWeq2R8KXfapp5DdBZ/A0o=
Subject key identifier:   9D:B5:1B:D8:85:D4:27:34:BA:E3:2E:42:28:92:7D:93:56:2D:CA:7D
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       01892B4A1BA90639C720D76024D6620B3898
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nbUb2IXUJzS64y5CKJJ9k1Ytyn0.roa
Signing time:             Thu 06 Jul 2023 13:00:24 +0000
ROA not before:           Thu 06 Jul 2023 13:00:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203511
IP address blocks:        88.209.229.0/24 maxlen: 24
                          88.209.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 10:28:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2b:4a:1b:a9:06:39:c7:20:d7:60:24:d6:62:0b:38:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jul  6 13:00:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9db51bd885d42734bae32e4228927d93562dca7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:89:81:d8:70:44:10:26:f5:84:02:a6:19:b4:
                    cb:fc:f3:32:9e:70:aa:ff:dd:22:3f:0f:d8:8e:d6:
                    3d:a2:fe:12:dc:8d:4b:9f:9d:54:8b:52:41:d7:78:
                    5b:64:6f:6e:b1:35:a9:38:8a:11:74:fa:68:b5:7b:
                    83:d6:35:8d:1e:dc:ae:fa:52:55:5d:a1:74:1a:63:
                    6d:94:ac:da:98:65:c8:15:aa:4b:1e:cd:43:e6:5b:
                    0c:25:e1:e0:36:35:0c:84:21:73:ac:a5:c8:a1:46:
                    35:7e:1d:96:4c:b6:82:72:a9:0e:dc:71:92:f6:20:
                    aa:b4:b1:cd:98:e1:13:8a:87:89:c9:78:8a:fc:e5:
                    7e:05:b6:cc:9a:1a:92:0e:d4:c2:1f:4d:4a:c4:06:
                    5e:da:cb:41:5e:1b:ff:21:38:72:b5:17:d0:69:fb:
                    b9:1f:8e:0d:2b:93:d7:53:19:f7:c9:61:32:de:16:
                    05:dd:95:c4:99:73:9e:bb:a1:b2:8b:cc:01:5e:91:
                    be:c3:a4:2a:b2:83:54:2d:53:a4:13:e3:3a:db:3d:
                    27:a0:6e:b2:7d:09:56:82:7f:cf:03:99:ab:36:11:
                    28:02:d2:e7:3f:9e:52:63:bb:81:f0:7d:e9:40:a8:
                    ac:f5:23:dc:d9:9e:22:2d:d1:2e:ca:e7:cf:42:88:
                    af:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:B5:1B:D8:85:D4:27:34:BA:E3:2E:42:28:92:7D:93:56:2D:CA:7D
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nbUb2IXUJzS64y5CKJJ9k1Ytyn0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.229.0/24
                  88.209.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:5b:07:ec:a0:1c:e6:1a:d9:ec:20:3c:c6:74:31:81:1e:0a:
         29:1b:08:f5:0c:e6:94:30:22:69:02:84:71:dc:1f:9f:e8:b0:
         c2:2e:cc:22:95:2d:8b:5c:ef:68:35:84:a8:7b:ce:c0:c9:97:
         ab:c7:12:19:65:eb:dc:ca:b2:12:96:95:c8:e6:c6:ab:bf:49:
         c6:64:fb:56:83:84:37:50:73:99:a0:64:94:00:ca:58:a7:1e:
         f3:1d:f3:b1:94:9d:3d:f7:68:8d:59:4a:57:42:f2:32:12:d3:
         4a:ab:63:b9:38:7d:52:4b:e0:2b:f4:0c:99:bf:10:21:90:55:
         bd:0d:6d:0a:92:49:ea:36:53:96:b3:33:06:20:c0:85:3c:5b:
         4c:b5:99:51:7c:1d:94:43:20:95:79:0a:c6:fe:4e:30:13:10:
         46:51:57:2a:0a:79:6f:44:cd:36:28:14:59:3d:cc:0f:15:69:
         a2:68:6d:3d:94:e5:d2:25:db:15:48:0f:a3:8b:b2:66:e5:c5:
         76:0f:66:69:99:9a:19:4d:4a:55:ea:f2:fb:f1:79:0a:5e:50:
         6d:b6:2e:7a:e2:29:58:4a:4a:87:04:57:e8:72:28:d3:bc:5f:
         88:b6:97:e6:b8:b8:b7:2b:bb:99:72:0f:66:cf:bc:c9:37:02:
         83:b2:ac:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkrShupBjnHINdgJNZiCziYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNzA2MTMwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGI1MWJkODg1ZDQyNzM0YmFlMzJlNDIyODkyN2Q5MzU2MmRjYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmImB2HBEECb1hAKmGbTL/PMynnCq
/90iPw/YjtY9ov4S3I1Ln51Ui1JB13hbZG9usTWpOIoRdPpotXuD1jWNHtyu+lJV
XaF0GmNtlKzamGXIFapLHs1D5lsMJeHgNjUMhCFzrKXIoUY1fh2WTLaCcqkO3HGS
9iCqtLHNmOETioeJyXiK/OV+BbbMmhqSDtTCH01KxAZe2stBXhv/IThytRfQafu5
H44NK5PXUxn3yWEy3hYF3ZXEmXOeu6Gyi8wBXpG+w6QqsoNULVOkE+M62z0noG6y
fQlWgn/PA5mrNhEoAtLnP55SY7uB8H3pQKis9SPc2Z4iLdEuyufPQoiv6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ21G9iF1Cc0uuMuQiiSfZNWLcp9MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbmJVYjJJWFVKelM2NHk1Q0tKSjlrMVl0eW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHlAwQA
WNH4MA0GCSqGSIb3DQEBCwUAA4IBAQBqWwfsoBzmGtnsIDzGdDGBHgopGwj1DOaU
MCJpAoRx3B+f6LDCLswilS2LXO9oNYSoe87AyZerxxIZZevcyrISlpXI5sarv0nG
ZPtWg4Q3UHOZoGSUAMpYpx7zHfOxlJ0992iNWUpXQvIyEtNKq2O5OH1SS+Ar9AyZ
vxAhkFW9DW0KkknqNlOWszMGIMCFPFtMtZlRfB2UQyCVeQrG/k4wExBGUVcqCnlv
RM02KBRZPcwPFWmiaG09lOXSJdsVSA+ji7Jm5cV2D2ZpmZoZTUpV6vL78XkKXlBt
ti564ilYSkqHBFfocijTvF+ItpfmuLi3K7uZcg9mz7zJNwKDsqyf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org