Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/hOMFbfyBSwmGyzZOxk0DREdW4W4.roa
File:                     hOMFbfyBSwmGyzZOxk0DREdW4W4.roa (raw, json)
Hash identifier:          V8OfTjILDh4nVOx4mh5Hd3GEi0nbN+cIPJEksCdGNT0=
Subject key identifier:   84:E3:05:6D:FC:81:4B:09:86:CB:36:4E:C6:4D:03:44:47:56:E1:6E
Certificate issuer:       /CN=be9f159bab83661fd93ead430c3bdb1eaa7eaf08
Certificate serial:       01856EC21D047099CAB0E8A717EC36FC3C42
Authority key identifier: BE:9F:15:9B:AB:83:66:1F:D9:3E:AD:43:0C:3B:DB:1E:AA:7E:AF:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/hOMFbfyBSwmGyzZOxk0DREdW4W4.roa
Signing time:             Sun 01 Jan 2023 19:14:53 +0000
ROA not before:           Sun 01 Jan 2023 19:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39571
IP address blocks:        89.235.64.0/22 maxlen: 22
                          89.235.64.0/24 maxlen: 24
                          89.235.67.0/24 maxlen: 24
                          89.235.65.0/24 maxlen: 24
                          89.235.66.0/24 maxlen: 24
                          185.135.28.0/24 maxlen: 24
                          185.135.31.0/24 maxlen: 24
                          185.135.28.0/22 maxlen: 22
                          185.135.29.0/24 maxlen: 24
                          185.135.30.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c2:1d:04:70:99:ca:b0:e8:a7:17:ec:36:fc:3c:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be9f159bab83661fd93ead430c3bdb1eaa7eaf08
        Validity
            Not Before: Jan  1 19:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84e3056dfc814b0986cb364ec64d03444756e16e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ba:3c:75:69:9f:71:b5:aa:32:17:10:3b:5e:
                    8a:7e:cb:b3:b2:e9:c4:8f:2a:63:40:11:93:64:b7:
                    52:bf:62:5f:8b:de:04:ec:2c:35:91:ac:45:c6:3f:
                    5d:a5:bc:ec:76:3f:39:f5:42:24:25:f8:fd:fc:3d:
                    70:a7:2d:7a:6c:dd:38:3c:dc:f1:68:b3:dd:81:a1:
                    bf:eb:6e:2f:8e:d7:b1:76:98:5e:2b:4a:fa:38:67:
                    f5:2d:b1:0c:8d:9d:d7:0d:a5:75:30:16:56:0d:3f:
                    e2:24:ae:c9:16:d8:1e:26:b8:22:08:4e:0b:5c:35:
                    1f:0a:68:4b:39:f3:34:97:65:8d:99:94:8b:27:87:
                    43:1a:7c:d6:2a:16:ae:ca:26:ae:84:a4:83:ec:b2:
                    5d:97:69:e7:74:08:7d:d4:b6:9b:8f:7e:e1:a9:90:
                    21:0c:53:c1:ae:87:2e:d0:89:17:89:ac:40:b8:02:
                    55:0d:81:4e:d1:bd:ae:42:22:bb:24:a8:a2:c2:a8:
                    46:19:33:66:e9:5f:83:e9:86:2a:39:73:79:a7:82:
                    7f:3d:b9:86:f8:48:27:25:8e:7d:d9:b7:49:14:8b:
                    3f:7d:32:8b:00:ab:03:48:13:72:57:62:75:14:5e:
                    bb:5a:c8:dd:bf:cb:b5:c7:eb:f4:7a:d9:77:b3:d5:
                    86:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:E3:05:6D:FC:81:4B:09:86:CB:36:4E:C6:4D:03:44:47:56:E1:6E
            X509v3 Authority Key Identifier:
