Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0vT18IJIHhYBJLaGn0s-qnADjUM.roa
File:                     0vT18IJIHhYBJLaGn0s-qnADjUM.roa (raw, json)
Hash identifier:          wSD9sB5/NvXz0HA51ebE9K7mysBEuZz7E8jvugjDQSQ=
Subject key identifier:   D2:F4:F5:F0:82:48:1E:16:01:24:B6:86:9F:4B:3E:AA:70:03:8D:43
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018921B9C8E0A3764089E0D7F1D963AF436C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0vT18IJIHhYBJLaGn0s-qnADjUM.roa
Signing time:             Tue 04 Jul 2023 16:26:10 +0000
ROA not before:           Tue 04 Jul 2023 16:26:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        89.213.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Jul 2023 15:52:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:21:b9:c8:e0:a3:76:40:89:e0:d7:f1:d9:63:af:43:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  4 16:26:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d2f4f5f082481e160124b6869f4b3eaa70038d43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:8d:ae:c9:62:0f:62:cf:ee:1b:bd:26:cf:12:
                    9c:3d:33:30:0d:f6:2c:c5:0f:84:c2:63:1e:d2:a5:
                    20:ac:74:b2:b9:88:bf:ad:dd:0b:f8:2a:4a:4a:f0:
                    c8:04:e5:78:ce:db:d5:40:0d:1e:d5:a2:91:9e:83:
                    58:5c:7d:ca:ab:79:64:51:08:db:49:b0:ad:17:cd:
                    57:2a:5d:7b:e9:83:54:33:9d:d8:2d:31:16:da:f6:
                    cf:69:a5:1e:7f:79:3d:fd:b4:b3:9f:fe:05:db:d6:
                    32:f1:7c:90:c4:8a:5a:de:3d:9b:a2:06:c8:35:22:
                    43:76:9c:f5:ec:47:eb:0c:32:94:3b:be:46:b6:f4:
                    e1:af:9e:40:f2:e6:c2:91:25:b4:6a:98:a3:53:5c:
                    d6:29:5e:33:1c:16:89:bc:a2:b2:20:cf:e6:6d:ca:
                    ba:83:32:ab:5f:18:86:fe:09:c0:23:f6:ab:e8:43:
                    e8:bb:18:fc:3b:4a:3d:a8:65:03:f5:a4:76:2e:01:
                    e5:79:cc:a9:b8:79:88:5b:9d:cb:5c:6a:7c:de:1e:
                    91:60:6c:3f:d5:f0:f6:49:e1:f7:42:ff:6e:6b:d8:
                    b6:bd:c3:0f:a1:38:a9:31:93:74:0b:53:63:75:c3:
                    af:86:79:21:cd:75:1b:c1:de:4f:ee:a8:06:59:26:
                    3c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:F4:F5:F0:82:48:1E:16:01:24:B6:86:9F:4B:3E:AA:70:03:8D:43
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0vT18IJIHhYBJLaGn0s-qnADjUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:41:fa:d8:ff:f8:12:2b:cb:51:c8:fb:f3:f8:54:e8:6e:77:
         b9:ee:92:c6:60:23:65:c5:87:62:be:59:8a:55:2c:a0:81:fd:
         17:8c:de:dd:0c:7b:82:fc:de:2c:9f:00:e6:21:53:ae:5f:8f:
         3d:eb:81:85:62:aa:1f:20:1e:22:9b:7d:30:c5:4d:9e:d3:d2:
         70:2b:4e:bc:77:a5:f0:25:7a:f8:e7:f3:a4:04:94:a3:a3:95:
         e3:20:f5:4c:dc:65:70:50:d8:62:25:ae:28:36:85:b9:a4:64:
         ec:a5:f2:21:6d:d6:67:97:f6:59:8d:55:fa:b9:b1:59:35:b7:
         79:3b:05:6c:15:63:03:3b:67:e0:c0:7f:01:6d:a6:06:cf:e0:
         c9:f8:51:22:0c:09:76:ad:23:d1:04:f6:dd:6b:44:43:15:a7:
         d1:bd:eb:1a:9a:af:a5:78:e2:6f:be:15:f5:9d:fc:18:00:58:
         55:6f:04:1b:7c:2c:ec:8d:93:7c:89:fe:b6:44:78:69:04:5c:
         04:fe:70:b5:b6:55:ba:af:6f:c0:2d:73:da:16:b2:93:95:81:
         b4:01:af:d4:b2:fa:81:bc:71:7d:f8:89:d9:c0:6a:c3:02:aa:
         79:f3:f7:01:90:34:fe:b2:0d:e7:54:c0:1f:d6:1a:4e:b0:40:
         04:55:d6:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkhucjgo3ZAieDX8dljr0NsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA0MTYyNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY0ZjVmMDgyNDgxZTE2MDEyNGI2ODY5ZjRiM2VhYTcwMDM4ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro2uyWIPYs/uG70mzxKcPTMwDfYs
xQ+EwmMe0qUgrHSyuYi/rd0L+CpKSvDIBOV4ztvVQA0e1aKRnoNYXH3Kq3lkUQjb
SbCtF81XKl176YNUM53YLTEW2vbPaaUef3k9/bSzn/4F29Yy8XyQxIpa3j2bogbI
NSJDdpz17EfrDDKUO75GtvThr55A8ubCkSW0apijU1zWKV4zHBaJvKKyIM/mbcq6
gzKrXxiG/gnAI/ar6EPouxj8O0o9qGUD9aR2LgHlecypuHmIW53LXGp83h6RYGw/
1fD2SeH3Qv9ua9i2vcMPoTipMZN0C1NjdcOvhnkhzXUbwd5P7qgGWSY8SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNL09fCCSB4WASS2hp9LPqpwA41DMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHZUMThJSklIaFlCSkxhR24wcy1xbkFEalVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdUEMA0G
CSqGSIb3DQEBCwUAA4IBAQB4QfrY//gSK8tRyPvz+FTobne57pLGYCNlxYdivlmK
VSyggf0XjN7dDHuC/N4snwDmIVOuX48964GFYqofIB4im30wxU2e09JwK068d6Xw
JXr45/OkBJSjo5XjIPVM3GVwUNhiJa4oNoW5pGTspfIhbdZnl/ZZjVX6ubFZNbd5
OwVsFWMDO2fgwH8BbaYGz+DJ+FEiDAl2rSPRBPbda0RDFafRvesamq+leOJvvhX1
nfwYAFhVbwQbfCzsjZN8if62RHhpBFwE/nC1tlW6r2/ALXPaFrKTlYG0Aa/UsvqB
vHF9+InZwGrDAqp58/cBkDT+sg3nVMAf1hpOsEAEVdbQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org