Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2MJDh3mtaUqyaBb282dSkQl6QEw.roa
File:                     2MJDh3mtaUqyaBb282dSkQl6QEw.roa (raw, json)
Hash identifier:          85q7KfQo1BxsRavoEaw6guD0Yy5dWnl54lsiwaL586w=
Subject key identifier:   D8:C2:43:87:79:AD:69:4A:B2:68:16:F6:F3:67:52:91:09:7A:40:4C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E60660F1A5BE505C800F94C424B36C53A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2MJDh3mtaUqyaBb282dSkQl6QEw.roa
Signing time:             Thu 21 Mar 2024 09:44:45 +0000
ROA not before:           Thu 21 Mar 2024 09:44:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     134835
IP address blocks:        89.213.123.0/24 maxlen: 24
                          213.218.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Mar 2024 12:42:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:60:66:0f:1a:5b:e5:05:c8:00:f9:4c:42:4b:36:c5:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 21 09:44:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d8c2438779ad694ab26816f6f3675291097a404c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7c:4e:45:da:50:c3:32:78:7a:f9:f4:c9:28:
                    d2:04:bf:85:2e:33:17:a9:84:10:54:24:c4:5e:b2:
                    f3:16:8c:cc:ee:cb:06:49:84:68:0d:ed:10:0f:a7:
                    ef:ad:f5:d5:11:64:51:73:2a:c4:00:db:be:98:06:
                    20:d7:c0:cc:ad:66:60:24:bc:d9:f3:10:f3:ee:18:
                    80:21:95:da:06:ad:30:93:93:8f:30:c4:74:aa:25:
                    b2:d6:ec:7d:13:c6:48:b3:a7:df:09:bc:0c:91:6d:
                    3a:a0:e3:72:ce:9d:47:b3:40:f6:44:2a:6a:44:3d:
                    4e:d9:69:01:80:ba:84:0b:1a:cc:5a:90:0d:33:98:
                    50:db:18:38:8e:d3:90:82:00:4c:db:ff:4c:8b:8f:
                    0d:c5:71:e0:b7:d8:20:97:f0:56:7a:01:62:db:56:
                    dd:86:9c:5d:20:03:b4:03:77:38:20:88:e7:e7:5a:
                    8f:06:04:35:71:a0:97:41:80:38:d2:46:91:80:05:
                    70:eb:10:e7:01:b6:e5:a2:77:3d:0e:d6:48:e7:2d:
                    28:f9:62:06:b9:6b:c6:e6:33:65:07:23:55:e5:58:
                    4f:3d:66:06:99:f4:e7:19:0b:fa:e5:11:d6:fb:47:
                    90:de:8a:76:4c:4e:51:af:b5:dd:cd:5b:b5:3e:55:
                    07:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:C2:43:87:79:AD:69:4A:B2:68:16:F6:F3:67:52:91:09:7A:40:4C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2MJDh3mtaUqyaBb282dSkQl6QEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.123.0/24
                  213.218.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:9a:b6:98:d5:ea:47:51:4c:7d:bc:a5:ac:27:8b:44:fd:5d:
         26:e7:32:c3:c1:d6:9f:95:d0:e4:52:ff:58:fa:5a:de:ce:c5:
         da:2d:3e:e5:72:ac:09:1c:d2:63:e2:38:52:34:34:43:aa:4f:
         7a:b9:e6:ad:a8:5e:1f:42:97:ca:01:1a:4d:4f:27:08:8b:97:
         80:06:88:0e:5a:04:1f:68:71:18:5d:50:2b:e9:1e:46:9d:57:
         47:a6:bc:44:b9:9a:0f:26:38:b4:7a:92:3b:4c:df:6d:a4:6c:
         c1:81:e8:ba:9f:18:0f:6c:9e:75:f5:ca:fe:a1:cb:6a:dd:e7:
         09:5d:00:5b:79:8d:ad:e5:d6:7a:eb:43:44:b9:06:1f:b8:3c:
         06:75:60:59:c8:a1:5e:19:18:a6:5f:bb:bd:a8:44:c3:36:be:
         01:e8:29:c4:7f:a2:ab:8e:81:64:98:d8:e7:e9:70:b5:05:7b:
         6e:6f:28:25:ef:f4:04:1a:92:7c:64:a7:a0:62:b6:d2:25:b9:
         29:86:d9:05:76:20:7b:37:06:5b:29:05:fb:51:37:f4:ad:ed:
         66:76:7a:31:9c:43:c7:d6:5a:bf:d5:5f:f9:91:ac:46:20:be:
         b2:47:fb:fd:f7:eb:d2:5b:e6:c2:2a:fa:f3:94:cb:db:19:be:
         cf:4c:1e:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5gZg8aW+UFyAD5TEJLNsU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIxMDk0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGMyNDM4Nzc5YWQ2OTRhYjI2ODE2ZjZmMzY3NTI5MTA5N2E0MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHxORdpQwzJ4evn0ySjSBL+FLjMX
qYQQVCTEXrLzFozM7ssGSYRoDe0QD6fvrfXVEWRRcyrEANu+mAYg18DMrWZgJLzZ
8xDz7hiAIZXaBq0wk5OPMMR0qiWy1ux9E8ZIs6ffCbwMkW06oONyzp1Hs0D2RCpq
RD1O2WkBgLqECxrMWpANM5hQ2xg4jtOQggBM2/9Mi48NxXHgt9ggl/BWegFi21bd
hpxdIAO0A3c4IIjn51qPBgQ1caCXQYA40kaRgAVw6xDnAbblonc9DtZI5y0o+WIG
uWvG5jNlByNV5VhPPWYGmfTnGQv65RHW+0eQ3op2TE5Rr7XdzVu1PlUHiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNjCQ4d5rWlKsmgW9vNnUpEJekBMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMk1KRGgzbXRhVXF5YUJiMjgyZFNrUWw2UUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdV7AwQA
1dr6MA0GCSqGSIb3DQEBCwUAA4IBAQBPmraY1epHUUx9vKWsJ4tE/V0m5zLDwdaf
ldDkUv9Y+lrezsXaLT7lcqwJHNJj4jhSNDRDqk96ueatqF4fQpfKARpNTycIi5eA
BogOWgQfaHEYXVAr6R5GnVdHprxEuZoPJji0epI7TN9tpGzBgei6nxgPbJ519cr+
octq3ecJXQBbeY2t5dZ660NEuQYfuDwGdWBZyKFeGRimX7u9qETDNr4B6CnEf6Kr
joFkmNjn6XC1BXtubygl7/QEGpJ8ZKegYrbSJbkphtkFdiB7NwZbKQX7UTf0re1m
dnoxnEPH1lq/1V/5kaxGIL6yR/v99+vSW+bCKvrzlMvbGb7PTB5r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org