Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4LerzlpahuqcQWuaW3YZu6j1t9g.roa
File:                     4LerzlpahuqcQWuaW3YZu6j1t9g.roa (raw, json)
Hash identifier:          DOxJPLhWNExUq66xv2GsevJ8zNuz7Tj9N0Hp1uGPs30=
Subject key identifier:   E0:B7:AB:CE:5A:5A:86:EA:9C:41:6B:9A:5B:76:19:BB:A8:F5:B7:D8
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189A6053840363FB8975FFAF4A166E1E5EC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4LerzlpahuqcQWuaW3YZu6j1t9g.roa
Signing time:             Sun 30 Jul 2023 08:58:27 +0000
ROA not before:           Sun 30 Jul 2023 08:58:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        109.176.213.0/24 maxlen: 24
                          89.213.158.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          89.213.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 08:34:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a6:05:38:40:36:3f:b8:97:5f:fa:f4:a1:66:e1:e5:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul 30 08:58:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0b7abce5a5a86ea9c416b9a5b7619bba8f5b7d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4a:29:8d:ae:87:4c:48:54:a4:69:39:b0:f8:
                    67:2d:94:9c:09:4d:a1:95:be:9b:2c:0d:cd:35:05:
                    97:7b:d7:93:57:9b:0a:bc:8e:4c:ea:2b:b8:90:23:
                    4e:66:22:81:fa:d8:57:39:b9:c8:0c:86:b8:03:a0:
                    d3:86:78:f7:79:dc:ad:4a:ec:21:b0:b2:04:3d:c8:
                    e2:38:10:b5:36:d3:bf:14:af:59:76:be:5d:23:ab:
                    41:57:af:0d:57:f2:8c:a2:16:90:11:cc:0a:31:0f:
                    e4:93:d0:f7:09:62:46:df:fd:ed:e9:ed:4a:82:06:
                    ab:44:7b:36:ea:ed:b6:2c:b9:5a:78:e3:4e:0e:5c:
                    07:2c:d9:73:8b:d6:ce:6a:df:b7:66:2f:19:a5:5d:
                    02:75:63:05:a7:4a:76:5a:01:e3:1c:77:fd:de:bd:
                    a5:e6:a0:0d:a6:0e:84:58:00:dc:23:33:37:b8:4f:
                    b2:7f:83:d5:2a:1d:15:1b:3f:7f:83:bc:c6:9d:19:
                    04:cf:02:6a:6e:a3:f5:3d:83:1d:4f:bd:de:45:14:
                    6c:c4:aa:bb:67:12:9c:12:52:8a:f0:11:ab:52:c3:
                    43:93:92:de:e2:a4:3c:fe:b5:d9:e2:d5:38:12:c8:
                    84:6d:03:f9:76:19:1e:91:e8:16:65:e4:7e:9e:86:
                    7b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:B7:AB:CE:5A:5A:86:EA:9C:41:6B:9A:5B:76:19:BB:A8:F5:B7:D8
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4LerzlpahuqcQWuaW3YZu6j1t9g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.156.0-89.213.158.255
                  109.176.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:99:6b:d2:24:fe:06:5b:4d:8b:4f:19:d5:4b:7f:24:de:6b:
         e5:b3:de:8e:c4:4d:b7:34:e9:24:d8:09:23:55:86:c7:ec:6b:
         43:ed:cd:c7:6e:74:68:6c:3d:6b:91:e4:84:ef:e1:0f:1f:24:
         01:8c:bf:82:f3:50:b9:a0:22:c9:11:53:a7:a3:68:47:24:9f:
         b3:06:a4:2e:60:fe:e1:ed:04:3d:dc:04:5f:ce:e8:fc:d2:2a:
         e7:e6:e4:c0:6c:de:1a:c1:68:3c:2a:28:ee:97:b8:70:0b:ef:
         8f:45:0a:ef:3c:31:20:1c:21:74:ff:f2:98:b0:e1:95:15:f5:
         bf:de:3a:f8:b6:fe:0b:e7:38:0b:9a:f1:71:f8:e1:0d:08:49:
         96:62:80:16:88:a7:52:29:e5:51:6e:98:0d:f9:f2:09:1a:88:
         e7:28:1f:58:ae:6c:a2:a7:0d:6d:ee:b6:32:62:21:75:1f:6e:
         8f:38:03:d7:77:94:f2:a9:34:80:02:2e:39:c0:bc:4d:fc:51:
         58:83:ee:3d:b6:69:63:55:c4:0c:15:67:b7:0b:e8:89:c7:3c:
         8b:85:ad:30:67:d4:7e:5e:5a:14:43:1f:ba:d7:8e:07:6d:5e:
         48:6b:43:90:70:f5:e3:7f:26:b0:c3:67:68:35:3a:f9:3d:32:
         ac:88:d0:15
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYmmBThANj+4l1/69KFm4eXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzMwMDg1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGI3YWJjZTVhNWE4NmVhOWM0MTZiOWE1Yjc2MTliYmE4ZjViN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkopja6HTEhUpGk5sPhnLZScCU2h
lb6bLA3NNQWXe9eTV5sKvI5M6iu4kCNOZiKB+thXObnIDIa4A6DThnj3edytSuwh
sLIEPcjiOBC1NtO/FK9Zdr5dI6tBV68NV/KMohaQEcwKMQ/kk9D3CWJG3/3t6e1K
ggarRHs26u22LLlaeONODlwHLNlzi9bOat+3Zi8ZpV0CdWMFp0p2WgHjHHf93r2l
5qANpg6EWADcIzM3uE+yf4PVKh0VGz9/g7zGnRkEzwJqbqP1PYMdT73eRRRsxKq7
ZxKcElKK8BGrUsNDk5Le4qQ8/rXZ4tU4EsiEbQP5dhkekegWZeR+noZ7KwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOC3q85aWobqnEFrmlt2Gbuo9bfYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNExlcnpscGFodXFjUVd1YVczWVp1NmoxdDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJZ1ZwD
BABZ1Z4DBABtsNUwDQYJKoZIhvcNAQELBQADggEBADOZa9Ik/gZbTYtPGdVLfyTe
a+Wz3o7ETbc06STYCSNVhsfsa0PtzcdudGhsPWuR5ITv4Q8fJAGMv4LzULmgIskR
U6ejaEckn7MGpC5g/uHtBD3cBF/O6PzSKufm5MBs3hrBaDwqKO6XuHAL749FCu88
MSAcIXT/8piw4ZUV9b/eOvi2/gvnOAua8XH44Q0ISZZigBaIp1Ip5VFumA358gka
iOcoH1iubKKnDW3utjJiIXUfbo84A9d3lPKpNIACLjnAvE38UViD7j22aWNVxAwV
Z7cL6InHPIuFrTBn1H5eWhRDH7rXjgdtXkhrQ5Bw9eN/JrDDZ2g1Ovk9MqyI0BU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org