Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1--zdITpCxPnkI5i7uQoSZtA2fhE.roa
File:                     1--zdITpCxPnkI5i7uQoSZtA2fhE.roa (raw, json)
Hash identifier:          4892A0xYwTWkMAaFIDUk69/kSkdc8YxVWbxGy1Ytytw=
Subject key identifier:   FB:EC:DD:21:3A:42:C4:F9:E4:23:98:BB:B9:0A:12:66:D0:36:7E:11
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B03CE148A7D45B48F021BC59887E3ED4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1--zdITpCxPnkI5i7uQoSZtA2fhE.roa
Signing time:             Tue 01 Aug 2023 08:35:27 +0000
ROA not before:           Tue 01 Aug 2023 08:35:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35409
IP address blocks:        89.213.179.0/24 maxlen: 24
                          89.213.175.0/24 maxlen: 24
                          89.213.159.0/24 maxlen: 24
                          109.176.248.0/24 maxlen: 24
                          109.176.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 04 Aug 2023 16:43:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b0:3c:e1:48:a7:d4:5b:48:f0:21:bc:59:88:7e:3e:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  1 08:35:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fbecdd213a42c4f9e42398bbb90a1266d0367e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:05:01:6d:f5:61:45:b6:80:36:a9:aa:ca:a2:
                    01:26:4c:2c:29:6b:8a:ec:a9:5e:5b:4a:87:fa:e5:
                    5c:f5:ba:28:85:4f:89:0f:60:cb:f0:c6:58:c1:37:
                    17:d7:f8:88:bf:19:07:76:5b:e8:cd:22:ce:d2:25:
                    62:ce:47:e9:59:c1:a6:fc:b5:a7:3d:7f:11:c8:1a:
                    69:58:fc:83:e7:c5:53:73:73:f2:15:95:c7:97:af:
                    9c:51:20:bf:df:62:94:14:36:2c:a2:3a:5d:6d:93:
                    e1:98:4e:ba:2b:59:3f:27:b4:f0:08:10:2e:c1:ac:
                    e7:17:00:5e:78:78:8e:b7:5b:8c:31:4d:eb:b8:9b:
                    ac:98:2f:e1:35:64:48:4f:e8:2e:88:32:b3:2d:e8:
                    a8:d0:35:60:a3:dd:ab:d0:30:b5:74:73:f2:51:95:
                    b0:ae:0b:13:bb:99:45:6a:c9:f9:f3:0d:76:a3:88:
                    7b:1b:5f:85:bc:99:e9:e6:23:77:04:72:88:18:ea:
                    0b:38:ae:0f:8a:5e:ef:bd:bc:24:3b:be:7f:d9:d6:
                    fb:15:89:50:38:79:c0:a5:49:8a:d4:1f:1a:0f:d0:
                    6d:43:05:64:54:72:c3:a2:f4:02:d0:74:3a:13:15:
                    61:26:81:e7:f8:79:bc:78:cb:b3:48:b6:12:4b:37:
                    56:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:EC:DD:21:3A:42:C4:F9:E4:23:98:BB:B9:0A:12:66:D0:36:7E:11
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1--zdITpCxPnkI5i7uQoSZtA2fhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.159.0/24
                  89.213.175.0/24
                  89.213.179.0/24
                  109.176.248.0/24
                  109.176.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:b4:44:58:d3:42:86:03:91:06:34:f9:f7:9c:46:0d:26:69:
         a6:3e:a6:91:db:75:59:c8:c6:b1:e2:e1:70:a3:a9:44:04:c1:
         be:e4:bf:3a:23:59:6c:59:fb:a0:7f:8b:18:63:4d:24:cc:d9:
         22:7f:b5:a6:1c:63:6d:d2:e7:ad:7f:cf:7e:ba:78:50:ab:5c:
         c6:57:64:da:5e:3d:20:1e:be:90:ff:ac:a7:23:fa:c9:58:ef:
         e0:57:58:e1:aa:b2:e8:5c:bf:18:39:10:62:28:c7:d8:54:26:
         98:60:70:48:b0:9a:d4:e8:2c:2c:c3:d0:c9:02:32:6a:81:6d:
         ba:8f:f1:ae:1b:4d:5a:cf:6a:7f:a6:11:ae:e1:14:84:09:74:
         25:1f:d7:58:96:a4:8d:81:cb:94:3c:0d:cd:21:20:69:7e:4c:
         b1:46:b9:5b:05:94:af:59:fc:25:c0:3f:9e:6b:eb:94:a5:a9:
         2f:b2:8b:1e:89:42:90:4b:9f:f9:bf:62:12:f7:3b:35:ac:0c:
         eb:e0:1d:6e:a9:20:1b:27:32:c4:e9:24:7d:55:4c:23:2a:03:
         8d:69:3f:59:2d:8d:10:d5:ad:0a:d2:f8:81:67:dc:80:a9:d0:
         ac:d1:1f:9a:ac:37:43:94:a3:69:08:c5:2b:fc:b1:73:a1:44:
         ca:17:da:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYmwPOFIp9RbSPAhvFmIfj7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAxMDgzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVjZGQyMTNhNDJjNGY5ZTQyMzk4YmJiOTBhMTI2NmQwMzY3ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgUBbfVhRbaANqmqyqIBJkwsKWuK
7KleW0qH+uVc9boohU+JD2DL8MZYwTcX1/iIvxkHdlvozSLO0iVizkfpWcGm/LWn
PX8RyBppWPyD58VTc3PyFZXHl6+cUSC/32KUFDYsojpdbZPhmE66K1k/J7TwCBAu
waznFwBeeHiOt1uMMU3ruJusmC/hNWRIT+guiDKzLeio0DVgo92r0DC1dHPyUZWw
rgsTu5lFasn58w12o4h7G1+FvJnp5iN3BHKIGOoLOK4Pil7vvbwkO75/2db7FYlQ
OHnApUmK1B8aD9BtQwVkVHLDovQC0HQ6ExVhJoHn+Hm8eMuzSLYSSzdW5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvs3SE6QsT55COYu7kKEmbQNn4RMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS0temRJVHBDeFBua0k1aTd1UW9TWnRBMmZoRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFnVnwME
AFnVrwMEAFnVswMEAG2w+AMEAG2w+jANBgkqhkiG9w0BAQsFAAOCAQEAGbREWNNC
hgORBjT595xGDSZppj6mkdt1WcjGseLhcKOpRATBvuS/OiNZbFn7oH+LGGNNJMzZ
In+1phxjbdLnrX/Pfrp4UKtcxldk2l49IB6+kP+spyP6yVjv4FdY4aqy6Fy/GDkQ
YijH2FQmmGBwSLCa1OgsLMPQyQIyaoFtuo/xrhtNWs9qf6YRruEUhAl0JR/XWJak
jYHLlDwNzSEgaX5MsUa5WwWUr1n8JcA/nmvrlKWpL7KLHolCkEuf+b9iEvc7NawM
6+AdbqkgGycyxOkkfVVMIyoDjWk/WS2NENWtCtL4gWfcgKnQrNEfmqw3Q5SjaQjF
K/yxc6FEyhfaTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org