Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS210703.roa
File:                     AS210703.roa (raw, json)
Hash identifier:          GNkzcyYODthPZuNv5vrIJSoHPwdKOPsiHT9nSP46NKI=
Subject key identifier:   83:74:13:0D:AF:AE:16:A3:CF:38:9E:28:B2:60:DB:DF:3D:90:C9:A6
Certificate issuer:       /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial:       40650CFE783C597CE24094AC3A87ADEFBE22C221
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS210703.roa
Signing time:             Thu 14 Dec 2023 00:05:08 +0000
ROA not before:           Thu 14 Dec 2023 00:00:08 +0000
ROA not after:            Thu 12 Dec 2024 00:05:08 +0000
asID:                     210703
IP address blocks:        89.117.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 12:41:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:65:0c:fe:78:3c:59:7c:e2:40:94:ac:3a:87:ad:ef:be:22:c2:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
        Validity
            Not Before: Dec 14 00:00:08 2023 GMT
            Not After : Dec 12 00:05:08 2024 GMT
        Subject: CN=8374130DAFAE16A3CF389E28B260DBDF3D90C9A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:62:12:60:4b:b7:3c:19:10:7b:c4:04:bd:93:
                    b9:ac:69:80:22:27:28:a0:ca:36:49:22:55:e4:c8:
                    83:21:ee:81:36:cc:d3:01:02:be:be:41:e7:cb:52:
                    d8:1b:e1:12:c4:2c:b5:58:ab:a6:d3:34:bc:24:8d:
                    36:8f:a4:c6:5c:16:e3:be:dc:0c:69:9a:57:20:b9:
                    10:45:f6:fe:91:c7:a8:7e:a7:f8:b1:18:a4:29:f1:
                    25:9c:f9:0e:23:42:fa:f2:3f:6e:81:a8:dd:31:9d:
                    20:45:82:36:a5:9f:77:d5:bc:c1:c4:31:55:ca:2e:
                    d0:e9:43:db:ab:ce:30:c2:1a:ea:af:44:aa:fc:72:
                    02:4e:95:d6:6c:80:47:a6:5a:c4:b7:17:80:48:32:
                    57:6e:12:db:ac:59:d9:99:cc:c5:db:f1:12:13:d3:
                    3c:63:48:ba:b8:b7:27:68:ac:68:39:87:f4:cf:cc:
                    15:92:4a:bf:a3:be:24:57:6f:14:32:2b:f6:9e:17:
                    62:b9:73:ae:d0:8c:aa:3f:b6:28:e2:cb:78:cf:00:
                    fa:9b:b1:14:10:a5:05:9b:07:b6:af:fc:8e:1b:9a:
                    ab:aa:c4:2d:64:ab:ba:3c:12:fa:f3:3a:1c:68:6b:
                    98:64:48:62:6a:30:e3:c1:ed:33:eb:c6:a4:7b:56:
                    0f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:74:13:0D:AF:AE:16:A3:CF:38:9E:28:B2:60:DB:DF:3D:90:C9:A6
            X509v3 Authority Key Identifier:
                keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS210703.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.117.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:5c:6b:e9:84:23:2e:f2:38:4d:ac:fc:62:ae:5c:7f:d8:d8:
         36:36:82:a8:73:ef:21:c9:bf:b3:e2:36:0f:47:3e:e9:02:a2:
         6b:7b:6f:35:16:17:60:a7:66:8f:7a:8f:0e:12:ec:f2:e0:50:
         c6:5a:89:91:a7:94:05:38:cd:a3:4a:90:24:a5:2f:00:86:48:
         56:30:d2:25:19:d6:a1:ca:0b:0e:04:93:50:be:a2:2b:7c:34:
         16:91:9d:db:a9:c8:47:73:f1:39:60:60:36:02:f0:71:4b:b1:
         12:88:fe:09:7d:ca:5b:72:20:eb:05:0d:45:3a:bf:d1:06:04:
         af:ea:93:3e:22:7a:15:e3:fc:36:92:37:1a:5f:6e:d7:be:3b:
         05:ae:6d:c9:14:dd:fa:58:a1:d2:ad:a4:7d:71:62:14:85:3c:
         e6:30:b3:2b:ae:27:d3:49:ce:33:01:06:67:09:6d:c7:07:65:
         19:a3:95:f5:9d:d1:a5:14:2c:90:e2:b9:7b:69:fe:37:03:e0:
         e8:9d:2c:0d:4f:e3:d0:64:fe:1b:b2:56:47:1b:6d:00:c4:42:
         bb:f7:50:f1:04:b3:07:a5:ec:45:dc:ea:fc:21:5d:ac:13:36:
         d9:77:0a:e7:d9:5d:db:89:e3:e9:ac:84:32:95:89:58:16:b7:
         db:d1:07:19
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUQGUM/ng8WXziQJSsOoet774iwiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yMzEyMTQwMDAwMDhaFw0yNDEyMTIwMDA1MDhaMDMxMTAvBgNV
BAMTKDgzNzQxMzBEQUZBRTE2QTNDRjM4OUUyOEIyNjBEQkRGM0Q5MEM5QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvYhJgS7c8GRB7xAS9k7msaYAi
JyigyjZJIlXkyIMh7oE2zNMBAr6+QefLUtgb4RLELLVYq6bTNLwkjTaPpMZcFuO+
3AxpmlcguRBF9v6Rx6h+p/ixGKQp8SWc+Q4jQvryP26BqN0xnSBFgjaln3fVvMHE
MVXKLtDpQ9urzjDCGuqvRKr8cgJOldZsgEemWsS3F4BIMlduEtusWdmZzMXb8RIT
0zxjSLq4tydorGg5h/TPzBWSSr+jviRXbxQyK/aeF2K5c67QjKo/tijiy3jPAPqb
sRQQpQWbB7av/I4bmquqxC1kq7o8EvrzOhxoa5hkSGJqMOPB7TPrxqR7Vg9dAgMB
AAGjggIvMIICKzAdBgNVHQ4EFgQUg3QTDa+uFqPPOJ4osmDb3z2QyaYwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzIxMDcwMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl13jANBgkqhkiG9w0B
AQsFAAOCAQEARFxr6YQjLvI4Taz8Yq5cf9jYNjaCqHPvIcm/s+I2D0c+6QKia3tv
NRYXYKdmj3qPDhLs8uBQxlqJkaeUBTjNo0qQJKUvAIZIVjDSJRnWocoLDgSTUL6i
K3w0FpGd26nIR3PxOWBgNgLwcUuxEoj+CX3KW3Ig6wUNRTq/0QYEr+qTPiJ6FeP8
NpI3Gl9u1747Ba5tyRTd+lih0q2kfXFiFIU85jCzK64n00nOMwEGZwltxwdlGaOV
9Z3RpRQskOK5e2n+NwPg6J0sDU/j0GT+G7JWRxttAMRCu/dQ8QSzB6XsRdzq/CFd
rBM22XcK59ld24nj6ayEMpWJWBa329EHGQ==
-----END CERTIFICATE-----
Generated at Tue Jan 30 17:11:00 2024 by rpki-client on console-ams.rpki-client.org