Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/g1tFYlZjZnCgZOcWgrhVwro1mKs.roa
File:                     g1tFYlZjZnCgZOcWgrhVwro1mKs.roa (raw, json)
Hash identifier:          rnvXOaJ6p9tuh0+aC+tJhAHuEyHnbDzHBnnh2pPkAuc=
Subject key identifier:   83:5B:45:62:56:63:66:70:A0:64:E7:16:82:B8:55:C2:BA:35:98:AB
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       01875D55E3E925439CFA4344D76C62A92B3F
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/g1tFYlZjZnCgZOcWgrhVwro1mKs.roa
Signing time:             Fri 07 Apr 2023 20:08:42 +0000
ROA not before:           Fri 07 Apr 2023 20:08:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211432
IP address blocks:        89.40.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Oct 2023 18:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:5d:55:e3:e9:25:43:9c:fa:43:44:d7:6c:62:a9:2b:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Apr  7 20:08:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=835b456256636670a064e71682b855c2ba3598ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:1a:6d:90:e7:48:da:59:64:46:64:d9:30:ed:
                    1d:a9:c1:5d:17:64:95:df:f4:50:1e:15:f8:2b:2e:
                    bb:a0:f6:dc:9c:fc:cd:ce:89:58:bf:c7:2a:f5:f0:
                    e6:a5:19:9f:1f:75:e7:41:67:a0:b4:ac:73:4f:af:
                    9c:0e:27:63:30:e4:ee:ca:c6:f1:02:33:a8:84:fa:
                    01:52:ab:2d:04:4d:ec:b1:2e:a0:70:0f:9e:b3:95:
                    0a:9c:56:49:9e:41:17:4a:89:de:e9:07:66:b2:41:
                    21:96:4b:4d:7a:b1:75:b2:4b:75:e3:cd:d8:90:f2:
                    05:a2:67:67:f4:33:9a:d1:d6:18:d6:1a:32:d5:8f:
                    3c:ea:27:96:1f:05:fa:4e:25:e9:c7:c1:de:e2:6e:
                    4d:75:29:51:2f:e8:5b:2f:46:3e:79:af:a0:29:bc:
                    ca:00:7a:7b:fc:96:54:9b:d4:6b:c2:c8:32:95:df:
                    37:6f:32:21:f8:5d:27:f9:76:16:64:ab:86:1b:52:
                    7d:7c:13:72:cb:84:2d:46:a2:84:b9:df:c1:7a:9d:
                    67:e7:b0:0c:f5:36:e5:6e:89:5a:1e:d6:c2:fa:e1:
                    fb:d7:14:7f:30:69:3f:2b:ac:0c:a2:88:a3:d4:58:
                    5c:8c:74:a0:94:99:3c:67:a3:33:9c:2d:0e:b9:44:
                    d5:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:5B:45:62:56:63:66:70:A0:64:E7:16:82:B8:55:C2:BA:35:98:AB
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/g1tFYlZjZnCgZOcWgrhVwro1mKs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.40.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:be:40:07:82:aa:b2:f7:66:a6:91:fb:4f:d2:e0:e7:f9:15:
         4e:b7:a5:f5:87:f0:dd:ba:95:85:dd:00:f1:17:cf:83:93:46:
         d2:33:62:66:db:42:c9:af:9e:61:3f:76:6b:b2:64:84:e0:36:
         a8:fa:42:e5:de:1e:1c:39:a9:1c:78:16:98:46:29:db:cf:89:
         75:82:57:20:e8:1d:96:e4:47:7b:f3:be:e0:a2:53:9c:74:1b:
         36:1c:64:da:45:d0:85:57:ba:dc:f8:32:e9:d7:4c:40:8d:46:
         99:7f:6b:3b:48:f2:10:8f:16:ba:3a:98:0a:c9:ee:3d:27:bf:
         66:5c:2d:75:4e:9f:2b:3f:04:cb:38:e3:a4:b3:9c:7f:19:89:
         02:15:35:a4:97:15:16:2e:96:86:6f:4b:e0:74:3e:dc:32:12:
         4c:c6:a5:50:84:6b:81:d7:7d:8a:2b:80:b3:da:7a:ae:7f:08:
         52:23:f8:0b:b5:2b:74:37:97:0b:26:06:e7:c5:72:a6:5a:7f:
         28:45:83:0e:75:7f:8a:0b:c1:ea:22:48:82:29:e7:f5:2c:f6:
         fd:6e:98:27:f0:b6:bb:ce:a2:31:b7:b3:e6:17:ba:95:40:73:
         3d:76:8f:68:0d:bd:45:84:c6:77:99:e1:1a:59:26:a6:2b:0d:
         d7:ec:e2:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYddVePpJUOc+kNE12xiqSs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNDA3MjAwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzViNDU2MjU2NjM2NjcwYTA2NGU3MTY4MmI4NTVjMmJhMzU5OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhptkOdI2llkRmTZMO0dqcFdF2SV
3/RQHhX4Ky67oPbcnPzNzolYv8cq9fDmpRmfH3XnQWegtKxzT6+cDidjMOTuysbx
AjOohPoBUqstBE3ssS6gcA+es5UKnFZJnkEXSone6QdmskEhlktNerF1skt1483Y
kPIFomdn9DOa0dYY1hoy1Y886ieWHwX6TiXpx8He4m5NdSlRL+hbL0Y+ea+gKbzK
AHp7/JZUm9Rrwsgyld83bzIh+F0n+XYWZKuGG1J9fBNyy4QtRqKEud/Bep1n57AM
9TblbolaHtbC+uH71xR/MGk/K6wMooij1FhcjHSglJk8Z6MznC0OuUTV+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINbRWJWY2ZwoGTnFoK4VcK6NZirMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvZzF0RllsWmpabkNnWk9jV2dyaFZ3cm8xbUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSimMA0G
CSqGSIb3DQEBCwUAA4IBAQAKvkAHgqqy92amkftP0uDn+RVOt6X1h/DdupWF3QDx
F8+Dk0bSM2Jm20LJr55hP3ZrsmSE4Dao+kLl3h4cOakceBaYRinbz4l1glcg6B2W
5Ed7877golOcdBs2HGTaRdCFV7rc+DLp10xAjUaZf2s7SPIQjxa6OpgKye49J79m
XC11Tp8rPwTLOOOks5x/GYkCFTWklxUWLpaGb0vgdD7cMhJMxqVQhGuB132KK4Cz
2nqufwhSI/gLtSt0N5cLJgbnxXKmWn8oRYMOdX+KC8HqIkiCKef1LPb9bpgn8La7
zqIxt7PmF7qVQHM9do9oDb1FhMZ3meEaWSamKw3X7OJx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org