Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3q_SQC23H9dqg80na3X1pSo5O0o.roa
File:                     3q_SQC23H9dqg80na3X1pSo5O0o.roa (raw, json)
Hash identifier:          bGOwvnvVTBjSyYKCyJOcbnqTnE3MHvFQ7nJrXmdaEYs=
Subject key identifier:   DE:AF:D2:40:2D:B7:1F:D7:6A:83:CD:27:6B:75:F5:A5:2A:39:3B:4A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018BEBC7CBF7D471412248CB17B217DB4B23
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3q_SQC23H9dqg80na3X1pSo5O0o.roa
Signing time:             Mon 20 Nov 2023 08:10:21 +0000
ROA not before:           Mon 20 Nov 2023 08:10:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     45996
IP address blocks:        89.213.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 08:16:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:eb:c7:cb:f7:d4:71:41:22:48:cb:17:b2:17:db:4b:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 20 08:10:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=deafd2402db71fd76a83cd276b75f5a52a393b4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e3:68:f4:dd:a6:0a:a1:f4:0b:a2:60:65:a3:
                    37:e5:c9:bd:13:44:66:63:32:3d:68:d4:2b:7e:36:
                    09:7e:d2:cf:56:e5:37:6a:12:55:41:84:0f:72:1d:
                    5d:98:83:6e:fc:72:c0:3b:01:22:93:16:18:9f:d0:
                    93:a6:cd:8d:94:23:8f:57:a0:1d:6a:23:67:b4:56:
                    10:0f:e5:85:ca:f2:55:0c:ad:29:4c:b1:eb:52:35:
                    99:43:5d:ad:46:a4:05:36:67:bb:c9:b3:57:e6:64:
                    e1:8a:0f:d6:d1:af:45:08:46:40:06:43:dd:e8:dd:
                    57:9b:e9:94:a1:e6:da:40:9a:71:8a:f2:97:d7:48:
                    d4:e3:d3:3b:49:54:0c:f0:99:a8:f0:44:c1:24:3e:
                    24:d8:57:96:23:57:4c:cc:e9:05:9b:d6:54:e4:db:
                    2b:57:2e:a5:b5:57:fe:4a:6c:01:bd:aa:a9:ed:02:
                    d1:26:3b:e0:96:0f:99:05:0a:6c:91:c3:5b:62:d4:
                    b1:4e:bf:08:1a:19:34:67:c3:51:bc:38:4a:57:8c:
                    dd:a6:81:1f:dd:98:6f:03:81:0b:68:eb:0f:71:23:
                    79:31:c2:d0:2b:e2:2b:0e:d3:d4:3c:b0:3e:f2:ff:
                    c4:ec:9d:5f:9a:74:cd:63:26:51:e5:e9:3e:b4:84:
                    15:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:AF:D2:40:2D:B7:1F:D7:6A:83:CD:27:6B:75:F5:A5:2A:39:3B:4A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3q_SQC23H9dqg80na3X1pSo5O0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:41:14:23:a2:16:f1:fc:e6:41:9b:b0:db:21:58:ce:11:f7:
         04:b6:10:47:f8:85:d9:39:01:e8:81:56:ea:24:53:01:76:eb:
         8e:c7:b7:e6:db:43:7d:e4:12:68:fd:97:c7:cd:b5:10:c4:28:
         11:7e:6e:87:15:2e:65:4f:fd:78:ff:a8:1b:22:74:d5:72:0a:
         d4:01:3a:9a:9a:23:4f:01:1c:8e:19:d5:69:74:58:af:6e:b7:
         8f:0c:0e:b3:e8:23:f0:1f:9a:c6:1e:5c:08:15:77:37:cc:3a:
         95:a7:dd:82:4d:e4:18:69:17:69:b1:76:13:86:8c:f0:d7:67:
         f5:19:28:10:2d:de:e1:3d:dc:38:d2:d3:6a:ea:b7:6c:d6:bf:
         05:cf:d6:ed:99:9b:a8:b4:5a:ff:87:7e:70:a0:32:9e:c8:af:
         32:d3:ac:3f:ef:bf:28:25:c2:d3:6b:2a:5c:0e:eb:96:10:d3:
         6a:98:17:db:da:48:47:4e:1a:e8:3e:b2:1f:e1:1e:33:15:c6:
         b7:57:65:5e:af:2e:1a:ee:66:03:30:8a:4c:41:08:23:f4:5f:
         cb:d7:ef:cd:08:3a:ae:69:4d:ae:61:33:c9:f4:92:93:3c:83:
         29:47:03:b4:83:da:89:7c:6a:83:6d:34:75:c2:79:57:80:26:
         2d:69:12:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvrx8v31HFBIkjLF7IX20sjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTIwMDgxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWFmZDI0MDJkYjcxZmQ3NmE4M2NkMjc2Yjc1ZjVhNTJhMzkzYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieNo9N2mCqH0C6JgZaM35cm9E0Rm
YzI9aNQrfjYJftLPVuU3ahJVQYQPch1dmINu/HLAOwEikxYYn9CTps2NlCOPV6Ad
aiNntFYQD+WFyvJVDK0pTLHrUjWZQ12tRqQFNme7ybNX5mThig/W0a9FCEZABkPd
6N1Xm+mUoebaQJpxivKX10jU49M7SVQM8Jmo8ETBJD4k2FeWI1dMzOkFm9ZU5Nsr
Vy6ltVf+SmwBvaqp7QLRJjvglg+ZBQpskcNbYtSxTr8IGhk0Z8NRvDhKV4zdpoEf
3ZhvA4ELaOsPcSN5McLQK+IrDtPUPLA+8v/E7J1fmnTNYyZR5ek+tIQV5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6v0kAttx/XaoPNJ2t19aUqOTtKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM3FfU1FDMjNIOWRxZzgwbmEzWDFwU281TzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdW3MA0G
CSqGSIb3DQEBCwUAA4IBAQCPQRQjohbx/OZBm7DbIVjOEfcEthBH+IXZOQHogVbq
JFMBduuOx7fm20N95BJo/ZfHzbUQxCgRfm6HFS5lT/14/6gbInTVcgrUATqamiNP
ARyOGdVpdFivbrePDA6z6CPwH5rGHlwIFXc3zDqVp92CTeQYaRdpsXYThozw12f1
GSgQLd7hPdw40tNq6rds1r8Fz9btmZuotFr/h35woDKeyK8y06w/778oJcLTaypc
DuuWENNqmBfb2khHThroPrIf4R4zFca3V2Very4a7mYDMIpMQQgj9F/L1+/NCDqu
aU2uYTPJ9JKTPIMpRwO0g9qJfGqDbTR1wnlXgCYtaRL4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org