Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/sBdSrwRbJQtqq2JDgZjOBUadsp8.roa
File:                     sBdSrwRbJQtqq2JDgZjOBUadsp8.roa (raw, json)
Hash identifier:          xz1hSEHy+G8ZmVpclHJy2JTeQJ8VQmG+It4iJPVdMdk=
Subject key identifier:   B0:17:52:AF:04:5B:25:0B:6A:AB:62:43:81:98:CE:05:46:9D:B2:9F
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       01872F39CACA130E7F3D96960FF86113947A
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/sBdSrwRbJQtqq2JDgZjOBUadsp8.roa
Signing time:             Wed 29 Mar 2023 21:15:29 +0000
ROA not before:           Wed 29 Mar 2023 21:15:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209043
IP address blocks:        94.177.27.0/24 maxlen: 24
                          89.42.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 28 Oct 2023 18:42:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2f:39:ca:ca:13:0e:7f:3d:96:96:0f:f8:61:13:94:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Mar 29 21:15:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b01752af045b250b6aab62438198ce05469db29f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:fd:8d:9f:97:ff:ef:ce:13:4f:b4:fb:ee:69:
                    82:6f:e4:d5:bd:8a:a1:08:6b:f1:fe:d4:1a:7c:07:
                    e1:2d:91:b8:4b:76:71:27:41:ec:19:40:b1:73:6c:
                    1c:57:71:07:5a:70:7b:41:3f:97:ee:85:d9:7f:78:
                    bf:d0:26:07:57:aa:94:82:1e:e2:1d:31:31:31:da:
                    62:08:24:c0:99:b9:85:97:c5:f0:18:3d:cb:3a:db:
                    9e:5a:27:3a:99:b9:e1:b1:89:08:86:59:ef:3b:84:
                    6e:91:61:f5:07:ba:0e:dc:4d:f0:b7:23:aa:dc:4e:
                    88:41:3d:76:84:38:ff:e4:fd:38:f6:d1:21:8f:01:
                    bc:99:09:a3:33:af:8f:bc:b0:87:3f:1c:ff:6d:ae:
                    42:ba:c9:d6:f1:13:d9:59:ff:8f:c1:bd:46:9e:6a:
                    ad:73:37:7f:d3:cd:b9:03:74:21:82:61:37:58:67:
                    70:c0:42:6e:20:9a:a1:7b:07:43:8a:7f:fd:9c:a2:
                    58:3b:aa:d6:4d:f7:2c:cd:4f:49:99:99:8e:ce:4a:
                    3b:6e:8b:12:c7:75:ae:9c:25:c8:b1:da:77:eb:75:
                    c4:65:2a:ec:b3:0c:8c:d6:27:09:58:f5:1b:26:f0:
                    04:49:45:f4:90:ea:ea:54:3b:cf:74:22:c1:44:00:
                    d1:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:17:52:AF:04:5B:25:0B:6A:AB:62:43:81:98:CE:05:46:9D:B2:9F
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/sBdSrwRbJQtqq2JDgZjOBUadsp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.42.213.0/24
                  94.177.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:1c:1b:73:98:89:98:9f:1b:26:92:fd:28:9c:a7:af:d7:d3:
         33:97:ec:6e:b3:25:e9:1d:f3:2f:9b:11:db:d2:9e:b0:eb:a3:
         e4:bb:3c:6e:36:2e:d2:f9:59:25:ea:44:1e:60:bb:ee:ca:d1:
         01:95:c9:18:42:98:e6:bf:b1:90:37:77:47:dd:56:85:9e:cd:
         a6:0c:06:76:23:4f:36:79:20:be:e0:7a:89:9a:d2:ba:0b:62:
         aa:cb:27:4f:7b:c0:e2:74:56:fc:52:10:ff:7f:32:9c:b5:53:
         9f:a6:31:d6:fb:46:1a:bd:09:6c:15:3b:c2:76:fd:9c:86:ac:
         2d:41:d2:3c:30:8e:41:07:25:25:21:a0:34:02:02:0a:5c:8c:
         e8:94:56:89:ed:82:a5:71:74:98:5f:33:db:10:44:e5:c0:8b:
         6c:10:f2:8e:52:95:7a:14:bc:0b:ce:41:31:94:d4:e0:87:10:
         b8:e0:8a:f4:ea:30:6f:c3:8f:07:39:61:5c:58:f6:2f:0f:8d:
         19:a3:6e:2f:58:3f:79:82:bb:53:45:97:e1:b1:9b:1d:ca:41:
         5c:7c:97:83:68:0a:e3:39:2f:d4:1a:9e:7b:fe:26:1b:6c:5d:
         ba:22:1d:36:70:41:1f:28:64:49:40:85:8a:2a:c7:af:1d:90:
         2a:53:87:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcvOcrKEw5/PZaWD/hhE5R6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMzI5MjExNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDE3NTJhZjA0NWIyNTBiNmFhYjYyNDM4MTk4Y2UwNTQ2OWRiMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf2Nn5f/784TT7T77mmCb+TVvYqh
CGvx/tQafAfhLZG4S3ZxJ0HsGUCxc2wcV3EHWnB7QT+X7oXZf3i/0CYHV6qUgh7i
HTExMdpiCCTAmbmFl8XwGD3LOtueWic6mbnhsYkIhlnvO4RukWH1B7oO3E3wtyOq
3E6IQT12hDj/5P049tEhjwG8mQmjM6+PvLCHPxz/ba5CusnW8RPZWf+Pwb1Gnmqt
czd/0825A3QhgmE3WGdwwEJuIJqhewdDin/9nKJYO6rWTfcszU9JmZmOzko7bosS
x3WunCXIsdp363XEZSrsswyM1icJWPUbJvAESUX0kOrqVDvPdCLBRADRDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLAXUq8EWyULaqtiQ4GYzgVGnbKfMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvc0JkU3J3UmJKUXRxcTJKRGdaak9CVWFkc3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSrVAwQA
XrEbMA0GCSqGSIb3DQEBCwUAA4IBAQBcHBtzmImYnxsmkv0onKev19Mzl+xusyXp
HfMvmxHb0p6w66PkuzxuNi7S+Vkl6kQeYLvuytEBlckYQpjmv7GQN3dH3VaFns2m
DAZ2I082eSC+4HqJmtK6C2KqyydPe8DidFb8UhD/fzKctVOfpjHW+0YavQlsFTvC
dv2chqwtQdI8MI5BByUlIaA0AgIKXIzolFaJ7YKlcXSYXzPbEETlwItsEPKOUpV6
FLwLzkExlNTghxC44Ir06jBvw48HOWFcWPYvD40Zo24vWD95grtTRZfhsZsdykFc
fJeDaArjOS/UGp57/iYbbF26Ih02cEEfKGRJQIWKKsevHZAqU4c+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org