Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0g0A1uQhqxyeMpvSyFDyg7SMys8.roa
File:                     0g0A1uQhqxyeMpvSyFDyg7SMys8.roa (raw, json)
Hash identifier:          5uOoADnmx2JTLFruQuPtDBXpSJZzbxCogwOHrMPt610=
Subject key identifier:   D2:0D:00:D6:E4:21:AB:1C:9E:32:9B:D2:C8:50:F2:83:B4:8C:CA:CF
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F38E0F350EC32017277AEFE9D6ABDD705
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0g0A1uQhqxyeMpvSyFDyg7SMys8.roa
Signing time:             Thu 02 May 2024 10:36:57 +0000
ROA not before:           Thu 02 May 2024 10:36:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16276
IP address blocks:        213.210.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 May 2024 17:10:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:38:e0:f3:50:ec:32:01:72:77:ae:fe:9d:6a:bd:d7:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  2 10:36:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d20d00d6e421ab1c9e329bd2c850f283b48ccacf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:f8:4b:f4:9f:41:5d:4e:5e:6c:a7:b4:5d:9c:
                    d9:e7:1f:77:d7:b9:00:83:be:a7:2e:91:03:73:6a:
                    7b:61:a4:df:b6:44:e3:9a:77:ff:a8:c5:1e:37:5c:
                    46:a2:18:40:09:c0:a1:a5:17:48:7b:5c:7f:6b:1e:
                    91:ed:38:db:9f:5d:76:b6:03:07:25:5a:0b:f1:cf:
                    67:f7:2b:94:ac:81:b2:c3:5d:57:21:4d:c2:ec:5f:
                    fb:34:60:62:4c:d5:f8:6a:42:69:4f:88:b0:2c:39:
                    8f:ee:92:6f:87:a2:89:c2:55:43:c5:72:fc:1b:85:
                    5a:15:e6:ec:9c:b2:24:ea:02:7f:c2:95:3c:7f:5c:
                    82:bd:72:4a:06:d4:2c:43:1c:71:1a:63:5d:f6:3c:
                    3c:af:eb:7f:9f:e0:ed:bd:a3:b0:48:b3:7b:54:9c:
                    dc:80:f5:12:d9:88:fd:dc:16:2f:50:04:3a:18:0a:
                    46:f4:c2:99:59:13:de:03:0c:ac:60:b1:bd:74:f0:
                    76:11:d3:45:d5:12:1d:b0:78:0a:d6:86:07:25:f0:
                    21:c3:18:93:ec:f6:1a:e5:d6:7e:68:36:a5:6a:47:
                    08:d0:0e:75:f9:3f:fa:3e:8f:ec:4f:81:50:88:fb:
                    e7:e9:05:ed:ac:36:8f:0d:31:b4:0b:5b:d4:f3:85:
                    aa:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:0D:00:D6:E4:21:AB:1C:9E:32:9B:D2:C8:50:F2:83:B4:8C:CA:CF
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0g0A1uQhqxyeMpvSyFDyg7SMys8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.210.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:70:0c:e2:6a:df:7a:85:20:39:09:ce:58:03:e8:5e:b7:57:
         a5:8a:a0:c2:d2:ae:9d:e2:f6:37:4c:de:c8:6e:ab:8b:f3:55:
         e7:f3:2e:56:65:ad:eb:9f:99:0c:29:bc:45:cf:d8:f8:6e:4f:
         53:84:47:d2:86:f9:d9:ef:bf:8f:75:86:10:84:49:18:89:be:
         93:d8:38:f4:21:40:51:9d:1b:c0:1e:2c:d1:71:e7:47:00:30:
         56:04:d6:1c:fc:7a:db:99:6e:6e:ed:53:9d:79:46:14:76:8f:
         bc:b6:0a:c9:ea:80:8c:7d:5d:8e:53:8a:61:2b:d8:a8:24:61:
         b6:7b:0b:6b:1f:b8:69:0a:f7:98:ed:de:a3:2c:15:a0:9f:71:
         df:f1:f4:9a:bd:a5:00:a7:d4:cc:e5:f6:6c:2b:18:36:6c:0b:
         17:d8:7a:6e:d6:8d:2e:84:90:6e:f0:70:e7:24:b4:0f:fd:92:
         50:f5:bf:12:85:e6:9a:a0:dc:16:0c:5f:4a:bc:b7:6c:62:05:
         49:b1:9e:34:2f:1f:b2:be:aa:32:36:18:25:3a:73:a6:78:da:
         43:26:01:07:c7:5f:32:54:28:eb:bb:53:6a:e3:fc:eb:48:0a:
         b6:6c:17:42:20:91:c1:ab:9e:d6:6c:b9:5a:65:6e:0a:c9:22:
         e5:5c:3a:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY844PNQ7DIBcneu/p1qvdcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAyMTAzNjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBkMDBkNmU0MjFhYjFjOWUzMjliZDJjODUwZjI4M2I0OGNjYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPhL9J9BXU5ebKe0XZzZ5x9317kA
g76nLpEDc2p7YaTftkTjmnf/qMUeN1xGohhACcChpRdIe1x/ax6R7Tjbn112tgMH
JVoL8c9n9yuUrIGyw11XIU3C7F/7NGBiTNX4akJpT4iwLDmP7pJvh6KJwlVDxXL8
G4VaFebsnLIk6gJ/wpU8f1yCvXJKBtQsQxxxGmNd9jw8r+t/n+DtvaOwSLN7VJzc
gPUS2Yj93BYvUAQ6GApG9MKZWRPeAwysYLG9dPB2EdNF1RIdsHgK1oYHJfAhwxiT
7PYa5dZ+aDalakcI0A51+T/6Po/sT4FQiPvn6QXtrDaPDTG0C1vU84WqjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNINANbkIascnjKb0shQ8oO0jMrPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMGcwQTF1UWhxeHllTXB2U3lGRHlnN1NNeXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dInMA0G
CSqGSIb3DQEBCwUAA4IBAQADcAziat96hSA5Cc5YA+het1eliqDC0q6d4vY3TN7I
bquL81Xn8y5WZa3rn5kMKbxFz9j4bk9ThEfShvnZ77+PdYYQhEkYib6T2Dj0IUBR
nRvAHizRcedHADBWBNYc/HrbmW5u7VOdeUYUdo+8tgrJ6oCMfV2OU4phK9ioJGG2
ewtrH7hpCveY7d6jLBWgn3Hf8fSavaUAp9TM5fZsKxg2bAsX2Hpu1o0uhJBu8HDn
JLQP/ZJQ9b8SheaaoNwWDF9KvLdsYgVJsZ40Lx+yvqoyNhglOnOmeNpDJgEHx18y
VCjru1Nq4/zrSAq2bBdCIJHBq57WbLlaZW4KySLlXDqk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org