Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CUzdJ_xmRjskG5CVg2fTgCIBqmA.roa
File:                     CUzdJ_xmRjskG5CVg2fTgCIBqmA.roa (raw, json)
Hash identifier:          k7Q02wWJgZ5T/TeHH6BiA1QyyLS1FoXRKkwNL4Kcw0I=
Subject key identifier:   09:4C:DD:27:FC:66:46:3B:24:1B:90:95:83:67:D3:80:22:01:AA:60
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       01879C9C4C390FDDA59F5C4B3E2F427F0D7B
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CUzdJ_xmRjskG5CVg2fTgCIBqmA.roa
Signing time:             Thu 20 Apr 2023 03:01:41 +0000
ROA not before:           Thu 20 Apr 2023 03:01:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61138
IP address blocks:        89.47.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Apr 2023 16:05:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9c:9c:4c:39:0f:dd:a5:9f:5c:4b:3e:2f:42:7f:0d:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Apr 20 03:01:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=094cdd27fc66463b241b90958367d3802201aa60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:98:84:3e:38:7a:26:40:d5:98:8d:6d:c0:ef:
                    a4:15:dd:dc:41:94:d1:99:0c:a0:ca:28:05:5d:1e:
                    33:20:d2:5b:38:94:0f:22:c5:af:58:f6:77:90:e7:
                    d0:e9:e9:b2:0b:e8:3b:84:39:e3:a0:24:ab:b2:f7:
                    19:75:42:34:fa:32:0c:cd:b6:8c:bc:95:04:3e:21:
                    66:fe:9c:d3:c2:d8:55:3e:3f:cb:00:ed:03:37:b3:
                    5d:12:7c:32:3d:4a:f9:ed:a8:7c:cd:14:44:6a:87:
                    35:77:5d:39:79:84:d4:7f:48:fb:e0:53:21:77:a7:
                    32:c6:79:9b:2c:95:78:39:96:fe:55:b6:11:d1:01:
                    3f:49:29:02:eb:81:e1:a1:82:9d:35:45:d1:d4:af:
                    12:46:62:7b:5a:58:18:95:2a:bd:87:ae:63:2d:53:
                    dc:5a:c3:e2:f1:42:89:8f:28:52:dd:c1:3c:06:2f:
                    17:f6:4e:e4:6e:c7:f8:fa:78:87:b6:d9:46:e0:75:
                    d5:23:96:c0:90:44:55:42:62:ac:6d:13:09:d3:0d:
                    e3:b5:df:11:f1:0a:cf:0d:d6:ef:d3:0f:3f:ab:21:
                    37:78:79:e9:35:05:72:7f:e5:76:f0:75:f2:5c:6c:
                    44:ea:9a:34:e5:68:07:b7:92:ad:53:61:ca:92:4b:
                    7f:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:4C:DD:27:FC:66:46:3B:24:1B:90:95:83:67:D3:80:22:01:AA:60
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CUzdJ_xmRjskG5CVg2fTgCIBqmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.47.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:3c:55:3f:e1:dc:53:40:96:6d:a1:80:82:bb:8b:08:b2:62:
         3a:45:93:05:93:0b:69:67:5f:11:df:0d:c3:a4:fa:97:8b:17:
         56:96:d4:d0:ef:e2:dc:d8:2d:22:c5:63:dc:7f:26:ea:86:61:
         0d:59:8a:06:e1:c0:36:8b:da:c9:0f:78:69:62:aa:7f:4c:17:
         e9:0a:8e:85:08:36:87:bf:6e:e7:2a:ae:cb:45:be:84:2f:c0:
         4a:84:aa:c2:86:43:d6:7c:51:63:1e:d2:54:27:7a:18:29:ac:
         d4:06:68:8f:54:b5:cc:9e:59:7e:56:30:22:d1:73:e0:b8:6a:
         4e:b0:6d:3c:76:79:3e:3a:79:8e:b2:62:81:79:89:9e:4a:30:
         c9:58:ae:90:51:96:79:10:40:01:fd:e3:a4:e3:be:f6:27:32:
         11:67:03:14:52:56:b7:2a:6f:1a:61:d5:2a:09:4a:c3:b3:02:
         4f:c9:57:3f:3d:90:28:3c:0a:88:73:a4:ce:cf:af:23:0b:35:
         57:9b:0b:97:3d:71:92:de:15:95:6a:30:9e:e0:e7:b2:0f:db:
         f8:49:bb:e7:fd:88:b7:9d:8a:f2:d3:a5:7b:ba:15:60:51:0e:
         6c:26:aa:01:63:d2:4b:ed:2d:a9:14:c7:4f:6b:13:5b:03:79:
         b8:43:e3:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYecnEw5D92ln1xLPi9Cfw17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNDIwMDMwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTRjZGQyN2ZjNjY0NjNiMjQxYjkwOTU4MzY3ZDM4MDIyMDFhYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipiEPjh6JkDVmI1twO+kFd3cQZTR
mQygyigFXR4zINJbOJQPIsWvWPZ3kOfQ6emyC+g7hDnjoCSrsvcZdUI0+jIMzbaM
vJUEPiFm/pzTwthVPj/LAO0DN7NdEnwyPUr57ah8zRREaoc1d105eYTUf0j74FMh
d6cyxnmbLJV4OZb+VbYR0QE/SSkC64HhoYKdNUXR1K8SRmJ7WlgYlSq9h65jLVPc
WsPi8UKJjyhS3cE8Bi8X9k7kbsf4+niHttlG4HXVI5bAkERVQmKsbRMJ0w3jtd8R
8QrPDdbv0w8/qyE3eHnpNQVyf+V28HXyXGxE6po05WgHt5KtU2HKkkt/CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlM3Sf8ZkY7JBuQlYNn04AiAapgMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQ1V6ZEpfeG1SanNrRzVDVmcyZlRnQ0lCcW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS/5MA0G
CSqGSIb3DQEBCwUAA4IBAQCJPFU/4dxTQJZtoYCCu4sIsmI6RZMFkwtpZ18R3w3D
pPqXixdWltTQ7+Lc2C0ixWPcfybqhmENWYoG4cA2i9rJD3hpYqp/TBfpCo6FCDaH
v27nKq7LRb6EL8BKhKrChkPWfFFjHtJUJ3oYKazUBmiPVLXMnll+VjAi0XPguGpO
sG08dnk+OnmOsmKBeYmeSjDJWK6QUZZ5EEAB/eOk4772JzIRZwMUUla3Km8aYdUq
CUrDswJPyVc/PZAoPAqIc6TOz68jCzVXmwuXPXGS3hWVajCe4OeyD9v4Sbvn/Yi3
nYry06V7uhVgUQ5sJqoBY9JL7S2pFMdPaxNbA3m4Q+MS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org