Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5VzDKu42y71BEgqttWks4xSDXVI.roa
File:                     5VzDKu42y71BEgqttWks4xSDXVI.roa (raw, json)
Hash identifier:          pzbgz//la5m6q/Flstu0PIdj3VNlVGLMw7yfLR4/Fjo=
Subject key identifier:   E5:5C:C3:2A:EE:36:CB:BD:41:12:0A:AD:B5:69:2C:E3:14:83:5D:52
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189B5AECA7E4F941F69A0BD827FD6ADFC8D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5VzDKu42y71BEgqttWks4xSDXVI.roa
Signing time:             Wed 02 Aug 2023 09:57:58 +0000
ROA not before:           Wed 02 Aug 2023 09:57:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397423
IP address blocks:        89.213.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Sep 2023 16:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b5:ae:ca:7e:4f:94:1f:69:a0:bd:82:7f:d6:ad:fc:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  2 09:57:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e55cc32aee36cbbd41120aadb5692ce314835d52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:15:e3:37:33:6e:7c:24:a1:51:7f:9f:5c:01:
                    f0:23:21:1c:69:ae:ff:ec:b7:ec:ce:11:98:f1:11:
                    56:ea:65:b2:68:c2:78:fe:30:58:43:26:d4:08:29:
                    54:3d:7b:1f:5d:43:56:d3:95:96:2b:7b:a3:35:69:
                    50:33:22:8a:74:8a:e9:5d:de:46:42:2c:19:9f:a1:
                    45:87:2a:e3:80:ec:27:af:db:5f:f1:4a:24:6e:f3:
                    0e:af:37:11:8a:19:19:81:58:c5:ff:03:c8:91:0d:
                    4d:33:d5:61:17:7d:82:6b:c4:b7:75:0f:53:6f:e4:
                    12:ef:00:ca:82:47:2c:22:05:8f:72:88:2e:40:e3:
                    38:92:b8:6a:86:89:95:5a:1c:8e:38:9e:89:63:f6:
                    d8:e3:50:3f:74:48:06:23:e5:c9:b3:b7:7e:f3:81:
                    ac:9a:58:a0:bf:9d:88:a9:65:5a:00:5d:05:8b:92:
                    97:e6:e7:5a:4c:ba:52:1f:18:6b:b7:b3:87:a0:12:
                    55:2c:6e:3e:47:54:e5:30:5b:58:5a:b5:86:d7:24:
                    4c:a3:68:55:39:2c:28:c7:08:a3:d9:03:b0:e6:78:
                    d8:02:b7:d8:bd:15:d6:89:1e:ad:38:5e:a4:25:1b:
                    b2:fb:00:79:10:05:b3:e7:ac:ee:62:a5:e2:17:ff:
                    4f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:5C:C3:2A:EE:36:CB:BD:41:12:0A:AD:B5:69:2C:E3:14:83:5D:52
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5VzDKu42y71BEgqttWks4xSDXVI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:8c:93:49:e3:a1:b3:76:fb:82:0e:41:62:3c:72:29:3d:45:
         89:da:fa:2e:6d:ba:64:97:11:2d:5d:65:50:59:fa:5c:1a:d0:
         d6:ec:d3:a6:6c:07:84:a0:41:95:82:b9:6d:f9:17:14:43:5a:
         a5:3a:d7:58:58:4b:39:d5:94:37:d0:01:0d:51:30:64:26:6b:
         f0:74:e2:42:fa:8c:b5:ab:35:1a:d9:c4:2b:9a:33:93:9b:c9:
         e0:35:4b:32:0b:ff:0d:1c:b3:b3:3b:f1:ed:10:9a:e8:8a:43:
         e9:6b:71:75:0a:21:65:88:07:83:2a:91:82:bf:dd:60:55:a2:
         89:01:fc:20:5f:01:68:54:bb:b1:1c:41:bb:00:3b:a1:17:b8:
         5c:fa:f7:7d:3f:24:cc:84:38:20:81:d4:ef:81:68:33:33:1d:
         82:6b:09:f1:33:6e:59:a1:17:30:39:d1:a5:e7:93:58:8d:d0:
         76:5e:c5:c8:e2:6a:9d:e2:f8:f6:7a:bc:9a:33:70:11:f8:80:
         b7:99:cc:ec:80:ab:4f:3c:ed:b7:7f:54:bf:88:04:22:ac:25:
         ca:68:3f:4f:35:9e:8a:9b:45:7f:05:74:a3:73:50:03:99:4f:
         15:f2:31:ea:1e:73:29:2c:e3:29:1a:d6:cd:14:9b:e7:08:2f:
         f2:ef:c0:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm1rsp+T5QfaaC9gn/WrfyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAyMDk1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTVjYzMyYWVlMzZjYmJkNDExMjBhYWRiNTY5MmNlMzE0ODM1ZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxXjNzNufCShUX+fXAHwIyEcaa7/
7LfszhGY8RFW6mWyaMJ4/jBYQybUCClUPXsfXUNW05WWK3ujNWlQMyKKdIrpXd5G
QiwZn6FFhyrjgOwnr9tf8UokbvMOrzcRihkZgVjF/wPIkQ1NM9VhF32Ca8S3dQ9T
b+QS7wDKgkcsIgWPcoguQOM4krhqhomVWhyOOJ6JY/bY41A/dEgGI+XJs7d+84Gs
mligv52IqWVaAF0Fi5KX5udaTLpSHxhrt7OHoBJVLG4+R1TlMFtYWrWG1yRMo2hV
OSwoxwij2QOw5njYArfYvRXWiR6tOF6kJRuy+wB5EAWz56zuYqXiF/9PMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVcwyruNsu9QRIKrbVpLOMUg11SMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNVZ6REt1NDJ5NzFCRWdxdHRXa3M0eFNEWFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWEMA0G
CSqGSIb3DQEBCwUAA4IBAQB1jJNJ46GzdvuCDkFiPHIpPUWJ2voubbpklxEtXWVQ
WfpcGtDW7NOmbAeEoEGVgrlt+RcUQ1qlOtdYWEs51ZQ30AENUTBkJmvwdOJC+oy1
qzUa2cQrmjOTm8ngNUsyC/8NHLOzO/HtEJroikPpa3F1CiFliAeDKpGCv91gVaKJ
AfwgXwFoVLuxHEG7ADuhF7hc+vd9PyTMhDgggdTvgWgzMx2CawnxM25ZoRcwOdGl
55NYjdB2XsXI4mqd4vj2eryaM3AR+IC3mczsgKtPPO23f1S/iAQirCXKaD9PNZ6K
m0V/BXSjc1ADmU8V8jHqHnMpLOMpGtbNFJvnCC/y78BL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org