Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/ubsWy3DQNkqEM4fY45pJSYxFokk.roa
File:                     ubsWy3DQNkqEM4fY45pJSYxFokk.roa (raw, json)
Hash identifier:          cRqvEDuFKchNr7JoTpOmhEQIao+A4AShNrrQSORg4g0=
Subject key identifier:   B9:BB:16:CB:70:D0:36:4A:84:33:87:D8:E3:9A:49:49:8C:45:A2:49
Certificate issuer:       /CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Certificate serial:       018E862DB0770E01655FEF087939A85CEFD1
Authority key identifier: FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/ubsWy3DQNkqEM4fY45pJSYxFokk.roa
Signing time:             Thu 28 Mar 2024 17:48:44 +0000
ROA not before:           Thu 28 Mar 2024 17:48:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        185.130.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Mar 2024 18:39:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:86:2d:b0:77:0e:01:65:5f:ef:08:79:39:a8:5c:ef:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd658693ec327ead4fe83a57b82601cc2552aabd
        Validity
            Not Before: Mar 28 17:48:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b9bb16cb70d0364a843387d8e39a49498c45a249
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:24:09:56:29:aa:bc:e5:a5:07:cf:71:7a:f6:
                    56:be:28:e5:a6:b2:09:67:11:b9:3e:d1:ef:1f:ba:
                    59:e9:d7:ab:31:60:b6:ce:5c:99:7b:94:c7:a5:a0:
                    d0:fb:69:8a:d7:c3:55:b7:0f:c8:75:9a:b7:94:d9:
                    b5:f9:db:82:bd:6d:42:97:b2:d9:1e:18:13:5d:d1:
                    d4:ed:8c:36:85:bf:f0:8d:1a:75:b5:fd:41:95:93:
                    86:1f:69:b9:61:c7:e2:12:ed:2f:0f:e9:56:f5:fb:
                    58:12:dc:c6:44:a1:98:1e:7d:04:62:7c:67:3b:84:
                    52:10:e7:10:2d:4e:c1:2b:1f:5e:22:a2:07:5a:44:
                    6c:27:e4:54:9d:5a:b6:5e:31:3a:30:35:78:90:31:
                    d0:93:d6:ab:a5:f4:84:34:39:b7:79:b0:84:4d:d3:
                    6e:f4:e8:1b:01:01:0b:c8:f4:7d:91:9c:b5:5e:d0:
                    69:ab:03:8e:e0:1d:e0:4e:55:eb:58:5c:65:16:81:
                    6a:c8:a1:1f:c2:d2:7a:22:d0:b8:b1:a2:0b:f4:2a:
                    42:c2:a2:9c:d0:26:64:c1:fa:e9:4a:a8:89:21:95:
                    fa:49:f2:23:58:58:e5:bb:9d:02:af:84:d7:67:f6:
                    09:56:ed:c1:52:1d:e9:5f:a7:bc:9c:7c:20:41:2e:
                    37:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:BB:16:CB:70:D0:36:4A:84:33:87:D8:E3:9A:49:49:8C:45:A2:49
            X509v3 Authority Key Identifier:
                keyid:FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/ubsWy3DQNkqEM4fY45pJSYxFokk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:fe:68:9d:d2:df:11:fe:fb:0e:7c:e8:6b:d6:25:03:ef:87:
         d6:57:9d:45:ab:7b:a6:21:de:ed:59:64:38:b5:22:d4:15:31:
         52:2e:af:6d:52:1f:ef:78:f1:2d:e0:18:c9:13:a0:88:64:69:
         2f:0e:20:89:13:c0:90:5b:47:61:02:9e:30:ff:c2:89:d2:0c:
         ae:c2:00:4e:b3:bf:3c:31:7c:4f:26:c3:ee:ce:8c:e0:20:3f:
         60:37:bc:a3:8f:68:43:72:c8:64:84:94:ec:3b:ab:1d:0e:68:
         3a:6a:b8:d7:1e:d9:1d:10:45:e4:f4:7d:84:0a:fc:7d:13:c4:
         f2:58:aa:6a:ad:3f:6a:80:e7:dd:9f:ab:0c:27:d3:5c:30:32:
         3d:50:23:44:29:fb:55:99:9d:4e:8a:d6:20:60:a4:25:47:b4:
         60:69:f4:70:02:42:20:fe:f4:09:d5:db:bb:76:40:c4:a1:e2:
         eb:2d:6c:f0:28:28:56:27:9f:17:bd:36:10:47:55:fe:ad:af:
         92:d1:ee:05:d4:84:22:9e:ce:1f:84:c1:e6:9c:8e:22:0e:dd:
         fd:26:cc:f6:83:74:d6:7d:24:26:6c:91:ca:dd:8d:d7:9c:af:
         30:c9:b6:73:3d:13:f2:33:80:38:d9:77:01:81:06:41:a1:fb:
         91:a8:54:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6GLbB3DgFlX+8IeTmoXO/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNjU4NjkzZWMzMjdlYWQ0ZmU4M2E1N2I4MjYwMWNjMjU1
MmFhYmQwHhcNMjQwMzI4MTc0ODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWJiMTZjYjcwZDAzNjRhODQzMzg3ZDhlMzlhNDk0OThjNDVhMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiQJVimqvOWlB89xevZWvijlprIJ
ZxG5PtHvH7pZ6derMWC2zlyZe5THpaDQ+2mK18NVtw/IdZq3lNm1+duCvW1Cl7LZ
HhgTXdHU7Yw2hb/wjRp1tf1BlZOGH2m5YcfiEu0vD+lW9ftYEtzGRKGYHn0EYnxn
O4RSEOcQLU7BKx9eIqIHWkRsJ+RUnVq2XjE6MDV4kDHQk9arpfSENDm3ebCETdNu
9OgbAQELyPR9kZy1XtBpqwOO4B3gTlXrWFxlFoFqyKEfwtJ6ItC4saIL9CpCwqKc
0CZkwfrpSqiJIZX6SfIjWFjlu50Cr4TXZ/YJVu3BUh3pX6e8nHwgQS43+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLm7Fstw0DZKhDOH2OOaSUmMRaJJMB8GA1UdIwQY
MBaAFP1lhpPsMn6tT+g6V7gmAcwlUqq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUt
OTVmZjVjNWRiYjUwLzEvdWJzV3kzRFFOa3FFTTRmWTQ1cEpTWXhGb2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUtOTVmZjVjNWRiYjUw
LzEvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYJZMA0G
CSqGSIb3DQEBCwUAA4IBAQAU/mid0t8R/vsOfOhr1iUD74fWV51Fq3umId7tWWQ4
tSLUFTFSLq9tUh/vePEt4BjJE6CIZGkvDiCJE8CQW0dhAp4w/8KJ0gyuwgBOs788
MXxPJsPuzozgID9gN7yjj2hDcshkhJTsO6sdDmg6arjXHtkdEEXk9H2ECvx9E8Ty
WKpqrT9qgOfdn6sMJ9NcMDI9UCNEKftVmZ1OitYgYKQlR7RgafRwAkIg/vQJ1du7
dkDEoeLrLWzwKChWJ58XvTYQR1X+ra+S0e4F1IQins4fhMHmnI4iDt39Jsz2g3TW
fSQmbJHK3Y3XnK8wybZzPRPyM4A42XcBgQZBofuRqFSd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:45 2024 by rpki-client on console-ams.rpki-client.org