Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/b9df5a-a454-4e27-86af-13d380715cef/1/xy_kVLvJ7pJBUbsDkn5Cs0pzNXs.roa
File:                     xy_kVLvJ7pJBUbsDkn5Cs0pzNXs.roa (raw, json)
Hash identifier:          UwNAoSi81xoF8EukBeoPID6EOeYJyl7/n8qlXpX9NV4=
Subject key identifier:   C7:2F:E4:54:BB:C9:EE:92:41:51:BB:03:92:7E:42:B3:4A:73:35:7B
Certificate issuer:       /CN=e204e1c20114d7731694ddc4f277c4df1bffc4f8
Certificate serial:       0185711E686B41901AD6F02C8AE1DCD69F98
Authority key identifier: E2:04:E1:C2:01:14:D7:73:16:94:DD:C4:F2:77:C4:DF:1B:FF:C4:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4gThwgEU13MWlN3E8nfE3xv_xPg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/b9df5a-a454-4e27-86af-13d380715cef/1/xy_kVLvJ7pJBUbsDkn5Cs0pzNXs.roa
Signing time:             Mon 02 Jan 2023 06:14:56 +0000
ROA not before:           Mon 02 Jan 2023 06:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39532
IP address blocks:        89.104.128.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:68:6b:41:90:1a:d6:f0:2c:8a:e1:dc:d6:9f:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e204e1c20114d7731694ddc4f277c4df1bffc4f8
        Validity
            Not Before: Jan  2 06:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c72fe454bbc9ee924151bb03927e42b34a73357b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a4:a6:e2:bc:ac:8b:4b:db:80:be:2b:b0:b0:
                    88:88:af:f1:62:73:ff:e0:5c:aa:df:74:dd:06:5f:
                    66:16:26:9d:45:9e:ac:03:cb:92:e4:95:a4:9f:0c:
                    ac:a7:6a:89:66:1a:3b:1f:7b:62:5b:a5:2e:30:05:
                    ce:64:ed:d9:dd:2a:56:bb:a6:26:46:71:2f:82:4d:
                    81:92:41:5b:16:52:5f:80:89:3d:28:a9:44:bb:4c:
                    c4:60:6f:d9:6e:d6:47:61:7b:12:d8:cf:46:f6:48:
                    f2:82:c0:2c:4f:76:ea:6f:26:1d:81:d5:00:03:12:
                    f3:46:70:66:fb:5d:1f:91:a7:24:9f:3d:6b:eb:f8:
                    f0:b7:ff:82:19:4c:68:66:4d:71:e7:56:46:5d:d4:
                    30:f6:f8:6d:44:bc:89:25:e5:f2:d6:e4:5e:83:cc:
                    6a:fb:4a:b7:39:02:43:2c:1f:8d:7e:34:98:11:78:
                    d0:43:47:c6:ce:90:4a:7b:13:0a:21:c6:a3:f5:54:
                    67:c3:e0:91:89:0a:48:97:31:25:0a:58:1c:fd:61:
                    e4:fb:73:ad:e9:62:dc:1c:25:58:da:a0:8b:6c:0c:
                    9b:d2:78:a4:0f:f8:38:7f:a3:ba:f4:29:87:64:65:
                    9f:96:85:b6:e9:6f:df:99:20:33:14:f0:4f:50:e1:
                    75:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:2F:E4:54:BB:C9:EE:92:41:51:BB:03:92:7E:42:B3:4A:73:35:7B
            X509v3 Authority Key Identifier:
