Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6jNaSQWBLVoDiJDMv3HnX0N0Wm4.roa
File:                     6jNaSQWBLVoDiJDMv3HnX0N0Wm4.roa (raw, json)
Hash identifier:          VV+I+YeziLzad8CKllgSVVs1ZIbaG6WPZMLxPeWvj60=
Subject key identifier:   EA:33:5A:49:05:81:2D:5A:03:88:90:CC:BF:71:E7:5F:43:74:5A:6E
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018DD19A05F920B260B889FC9F198F7EE00B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6jNaSQWBLVoDiJDMv3HnX0N0Wm4.roa
Signing time:             Thu 22 Feb 2024 16:15:48 +0000
ROA not before:           Thu 22 Feb 2024 16:15:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5511
IP address blocks:        89.213.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 10:23:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d1:9a:05:f9:20:b2:60:b8:89:fc:9f:19:8f:7e:e0:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb 22 16:15:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ea335a4905812d5a038890ccbf71e75f43745a6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f1:b3:9b:b8:fc:d8:f5:c2:0b:88:5b:bd:22:
                    a3:68:13:bb:95:f4:29:cc:4a:88:a1:97:b2:20:dc:
                    7e:e0:02:2a:0b:62:b5:38:85:19:f0:19:8e:93:05:
                    1f:b1:a6:95:d9:46:b3:2f:5d:9a:c2:4d:06:7c:4b:
                    c5:48:fb:61:11:02:0d:4b:45:d9:17:18:3d:ef:36:
                    1d:9b:34:d7:f5:da:3d:eb:d6:51:ad:a3:2e:eb:51:
                    2e:d6:e7:e5:9b:86:dd:11:00:b1:b6:66:49:82:7b:
                    31:75:dc:8e:8e:7c:75:d1:64:e3:fa:b7:83:bc:39:
                    6f:4a:83:f2:68:98:68:6b:79:60:c9:24:0a:1e:4f:
                    f8:1a:44:6c:e7:3b:2e:94:35:88:60:e5:ac:f3:82:
                    e7:67:be:14:61:9f:2a:7e:9f:f5:4f:89:a5:b1:7c:
                    63:53:aa:4b:df:5a:9e:74:96:31:66:c3:02:ad:1a:
                    30:19:75:c4:d2:46:cf:0f:45:c4:ad:29:b6:f1:f6:
                    52:3b:09:e0:97:ff:67:39:64:53:48:f6:eb:f9:29:
                    fa:b2:b2:36:76:31:a9:d3:9d:4e:0e:1d:9b:75:2a:
                    4c:5f:68:38:1d:3b:92:64:93:c7:80:f3:c9:e9:96:
                    c3:5a:c0:76:ae:e9:6f:77:8c:3e:ce:a4:32:68:c3:
                    ab:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:33:5A:49:05:81:2D:5A:03:88:90:CC:BF:71:E7:5F:43:74:5A:6E
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6jNaSQWBLVoDiJDMv3HnX0N0Wm4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:07:09:84:02:13:65:50:74:80:43:98:63:e3:36:f6:24:b6:
         0a:d7:ec:45:23:32:9a:5b:66:ac:5b:b1:f6:32:ca:90:ed:74:
         9a:7a:91:d3:2b:7d:b9:30:5d:cd:c3:9d:82:e5:07:3c:ab:2b:
         db:d1:fb:94:36:ae:b2:f5:18:f9:dd:b5:1b:75:43:27:21:7b:
         7c:42:0d:b2:c1:7c:2a:cc:2f:56:e5:35:ae:65:00:2f:80:94:
         23:43:da:0d:24:1a:e2:60:ca:a2:77:cd:47:a8:a8:9a:dc:88:
         fc:2e:bf:f5:a5:fd:23:c9:3f:2d:6a:35:f5:d5:9b:2e:04:2a:
         dd:0b:57:83:4a:bd:54:e4:93:bc:1a:fc:4a:a8:e5:13:9d:80:
         6f:bc:44:c0:ce:89:1e:1c:35:54:58:0e:3b:7d:4e:91:cb:80:
         a5:97:ba:d5:16:c7:4a:ad:e1:b4:b3:12:5a:21:21:fc:84:28:
         a9:73:59:59:ef:e4:04:a1:b8:13:5b:ad:fd:07:57:42:68:be:
         ce:cc:c0:a3:ff:30:32:90:c7:67:81:e5:ed:87:53:dd:ea:c4:
         3c:0e:b5:a3:4e:4d:bc:e4:4d:a6:fc:18:ce:c5:62:34:56:37:
         7a:08:71:e4:cd:5b:be:d8:f1:21:94:5b:08:6b:69:a9:dd:a5:
         a6:26:75:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3RmgX5ILJguIn8nxmPfuALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjIyMTYxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTMzNWE0OTA1ODEyZDVhMDM4ODkwY2NiZjcxZTc1ZjQzNzQ1YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvGzm7j82PXCC4hbvSKjaBO7lfQp
zEqIoZeyINx+4AIqC2K1OIUZ8BmOkwUfsaaV2UazL12awk0GfEvFSPthEQINS0XZ
Fxg97zYdmzTX9do969ZRraMu61Eu1uflm4bdEQCxtmZJgnsxddyOjnx10WTj+reD
vDlvSoPyaJhoa3lgySQKHk/4GkRs5zsulDWIYOWs84LnZ74UYZ8qfp/1T4mlsXxj
U6pL31qedJYxZsMCrRowGXXE0kbPD0XErSm28fZSOwngl/9nOWRTSPbr+Sn6srI2
djGp051ODh2bdSpMX2g4HTuSZJPHgPPJ6ZbDWsB2rulvd4w+zqQyaMOrVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOozWkkFgS1aA4iQzL9x519DdFpuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNmpOYVNRV0JMVm9EaUpETXYzSG5YME4wV200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWdMA0G
CSqGSIb3DQEBCwUAA4IBAQCHBwmEAhNlUHSAQ5hj4zb2JLYK1+xFIzKaW2asW7H2
MsqQ7XSaepHTK325MF3Nw52C5Qc8qyvb0fuUNq6y9Rj53bUbdUMnIXt8Qg2ywXwq
zC9W5TWuZQAvgJQjQ9oNJBriYMqid81HqKia3Ij8Lr/1pf0jyT8tajX11ZsuBCrd
C1eDSr1U5JO8GvxKqOUTnYBvvETAzokeHDVUWA47fU6Ry4Cll7rVFsdKreG0sxJa
ISH8hCipc1lZ7+QEobgTW639B1dCaL7OzMCj/zAykMdngeXth1Pd6sQ8DrWjTk28
5E2m/BjOxWI0Vjd6CHHkzVu+2PEhlFsIa2mp3aWmJnWz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org