Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0rWufuxmeK8fdxPW0Ehw4HP4gaI.roa
File:                     0rWufuxmeK8fdxPW0Ehw4HP4gaI.roa (raw, json)
Hash identifier:          b/avJwQKEtkNm7PuaMW0NlG9A4Lp31UzSZMS5olfVkc=
Subject key identifier:   D2:B5:AE:7E:EC:66:78:AF:1F:77:13:D6:D0:48:70:E0:73:F8:81:A2
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D0CEAA5B438C8BAEB023CC5D299496AAF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0rWufuxmeK8fdxPW0Ehw4HP4gaI.roa
Signing time:             Mon 15 Jan 2024 11:38:40 +0000
ROA not before:           Mon 15 Jan 2024 11:38:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215727
IP address blocks:        89.213.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Mar 2024 22:55:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:0c:ea:a5:b4:38:c8:ba:eb:02:3c:c5:d2:99:49:6a:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 15 11:38:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d2b5ae7eec6678af1f7713d6d04870e073f881a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:23:57:bd:49:f6:5b:2c:94:94:14:31:a9:3a:
                    09:a8:2e:04:57:d3:0b:a5:58:50:d2:00:c8:68:c4:
                    04:c7:30:20:51:6d:ac:05:12:5b:08:22:9e:e3:21:
                    95:9e:dc:0a:3d:f5:cb:f5:8c:70:51:31:7a:98:41:
                    1c:ca:f5:2c:24:0e:27:5a:7a:b4:2d:9f:ba:b2:40:
                    d0:0a:4f:9a:c9:a5:95:e3:15:a6:6c:4d:cf:e6:b9:
                    46:f5:32:86:96:3c:83:84:07:f0:cf:c1:df:e8:01:
                    84:79:c2:76:53:66:3c:53:a7:de:f6:58:0e:ae:79:
                    54:6d:65:79:51:7a:18:ba:a0:22:a5:c4:46:3e:3c:
                    83:3b:cd:5b:6b:b7:a4:1c:76:57:96:57:7f:3f:b5:
                    e8:df:0d:88:d5:5d:53:93:f6:35:a2:9e:fe:b6:97:
                    97:d6:d0:31:e7:51:b1:51:04:53:d3:0f:5f:52:bf:
                    d0:a8:b0:92:b1:43:75:13:a4:64:8c:44:78:09:f2:
                    6c:42:fc:82:92:f2:85:e2:9b:55:48:08:77:d9:fa:
                    36:cb:e2:70:4b:6b:24:7a:cc:f6:af:33:88:08:eb:
                    3e:2e:1e:3a:31:66:37:ab:4b:28:e8:9b:bb:38:fa:
                    de:51:78:2f:7f:48:21:1f:5e:a6:66:54:4d:bb:35:
                    92:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:B5:AE:7E:EC:66:78:AF:1F:77:13:D6:D0:48:70:E0:73:F8:81:A2
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0rWufuxmeK8fdxPW0Ehw4HP4gaI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:51:b7:f3:44:bb:b6:07:0b:89:fe:c5:1e:b5:90:c1:4a:e2:
         70:94:c6:45:b7:9d:e1:7d:69:96:1b:cd:21:30:37:bd:51:28:
         59:2b:ef:7f:6a:e6:f1:fa:d4:6f:8a:13:22:fb:8c:f9:42:d2:
         09:04:7f:0d:96:72:48:ab:79:2c:62:de:60:55:92:eb:1e:ee:
         62:f3:d4:ca:44:f3:ac:d2:1b:b4:99:ae:82:a9:05:9f:f7:e0:
         e8:65:65:55:86:d7:ca:d8:78:1f:c7:b1:65:23:e4:bf:dc:f9:
         04:ca:6a:e1:57:2c:0e:89:48:b8:a1:2c:be:49:b8:33:d3:31:
         bf:ba:0e:16:3d:b2:94:14:52:04:cc:ec:82:a8:7c:4d:6a:e4:
         50:fd:51:bd:2d:d8:5e:45:4f:9e:dd:01:61:13:a5:f3:3f:35:
         9a:53:cf:d1:27:d5:0b:9f:d6:e1:29:6e:02:18:32:2b:05:44:
         d1:88:83:7a:4d:8d:83:ee:1a:7f:a4:95:26:26:4a:ab:c8:74:
         09:3f:13:9d:70:19:20:33:e2:52:c8:c0:20:d5:48:a4:24:2e:
         7b:ab:c1:fc:61:79:43:ad:ee:1c:2a:1c:13:a7:03:91:d0:85:
         55:1d:3d:5a:37:45:1e:35:c5:ce:38:66:b5:b5:7d:a1:d4:e8:
         3a:96:96:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0M6qW0OMi66wI8xdKZSWqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTE1MTEzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmI1YWU3ZWVjNjY3OGFmMWY3NzEzZDZkMDQ4NzBlMDczZjg4MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7SNXvUn2WyyUlBQxqToJqC4EV9ML
pVhQ0gDIaMQExzAgUW2sBRJbCCKe4yGVntwKPfXL9YxwUTF6mEEcyvUsJA4nWnq0
LZ+6skDQCk+ayaWV4xWmbE3P5rlG9TKGljyDhAfwz8Hf6AGEecJ2U2Y8U6fe9lgO
rnlUbWV5UXoYuqAipcRGPjyDO81ba7ekHHZXlld/P7Xo3w2I1V1Tk/Y1op7+tpeX
1tAx51GxUQRT0w9fUr/QqLCSsUN1E6RkjER4CfJsQvyCkvKF4ptVSAh32fo2y+Jw
S2skesz2rzOICOs+Lh46MWY3q0so6Ju7OPreUXgvf0ghH16mZlRNuzWSgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNK1rn7sZnivH3cT1tBIcOBz+IGiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHJXdWZ1eG1lSzhmZHhQVzBFaHc0SFA0Z2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWdMA0G
CSqGSIb3DQEBCwUAA4IBAQAeUbfzRLu2BwuJ/sUetZDBSuJwlMZFt53hfWmWG80h
MDe9UShZK+9/aubx+tRvihMi+4z5QtIJBH8NlnJIq3ksYt5gVZLrHu5i89TKRPOs
0hu0ma6CqQWf9+DoZWVVhtfK2Hgfx7FlI+S/3PkEymrhVywOiUi4oSy+Sbgz0zG/
ug4WPbKUFFIEzOyCqHxNauRQ/VG9LdheRU+e3QFhE6XzPzWaU8/RJ9ULn9bhKW4C
GDIrBUTRiIN6TY2D7hp/pJUmJkqryHQJPxOdcBkgM+JSyMAg1UikJC57q8H8YXlD
re4cKhwTpwOR0IVVHT1aN0UeNcXOOGa1tX2h1Og6lpYm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org