Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2Q_EE5iyg2-BnHQlisd2YpYFRUk.roa
File:                     2Q_EE5iyg2-BnHQlisd2YpYFRUk.roa (raw, json)
Hash identifier:          0kGIyvbi1VPGSp36s5iQmD7Px04hmEQgVGEptbI4YSE=
Subject key identifier:   D9:0F:C4:13:98:B2:83:6F:81:9C:74:25:8A:C7:76:62:96:05:45:49
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189C170211F8AD553358B3A6C773D45FCC0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2Q_EE5iyg2-BnHQlisd2YpYFRUk.roa
Signing time:             Fri 04 Aug 2023 16:44:58 +0000
ROA not before:           Fri 04 Aug 2023 16:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        89.213.7.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          89.213.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 07:41:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:c1:70:21:1f:8a:d5:53:35:8b:3a:6c:77:3d:45:fc:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  4 16:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d90fc41398b2836f819c74258ac7766296054549
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7c:79:a4:0c:57:2c:ce:83:12:f7:d8:60:fa:
                    f2:a7:ab:2f:4e:90:64:e6:6e:d6:78:b7:b2:9b:2b:
                    53:19:50:ad:75:2c:95:e6:52:5a:9d:d8:da:b9:90:
                    d9:6b:9d:fb:e6:4b:36:1b:90:ed:e8:d2:92:11:1e:
                    5a:a2:ba:92:1b:48:57:fe:aa:4c:8b:bc:23:2a:75:
                    81:ad:ed:c9:84:58:74:d4:a5:23:c1:cd:f9:90:7c:
                    cf:89:0d:8c:cd:b7:4e:28:e9:5e:43:1f:a3:fc:98:
                    33:56:12:ec:93:15:5e:02:59:a6:f9:f9:26:ba:55:
                    3b:ad:33:83:c7:e2:c3:a0:60:20:e3:ca:e9:0f:0a:
                    6c:b9:3a:38:39:e4:05:98:0a:76:c1:dd:e6:41:fc:
                    e3:d5:c4:d0:a3:59:af:85:52:46:71:23:17:25:fe:
                    5f:99:78:06:8c:86:1f:0e:b0:d1:b1:6c:93:6a:ae:
                    4b:c2:a2:90:1d:3c:4d:a9:93:fa:33:00:d2:58:e9:
                    7c:c2:6d:c6:8e:d1:30:f0:4c:22:8a:aa:d6:bc:ae:
                    ab:18:af:73:f7:fd:73:90:0d:d4:35:c1:62:82:90:
                    6f:7f:88:d6:c0:b6:9a:31:a4:c2:70:72:6e:d2:22:
                    42:d5:4a:cb:f5:25:77:e5:37:4e:e0:dc:4e:cb:1d:
                    7f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:0F:C4:13:98:B2:83:6F:81:9C:74:25:8A:C7:76:62:96:05:45:49
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2Q_EE5iyg2-BnHQlisd2YpYFRUk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24
                  89.213.7.0/24
                  89.213.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:e3:b8:e8:e7:fe:aa:f1:fc:09:a9:3d:af:cb:99:3e:c5:4d:
         c7:56:ff:e6:c6:b2:16:8a:b5:19:0b:cf:61:55:17:37:ae:8f:
         cb:4f:28:1b:39:2d:b4:4a:10:0e:7c:a8:b7:df:39:08:e4:78:
         73:18:f6:42:4e:ba:d5:7e:a7:28:26:e2:41:1f:5d:10:84:a0:
         40:1b:9d:fb:a3:3a:b2:64:2e:c3:17:e5:56:21:3e:61:ca:5b:
         27:d3:7c:1c:e0:b8:9b:ae:a4:33:19:57:12:84:f6:49:59:21:
         5d:9b:3a:ea:dc:82:dd:9a:d0:74:d1:8f:18:2a:6a:8e:0f:c6:
         97:81:df:6d:39:7a:b8:20:be:d0:83:a1:3c:00:ac:aa:76:e8:
         fc:70:ac:41:a5:5c:fa:28:59:73:10:fb:10:3b:76:b8:08:33:
         06:b5:b7:2f:1f:2a:59:69:44:30:a4:c8:05:e9:c3:08:88:6b:
         f8:9f:f4:8f:ef:1d:39:e1:43:21:3c:b8:ec:75:0e:17:ed:49:
         ca:c1:c7:72:6a:f8:0e:fe:a7:32:aa:15:6f:f0:c3:a2:4f:63:
         19:14:c2:a5:ee:11:59:36:bd:56:df:75:56:2c:ac:a5:e3:79:
         23:17:ac:ab:ae:44:f6:7e:57:c3:50:46:ac:70:4f:93:ed:5f:
         68:70:e7:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnBcCEfitVTNYs6bHc9RfzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA0MTY0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTBmYzQxMzk4YjI4MzZmODE5Yzc0MjU4YWM3NzY2Mjk2MDU0NTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHx5pAxXLM6DEvfYYPryp6svTpBk
5m7WeLeymytTGVCtdSyV5lJandjauZDZa5375ks2G5Dt6NKSER5aorqSG0hX/qpM
i7wjKnWBre3JhFh01KUjwc35kHzPiQ2MzbdOKOleQx+j/JgzVhLskxVeAlmm+fkm
ulU7rTODx+LDoGAg48rpDwpsuTo4OeQFmAp2wd3mQfzj1cTQo1mvhVJGcSMXJf5f
mXgGjIYfDrDRsWyTaq5LwqKQHTxNqZP6MwDSWOl8wm3GjtEw8EwiiqrWvK6rGK9z
9/1zkA3UNcFigpBvf4jWwLaaMaTCcHJu0iJC1UrL9SV35TdO4NxOyx1/AwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNkPxBOYsoNvgZx0JYrHdmKWBUVJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMlFfRUU1aXlnMi1CbkhRbGlzZDJZcFlGUlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpkEAwQA
WdUHAwQAWdWsMA0GCSqGSIb3DQEBCwUAA4IBAQAN47jo5/6q8fwJqT2vy5k+xU3H
Vv/mxrIWirUZC89hVRc3ro/LTygbOS20ShAOfKi33zkI5HhzGPZCTrrVfqcoJuJB
H10QhKBAG537ozqyZC7DF+VWIT5hylsn03wc4LibrqQzGVcShPZJWSFdmzrq3ILd
mtB00Y8YKmqOD8aXgd9tOXq4IL7Qg6E8AKyqduj8cKxBpVz6KFlzEPsQO3a4CDMG
tbcvHypZaUQwpMgF6cMIiGv4n/SP7x054UMhPLjsdQ4X7UnKwcdyavgO/qcyqhVv
8MOiT2MZFMKl7hFZNr1W33VWLKyl43kjF6yrrkT2flfDUEascE+T7V9ocOfW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org