Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/l_j3pJoye7r9PhTioAIjCCZP4AU.roa
File:                     l_j3pJoye7r9PhTioAIjCCZP4AU.roa (raw, json)
Hash identifier:          vB6Sqn8FvRIHORHC3Zmw+SZebUKi4lDcjx8I0gHYQtY=
Subject key identifier:   97:F8:F7:A4:9A:32:7B:BA:FD:3E:14:E2:A0:02:23:08:26:4F:E0:05
Certificate issuer:       /CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Certificate serial:       018D204B72566050A904B6695257634C4C47
Authority key identifier: FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/l_j3pJoye7r9PhTioAIjCCZP4AU.roa
Signing time:             Fri 19 Jan 2024 05:57:11 +0000
ROA not before:           Fri 19 Jan 2024 05:57:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        185.130.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 23 Mar 2024 12:45:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:20:4b:72:56:60:50:a9:04:b6:69:52:57:63:4c:4c:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd658693ec327ead4fe83a57b82601cc2552aabd
        Validity
            Not Before: Jan 19 05:57:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=97f8f7a49a327bbafd3e14e2a0022308264fe005
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d1:f6:c2:ce:8c:26:cb:c4:79:fd:69:f1:bc:
                    25:27:1c:ac:57:da:4f:ed:db:1b:95:9a:34:81:6e:
                    9e:bd:df:0b:18:7e:30:b3:f1:58:bc:ff:a3:6d:8d:
                    43:08:83:a7:4f:8a:8d:c0:81:af:fc:4b:f3:f9:55:
                    31:41:a5:4e:1e:7a:e6:77:33:5a:56:b8:72:b7:8f:
                    d0:a4:a3:f3:f5:26:57:f5:a3:e5:1c:da:e2:12:20:
                    3a:aa:b6:28:aa:16:bf:15:86:c2:b2:4c:8b:94:bb:
                    60:33:2e:c6:e0:ad:fe:76:4e:ed:6b:50:10:cd:b9:
                    1f:84:42:1f:86:02:ec:2b:0c:04:87:7d:3b:ba:70:
                    88:c7:82:27:1f:bb:18:21:cf:8d:b7:c0:a6:44:54:
                    14:5f:d6:33:5d:7b:d3:89:42:e4:c3:00:f2:ee:2b:
                    61:b3:cb:a0:d3:79:d4:29:0c:ad:c8:46:ad:0a:0e:
                    b6:66:33:b4:fd:2a:f6:7b:0c:60:5e:bf:49:d8:4c:
                    03:c9:57:5b:b6:96:95:cc:47:62:29:47:f6:73:60:
                    57:48:55:1a:43:69:e6:98:f3:26:60:c1:0b:09:ba:
                    d8:cc:3d:7c:a9:c4:38:19:b7:6b:36:4d:d3:e5:f7:
                    78:8e:dc:15:7d:4b:41:e8:80:f0:89:8a:bf:e7:87:
                    4d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:F8:F7:A4:9A:32:7B:BA:FD:3E:14:E2:A0:02:23:08:26:4F:E0:05
            X509v3 Authority Key Identifier:
                keyid:FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/l_j3pJoye7r9PhTioAIjCCZP4AU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:77:99:02:f7:8a:ae:ff:02:b4:67:a0:93:e4:f6:71:12:07:
         b2:a6:fd:7e:03:e2:1e:f5:f1:50:49:e6:d2:d7:70:e4:47:f0:
         ed:b4:69:71:5e:b7:d9:a3:dd:08:f8:93:68:82:9a:0e:4d:44:
         00:aa:fa:d3:f8:e8:65:17:bd:97:31:1d:de:51:4d:fb:b0:34:
         17:05:78:20:5b:1c:c9:dc:ef:07:c1:18:c3:9b:9b:5e:31:92:
         f0:e8:aa:00:16:e6:33:83:12:1b:72:c8:1b:35:62:59:8a:98:
         99:3c:93:38:3a:5f:6b:ed:d2:3c:82:b4:64:d1:88:8e:04:4d:
         08:b4:93:bc:c4:66:41:e8:b1:7a:61:7e:b6:df:e2:2d:e4:5b:
         08:e7:46:26:fc:6f:b3:42:21:8f:bc:fa:aa:f2:18:fb:38:3e:
         df:23:e9:78:f8:1d:b0:77:72:e5:3c:29:bd:04:36:a6:92:6b:
         2a:1f:a5:97:03:be:46:8f:17:9c:73:45:ba:06:1f:1b:02:fa:
         3c:93:00:6c:6e:bb:e3:86:9f:3d:d2:5e:0a:29:e9:50:48:ef:
         b6:e0:9a:7b:56:be:21:32:79:8e:1a:93:fd:22:1a:ac:51:3d:
         b9:23:d0:fd:a2:dc:23:9c:76:4d:67:87:fe:66:6e:a4:be:56:
         a6:aa:34:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0gS3JWYFCpBLZpUldjTExHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNjU4NjkzZWMzMjdlYWQ0ZmU4M2E1N2I4MjYwMWNjMjU1
MmFhYmQwHhcNMjQwMTE5MDU1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Y4ZjdhNDlhMzI3YmJhZmQzZTE0ZTJhMDAyMjMwODI2NGZlMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdH2ws6MJsvEef1p8bwlJxysV9pP
7dsblZo0gW6evd8LGH4ws/FYvP+jbY1DCIOnT4qNwIGv/Evz+VUxQaVOHnrmdzNa
Vrhyt4/QpKPz9SZX9aPlHNriEiA6qrYoqha/FYbCskyLlLtgMy7G4K3+dk7ta1AQ
zbkfhEIfhgLsKwwEh307unCIx4InH7sYIc+Nt8CmRFQUX9YzXXvTiULkwwDy7ith
s8ug03nUKQytyEatCg62ZjO0/Sr2ewxgXr9J2EwDyVdbtpaVzEdiKUf2c2BXSFUa
Q2nmmPMmYMELCbrYzD18qcQ4GbdrNk3T5fd4jtwVfUtB6IDwiYq/54dNIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJf496SaMnu6/T4U4qACIwgmT+AFMB8GA1UdIwQY
MBaAFP1lhpPsMn6tT+g6V7gmAcwlUqq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUt
OTVmZjVjNWRiYjUwLzEvbF9qM3BKb3llN3I5UGhUaW9BSWpDQ1pQNEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUtOTVmZjVjNWRiYjUw
LzEvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYJZMA0G
CSqGSIb3DQEBCwUAA4IBAQBOd5kC94qu/wK0Z6CT5PZxEgeypv1+A+Ie9fFQSebS
13DkR/DttGlxXrfZo90I+JNogpoOTUQAqvrT+OhlF72XMR3eUU37sDQXBXggWxzJ
3O8HwRjDm5teMZLw6KoAFuYzgxIbcsgbNWJZipiZPJM4Ol9r7dI8grRk0YiOBE0I
tJO8xGZB6LF6YX623+It5FsI50Ym/G+zQiGPvPqq8hj7OD7fI+l4+B2wd3LlPCm9
BDamkmsqH6WXA75Gjxecc0W6Bh8bAvo8kwBsbrvjhp890l4KKelQSO+24Jp7Vr4h
MnmOGpP9IhqsUT25I9D9otwjnHZNZ4f+Zm6kvlamqjRO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:10 2024 by rpki-client on console-fra.rpki-client.org