                keyid:E2:04:E1:C2:01:14:D7:73:16:94:DD:C4:F2:77:C4:DF:1B:FF:C4:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gThwgEU13MWlN3E8nfE3xv_xPg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/b9df5a-a454-4e27-86af-13d380715cef/1/xy_kVLvJ7pJBUbsDkn5Cs0pzNXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/b9df5a-a454-4e27-86af-13d380715cef/1/4gThwgEU13MWlN3E8nfE3xv_xPg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.104.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         bb:e1:f5:40:25:35:5e:0e:45:a2:28:88:d4:f6:04:6d:3f:c1:
         b5:23:05:cf:7f:8c:7d:0d:9d:19:d7:3e:b8:be:e6:b5:99:b7:
         d7:20:96:9b:e7:aa:2e:1e:b8:ff:fa:99:9e:99:fa:58:09:44:
         2a:2a:b7:81:de:bc:7e:28:c9:7c:da:52:b1:83:f2:c3:b7:25:
         d3:e9:95:24:25:77:d3:0e:58:6b:b3:5e:42:f6:ea:49:d1:58:
         89:11:f8:4b:94:b1:23:cd:88:fb:d2:f7:4d:13:ed:e6:24:47:
         c7:25:e4:39:99:f7:41:7c:70:6a:ac:93:9f:53:35:37:7a:62:
         a7:2b:40:3d:9d:a9:70:84:6f:74:2f:f9:40:a4:b6:ab:da:83:
         ed:11:51:f7:08:6e:de:a2:d5:bc:6a:a5:87:0f:21:0b:f9:b1:
         b8:6f:cd:d6:97:5a:92:b6:f1:41:6a:40:e1:67:cc:76:cf:51:
         db:91:e1:7f:e2:dd:a8:4c:0e:48:78:5d:9f:b2:f5:f5:76:43:
         61:5d:a8:6c:97:dd:ec:a4:cf:5a:67:46:df:a8:d1:14:a3:14:
         03:94:cd:76:db:ab:a6:c4:fa:73:b5:c0:59:31:c1:93:62:00:
         8b:66:d7:9b:ce:ab:5d:7d:54:48:8c:2a:f6:08:cb:82:be:8b:
         07:89:e9:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHmhrQZAa1vAsiuHc1p+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMDRlMWMyMDExNGQ3NzMxNjk0ZGRjNGYyNzdjNGRmMWJm
ZmM0ZjgwHhcNMjMwMTAyMDYxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJmZTQ1NGJiYzllZTkyNDE1MWJiMDM5MjdlNDJiMzRhNzMzNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKSm4rysi0vbgL4rsLCIiK/xYnP/
4Fyq33TdBl9mFiadRZ6sA8uS5JWknwysp2qJZho7H3tiW6UuMAXOZO3Z3SpWu6Ym
RnEvgk2BkkFbFlJfgIk9KKlEu0zEYG/ZbtZHYXsS2M9G9kjygsAsT3bqbyYdgdUA
AxLzRnBm+10fkacknz1r6/jwt/+CGUxoZk1x51ZGXdQw9vhtRLyJJeXy1uReg8xq
+0q3OQJDLB+NfjSYEXjQQ0fGzpBKexMKIcaj9VRnw+CRiQpIlzElClgc/WHk+3Ot
6WLcHCVY2qCLbAyb0nikD/g4f6O69CmHZGWfloW26W/fmSAzFPBPUOF1cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcv5FS7ye6SQVG7A5J+QrNKczV7MB8GA1UdIwQY
MBaAFOIE4cIBFNdzFpTdxPJ3xN8b/8T4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGdUaHdnRVUxM01XbE4zRThuZkUzeHZfeFBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9iOWRmNWEtYTQ1NC00ZTI3LTg2YWYt
MTNkMzgwNzE1Y2VmLzEveHlfa1ZMdko3cEpCVWJzRGtuNUNzMHB6TlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9iOWRmNWEtYTQ1NC00ZTI3LTg2YWYtMTNkMzgwNzE1Y2Vm
LzEvNGdUaHdnRVUxM01XbE4zRThuZkUzeHZfeFBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWWiAMA0G
CSqGSIb3DQEBCwUAA4IBAQC74fVAJTVeDkWiKIjU9gRtP8G1IwXPf4x9DZ0Z1z64
vua1mbfXIJab56ouHrj/+pmemfpYCUQqKreB3rx+KMl82lKxg/LDtyXT6ZUkJXfT
Dlhrs15C9upJ0ViJEfhLlLEjzYj70vdNE+3mJEfHJeQ5mfdBfHBqrJOfUzU3emKn
K0A9nalwhG90L/lApLar2oPtEVH3CG7eotW8aqWHDyEL+bG4b83Wl1qStvFBakDh
Z8x2z1HbkeF/4t2oTA5IeF2fsvX1dkNhXahsl93spM9aZ0bfqNEUoxQDlM1226um
xPpztcBZMcGTYgCLZtebzqtdfVRIjCr2CMuCvosHiekZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:10 2024 by rpki-client on console-ams.rpki-client.org