Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1tZ_dz6k-N0qQ1VcVYIV_B9kOIc.roa
File:                     1tZ_dz6k-N0qQ1VcVYIV_B9kOIc.roa (raw, json)
Hash identifier:          ph3W9kFbEP+g+r04I7IxibzkEK4S0VbzyS/7POghOyQ=
Subject key identifier:   D6:D6:7F:77:3E:A4:F8:DD:2A:43:55:5C:55:82:15:FC:1F:64:38:87
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C8204DE9D5284043A095D2DB21D603C04
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1tZ_dz6k-N0qQ1VcVYIV_B9kOIc.roa
Signing time:             Tue 19 Dec 2023 12:20:06 +0000
ROA not before:           Tue 19 Dec 2023 12:20:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        89.213.176.0/24 maxlen: 24
                          89.213.183.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:82:04:de:9d:52:84:04:3a:09:5d:2d:b2:1d:60:3c:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 19 12:20:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6d67f773ea4f8dd2a43555c558215fc1f643887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:bc:4c:2e:f0:1d:40:53:55:ae:01:4a:67:49:
                    4a:ad:7b:10:c0:17:aa:a3:b5:15:38:7d:74:31:bc:
                    60:95:60:43:7f:db:bc:1b:65:6f:8d:24:71:aa:6b:
                    bc:c6:17:0c:84:fc:24:7d:db:13:4c:fa:eb:a3:ec:
                    f6:3e:e6:6b:f6:ed:58:ee:d5:1a:63:b9:96:9b:8a:
                    b7:f8:af:da:6d:31:44:94:89:36:ef:fa:41:d0:bb:
                    14:2e:9c:f6:80:93:d0:37:10:a0:40:b4:55:14:7c:
                    41:e2:d0:85:09:b1:68:f3:95:ef:06:4f:55:0b:75:
                    f0:15:fa:92:13:c7:f6:5b:a7:47:e5:ab:fa:f8:62:
                    1c:f4:67:4d:cd:b2:11:64:19:21:45:71:fc:69:3f:
                    9e:83:ae:d9:d9:95:ff:71:50:ba:e8:03:6d:69:c2:
                    2a:c8:a9:f8:fd:20:bd:4d:d8:a4:05:16:1d:88:d3:
                    7f:b4:ec:7d:0c:d6:74:d3:df:9f:b7:5b:0d:3d:0a:
                    88:52:80:f4:91:b2:c3:7f:47:e7:91:30:75:0d:6a:
                    62:ca:d1:2d:45:9e:22:38:80:2f:cf:76:fa:6c:0e:
                    12:e0:15:7b:3a:b8:07:57:b8:c9:87:2f:77:39:94:
                    39:cc:8d:25:b4:7b:2c:3d:34:c0:84:5d:e9:58:d5:
                    c3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:D6:7F:77:3E:A4:F8:DD:2A:43:55:5C:55:82:15:FC:1F:64:38:87
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1tZ_dz6k-N0qQ1VcVYIV_B9kOIc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  82.152.49.0/24
                  82.153.65.0/24
                  89.213.152.0/24
                  89.213.176.0/24
                  89.213.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:89:a4:d4:b2:11:14:ca:49:f2:3e:3b:47:5e:50:e3:32:55:
         9c:db:e0:e0:36:e9:42:2f:14:9c:fb:51:ea:3f:ab:6c:f3:e3:
         a3:23:5b:f2:f9:da:6e:c8:19:0e:b7:95:81:70:bc:1a:9e:6e:
         a5:53:a3:31:c7:bf:39:66:22:f2:89:ea:46:9d:b6:59:67:b6:
         51:f8:a2:c3:01:4e:83:78:24:68:12:59:0f:c3:cc:a3:1d:a4:
         46:d0:4a:26:3d:42:7d:52:3d:73:f5:4b:6c:ab:e1:1b:d1:81:
         ed:37:0c:a2:74:81:d6:bf:09:0c:fe:3a:54:86:96:11:3a:4d:
         eb:d9:c6:3c:7a:80:64:5a:e1:c5:5d:5a:42:d3:69:37:b5:97:
         e0:87:dc:9a:e4:df:69:cb:6f:33:31:cd:e0:a2:dd:ac:72:ec:
         0c:65:cc:6e:f6:f5:5f:5a:15:7a:e5:7a:1f:5a:68:d8:17:ea:
         ec:21:4f:e6:8a:74:4a:32:bf:32:7d:a7:e9:50:ad:02:a6:01:
         6f:52:ad:06:8b:44:9b:b5:cd:16:68:d2:f1:6f:0f:2a:53:a7:
         9d:af:db:98:0c:56:6c:3c:61:6f:c1:09:d5:ea:47:e2:47:53:
         db:db:af:2d:7d:9f:64:6a:f0:c3:b3:07:97:5f:32:cf:83:e7:
         58:fd:23:cb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYyCBN6dUoQEOgldLbIdYDwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE5MTIyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ2N2Y3NzNlYTRmOGRkMmE0MzU1NWM1NTgyMTVmYzFmNjQzODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7xMLvAdQFNVrgFKZ0lKrXsQwBeq
o7UVOH10MbxglWBDf9u8G2VvjSRxqmu8xhcMhPwkfdsTTPrro+z2PuZr9u1Y7tUa
Y7mWm4q3+K/abTFElIk27/pB0LsULpz2gJPQNxCgQLRVFHxB4tCFCbFo85XvBk9V
C3XwFfqSE8f2W6dH5av6+GIc9GdNzbIRZBkhRXH8aT+eg67Z2ZX/cVC66ANtacIq
yKn4/SC9TdikBRYdiNN/tOx9DNZ009+ft1sNPQqIUoD0kbLDf0fnkTB1DWpiytEt
RZ4iOIAvz3b6bA4S4BV7OrgHV7jJhy93OZQ5zI0ltHssPTTAhF3pWNXDlQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNbWf3c+pPjdKkNVXFWCFfwfZDiHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMXRaX2R6NmstTjBxUTFWY1ZZSVZfQjlrT0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUQW9AwQA
UpgxAwQAUplBAwQAWdWYAwQAWdWwAwQAWdW3MA0GCSqGSIb3DQEBCwUAA4IBAQA0
iaTUshEUyknyPjtHXlDjMlWc2+DgNulCLxSc+1HqP6ts8+OjI1vy+dpuyBkOt5WB
cLwanm6lU6Mxx785ZiLyiepGnbZZZ7ZR+KLDAU6DeCRoElkPw8yjHaRG0EomPUJ9
Uj1z9Utsq+Eb0YHtNwyidIHWvwkM/jpUhpYROk3r2cY8eoBkWuHFXVpC02k3tZfg
h9ya5N9py28zMc3got2scuwMZcxu9vVfWhV65XofWmjYF+rsIU/minRKMr8yfafp
UK0CpgFvUq0Gi0Sbtc0WaNLxbw8qU6edr9uYDFZsPGFvwQnV6kfiR1Pb268tfZ9k
avDDsweXXzLPg+dY/SPL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org