Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2Suyizs8FzzTp9oCkXsd6M_qWcA.roa
File:                     2Suyizs8FzzTp9oCkXsd6M_qWcA.roa (raw, json)
Hash identifier:          +cf1qU+HjU7fX+A2E3hw41hH1aiSWtBfJfKHy0CDsUc=
Subject key identifier:   D9:2B:B2:8B:3B:3C:17:3C:D3:A7:DA:02:91:7B:1D:E8:CF:EA:59:C0
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018F3F7005AE794E87DEE8204A7AA2DFED16
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2Suyizs8FzzTp9oCkXsd6M_qWcA.roa
Signing time:             Fri 03 May 2024 17:10:57 +0000
ROA not before:           Fri 03 May 2024 17:10:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16276
IP address blocks:        213.210.39.0/24 maxlen: 24
                          213.218.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 04 May 2024 19:42:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3f:70:05:ae:79:4e:87:de:e8:20:4a:7a:a2:df:ed:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May  3 17:10:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d92bb28b3b3c173cd3a7da02917b1de8cfea59c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:10:70:74:66:a4:1c:4e:25:c8:6b:5a:f2:f5:
                    e3:2d:7b:74:01:e8:84:ec:a6:38:e7:0b:f9:ea:9e:
                    65:1e:50:f4:72:b2:eb:ca:a7:8e:1a:20:d6:4f:55:
                    cb:1b:a9:d6:5d:80:1b:4c:b7:e2:f9:46:fe:96:73:
                    c2:bb:f6:91:e4:75:f4:76:39:b5:fb:9a:5b:0f:d1:
                    e1:58:f9:d1:08:bc:b3:d1:fc:97:a8:70:6f:e7:8f:
                    a2:7a:91:1d:64:86:4e:37:c0:40:e8:a0:7e:73:ed:
                    ae:ca:cf:29:b3:f4:b0:f8:e7:0e:b8:8a:62:18:a4:
                    ba:dd:dd:c9:63:94:eb:53:f6:38:45:e7:eb:50:63:
                    75:16:1f:59:f3:fe:86:7d:59:11:03:f2:ad:ca:d0:
                    d2:00:da:e5:36:71:46:f1:a6:a1:14:50:b5:2f:34:
                    60:97:8d:c2:76:d9:5c:87:91:2a:cd:68:61:66:d0:
                    bd:c5:29:74:19:ea:0b:7f:55:c6:c2:f8:7b:db:e6:
                    f9:5d:0b:de:2f:e3:06:80:2b:ac:af:d6:f9:57:ea:
                    65:e9:07:f0:ac:7f:bd:b6:bf:83:04:03:b7:b5:e8:
                    70:46:20:15:0f:cf:1b:93:83:d5:fb:14:30:5c:f3:
                    9d:79:dd:c7:0c:11:91:78:68:f1:c9:e2:a7:99:0f:
                    b6:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:2B:B2:8B:3B:3C:17:3C:D3:A7:DA:02:91:7B:1D:E8:CF:EA:59:C0
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2Suyizs8FzzTp9oCkXsd6M_qWcA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.210.39.0/24
                  213.218.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:ff:90:e2:3a:2f:ec:eb:4b:6f:20:21:0a:10:25:ff:86:34:
         10:d5:ce:9a:9c:00:41:aa:39:48:fb:d0:70:5b:3e:88:5e:fc:
         b3:be:61:1c:02:6f:c6:cf:36:2b:93:65:e4:b0:33:d0:99:b8:
         4c:97:6d:01:84:d6:2d:d2:9e:94:93:c2:fc:70:c9:90:d3:86:
         28:c4:7d:f8:5e:ec:0c:dd:81:84:fd:1f:c3:f2:80:cf:61:31:
         19:84:64:ee:f7:3b:a9:ee:ed:a1:ea:96:c1:b5:99:7c:89:c8:
         15:57:c5:9b:d3:df:f1:39:45:e1:c7:67:bd:e0:9c:71:31:cd:
         5e:82:89:87:ca:aa:ab:4f:38:33:8c:f7:41:44:19:86:2d:33:
         be:9f:e4:8e:d0:d9:65:98:a2:3f:f6:73:e2:f5:e1:28:91:92:
         da:77:39:bf:de:b6:f1:8a:3f:1b:b1:6f:9e:80:40:cf:e1:6e:
         6d:5d:06:2d:be:f6:7e:f9:fe:c1:7d:80:f6:f6:fe:e8:a9:4c:
         c9:a3:43:19:05:06:23:ea:d1:36:a3:c7:0c:14:d0:7a:79:ea:
         75:d0:c0:c9:74:0c:50:d5:03:8d:d2:25:db:fa:61:91:e8:3e:
         b0:ad:63:1a:6b:05:e7:7a:57:4c:ff:fb:91:c9:35:23:c7:4f:
         46:4f:27:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8/cAWueU6H3uggSnqi3+0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAzMTcxMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTJiYjI4YjNiM2MxNzNjZDNhN2RhMDI5MTdiMWRlOGNmZWE1OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxBwdGakHE4lyGta8vXjLXt0AeiE
7KY45wv56p5lHlD0crLryqeOGiDWT1XLG6nWXYAbTLfi+Ub+lnPCu/aR5HX0djm1
+5pbD9HhWPnRCLyz0fyXqHBv54+iepEdZIZON8BA6KB+c+2uys8ps/Sw+OcOuIpi
GKS63d3JY5TrU/Y4RefrUGN1Fh9Z8/6GfVkRA/KtytDSANrlNnFG8aahFFC1LzRg
l43Cdtlch5EqzWhhZtC9xSl0GeoLf1XGwvh72+b5XQveL+MGgCusr9b5V+pl6Qfw
rH+9tr+DBAO3tehwRiAVD88bk4PV+xQwXPOded3HDBGReGjxyeKnmQ+2gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNkrsos7PBc806faApF7HejP6lnAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMlN1eWl6czhGenpUcDlvQ2tYc2Q2TV9xV2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dInAwQA
1drqMA0GCSqGSIb3DQEBCwUAA4IBAQAu/5DiOi/s60tvICEKECX/hjQQ1c6anABB
qjlI+9BwWz6IXvyzvmEcAm/GzzYrk2XksDPQmbhMl20BhNYt0p6Uk8L8cMmQ04Yo
xH34XuwM3YGE/R/D8oDPYTEZhGTu9zup7u2h6pbBtZl8icgVV8Wb09/xOUXhx2e9
4JxxMc1egomHyqqrTzgzjPdBRBmGLTO+n+SO0NllmKI/9nPi9eEokZLadzm/3rbx
ij8bsW+egEDP4W5tXQYtvvZ++f7BfYD29v7oqUzJo0MZBQYj6tE2o8cMFNB6eep1
0MDJdAxQ1QON0iXb+mGR6D6wrWMaawXneldM//uRyTUjx09GTyfn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org