                keyid:BE:9F:15:9B:AB:83:66:1F:D9:3E:AD:43:0C:3B:DB:1E:AA:7E:AF:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/hOMFbfyBSwmGyzZOxk0DREdW4W4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.235.64.0/22
                  185.135.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:47:ce:cf:e9:c6:5b:2f:08:8a:a0:b0:81:28:88:07:dc:ba:
         af:66:38:e3:23:db:cd:8b:6c:89:98:4b:01:84:fb:71:33:53:
         32:81:a8:6e:62:e3:53:33:f7:e7:e8:04:17:b5:76:67:a0:e8:
         fa:f1:db:39:c6:4e:2b:fd:65:06:08:09:df:d2:ce:ca:4a:fc:
         29:33:02:53:21:26:6f:65:58:f0:6a:a7:04:d1:ac:db:1a:63:
         fd:9c:17:e0:31:7f:da:c8:f4:f4:0d:2b:86:04:8a:67:09:79:
         40:58:8e:9b:40:c0:b8:ae:50:c1:cf:59:4f:d4:ab:16:ef:c0:
         d2:ac:52:a9:3e:d4:a4:9f:5c:b7:5f:d0:a6:fe:40:7b:ea:ba:
         bb:e2:09:23:ef:93:aa:69:7d:aa:bf:16:b6:dc:9b:b3:cb:a7:
         aa:9f:e7:ff:6e:e5:99:06:11:77:d8:fe:01:a7:8b:a4:20:d1:
         94:08:65:a9:7c:5b:7a:38:16:ef:9c:7d:76:17:37:3f:a1:98:
         2b:49:6e:19:46:a9:3c:45:b0:c9:dd:6d:61:2f:1d:b0:7f:a3:
         d9:e9:5e:49:c0:18:9c:b8:33:37:81:09:f8:fd:51:30:40:79:
         05:e3:9a:4b:c3:da:88:60:e8:a6:5c:96:cd:c3:db:8b:70:d8:
         3f:ff:f5:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwh0EcJnKsOinF+w2/DxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOWYxNTliYWI4MzY2MWZkOTNlYWQ0MzBjM2JkYjFlYWE3
ZWFmMDgwHhcNMjMwMTAxMTkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGUzMDU2ZGZjODE0YjA5ODZjYjM2NGVjNjRkMDM0NDQ3NTZlMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbo8dWmfcbWqMhcQO16KfsuzsunE
jypjQBGTZLdSv2Jfi94E7Cw1kaxFxj9dpbzsdj859UIkJfj9/D1wpy16bN04PNzx
aLPdgaG/624vjtexdpheK0r6OGf1LbEMjZ3XDaV1MBZWDT/iJK7JFtgeJrgiCE4L
XDUfCmhLOfM0l2WNmZSLJ4dDGnzWKhauyiauhKSD7LJdl2nndAh91Labj37hqZAh
DFPBrocu0IkXiaxAuAJVDYFO0b2uQiK7JKiiwqhGGTNm6V+D6YYqOXN5p4J/PbmG
+EgnJY592bdJFIs/fTKLAKsDSBNyV2J1FF67Wsjdv8u1x+v0etl3s9WGEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFITjBW38gUsJhss2TsZNA0RHVuFuMB8GA1UdIwQY
MBaAFL6fFZurg2Yf2T6tQww72x6qfq8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnA4Vm02dURaaF9aUHExREREdmJIcXAtcndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hNDgxZmEtMmQwZC00ZThlLWIyZDMt
MjhkODI0OGI1YjYxLzEvaE9NRmJmeUJTd21HeXpaT3hrMERSRWRXNFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hNDgxZmEtMmQwZC00ZThlLWIyZDMtMjhkODI0OGI1YjYx
LzEvdnA4Vm02dURaaF9aUHExREREdmJIcXAtcndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWetAAwQC
uYccMA0GCSqGSIb3DQEBCwUAA4IBAQBXR87P6cZbLwiKoLCBKIgH3LqvZjjjI9vN
i2yJmEsBhPtxM1MygahuYuNTM/fn6AQXtXZnoOj68ds5xk4r/WUGCAnf0s7KSvwp
MwJTISZvZVjwaqcE0azbGmP9nBfgMX/ayPT0DSuGBIpnCXlAWI6bQMC4rlDBz1lP
1KsW78DSrFKpPtSkn1y3X9Cm/kB76rq74gkj75OqaX2qvxa23Juzy6eqn+f/buWZ
BhF32P4Bp4ukINGUCGWpfFt6OBbvnH12Fzc/oZgrSW4ZRqk8RbDJ3W1hLx2wf6PZ
6V5JwBicuDM3gQn4/VEwQHkF45pLw9qIYOimXJbNw9uLcNg///XC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:09 2024 by rpki-client on console-fra.rpki-client.org