Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Emd5xPnucPhXSeYvtEIrLOy21A.roa
File:                     7Emd5xPnucPhXSeYvtEIrLOy21A.roa (raw, json)
Hash identifier:          p3VDGipQzLi8BxBYg9gYyKNjaM2rGmVK2dTFs4fWpi4=
Subject key identifier:   EC:49:9D:E7:13:E7:B9:C3:E1:5D:27:98:BE:D1:08:AC:B3:B2:DB:50
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B41A61BE9092F42F9A455DEDEE48CA2E6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Emd5xPnucPhXSeYvtEIrLOy21A.roa
Signing time:             Wed 18 Oct 2023 07:18:07 +0000
ROA not before:           Wed 18 Oct 2023 07:18:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216354
IP address blocks:        89.213.180.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Nov 2023 16:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:41:a6:1b:e9:09:2f:42:f9:a4:55:de:de:e4:8c:a2:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 18 07:18:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ec499de713e7b9c3e15d2798bed108acb3b2db50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:75:97:46:ca:c3:d8:23:a4:42:cc:f2:b7:e8:
                    1a:2f:28:e8:d9:f9:c3:48:0b:e6:6a:9b:87:02:80:
                    c2:33:7a:9f:93:fe:09:92:af:ab:5b:36:6c:16:ab:
                    1c:a6:b3:a5:ec:c8:33:52:f5:e3:97:2f:0b:2a:84:
                    84:d6:d1:01:3e:0b:33:bc:15:d2:9a:1d:c7:4c:4b:
                    5d:0b:11:73:1d:8b:67:59:8e:23:8c:e3:02:45:b5:
                    ff:13:47:0b:c0:ff:23:88:6f:40:10:6b:2a:3e:c3:
                    af:84:f7:4a:e2:c3:0f:6b:fe:d8:c8:50:37:cd:d0:
                    9c:f9:52:d8:31:ab:1b:06:d0:53:72:68:00:75:bc:
                    78:7c:74:99:f9:6d:10:f2:63:37:d3:36:7b:25:cc:
                    dd:14:42:1c:4d:fb:9b:6e:e0:08:b0:31:d7:6b:df:
                    79:ff:6a:7e:ee:2d:ff:f8:ef:75:51:8a:40:77:e8:
                    e5:8e:04:a2:17:df:8d:09:15:f1:cd:b6:49:c2:47:
                    77:76:c0:57:52:cf:74:cd:c7:26:11:10:8d:fa:f5:
                    d9:1a:89:3b:52:c7:46:ae:c3:1c:6c:21:0c:a7:53:
                    83:42:1b:5d:81:4e:35:5e:16:f3:d3:db:b2:61:fe:
                    d1:44:cd:9b:51:ed:27:41:4b:83:c6:ec:65:1d:a4:
                    4b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:49:9D:E7:13:E7:B9:C3:E1:5D:27:98:BE:D1:08:AC:B3:B2:DB:50
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Emd5xPnucPhXSeYvtEIrLOy21A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:4e:6c:21:e0:b5:dc:ca:c9:fd:7d:ac:76:2d:53:1f:fe:ab:
         9d:b2:4a:52:6f:cb:92:a8:d4:40:fc:e3:b5:b3:c2:d4:45:cc:
         15:4f:64:5a:6f:3b:f8:e0:f7:a9:4b:01:18:bc:b5:6f:e5:a3:
         70:6d:30:72:80:1c:a5:5f:0f:b6:15:f6:bf:79:f2:19:99:a9:
         db:76:56:38:ec:e3:aa:a2:b9:ea:a7:90:f4:4c:8e:bd:4f:fb:
         fb:73:ab:39:fa:a7:1d:77:c0:67:4a:67:c6:31:63:18:19:c0:
         fe:b4:a8:2c:6e:96:b7:23:24:0d:b4:24:e0:77:c5:f1:0d:e7:
         39:b2:4a:c0:aa:28:fc:67:77:45:62:89:d6:d5:01:26:e5:44:
         36:e9:29:20:d2:6e:85:fb:c4:56:94:73:3c:21:86:25:48:ec:
         98:6e:8c:f1:8b:2b:d2:18:d7:75:00:81:f4:dd:07:f9:ef:64:
         b1:ad:c8:c8:7b:8b:fc:56:06:70:df:49:43:d1:18:21:1d:8e:
         3b:e6:89:35:95:15:da:f1:1b:9c:1b:96:ad:a9:e1:b6:18:a5:
         8d:25:c4:7f:ef:71:27:85:7d:9e:8a:c9:f7:88:85:aa:4b:8b:
         c3:d7:f6:eb:2a:a6:82:71:22:a1:d8:ec:8a:d2:8b:60:fd:39:
         59:a2:58:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtBphvpCS9C+aRV3t7kjKLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE4MDcxODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzQ5OWRlNzEzZTdiOWMzZTE1ZDI3OThiZWQxMDhhY2IzYjJkYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXWXRsrD2COkQszyt+gaLyjo2fnD
SAvmapuHAoDCM3qfk/4Jkq+rWzZsFqscprOl7MgzUvXjly8LKoSE1tEBPgszvBXS
mh3HTEtdCxFzHYtnWY4jjOMCRbX/E0cLwP8jiG9AEGsqPsOvhPdK4sMPa/7YyFA3
zdCc+VLYMasbBtBTcmgAdbx4fHSZ+W0Q8mM30zZ7JczdFEIcTfubbuAIsDHXa995
/2p+7i3/+O91UYpAd+jljgSiF9+NCRXxzbZJwkd3dsBXUs90zccmERCN+vXZGok7
UsdGrsMcbCEMp1ODQhtdgU41Xhbz09uyYf7RRM2bUe0nQUuDxuxlHaRLVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOxJnecT57nD4V0nmL7RCKyzsttQMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN0VtZDV4UG51Y1BoWFNlWXZ0RUlyTE95MjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdW0MA0G
CSqGSIb3DQEBCwUAA4IBAQBPTmwh4LXcysn9fax2LVMf/qudskpSb8uSqNRA/OO1
s8LURcwVT2Rabzv44PepSwEYvLVv5aNwbTBygBylXw+2Ffa/efIZmanbdlY47OOq
ornqp5D0TI69T/v7c6s5+qcdd8BnSmfGMWMYGcD+tKgsbpa3IyQNtCTgd8XxDec5
skrAqij8Z3dFYonW1QEm5UQ26Skg0m6F+8RWlHM8IYYlSOyYbozxiyvSGNd1AIH0
3Qf572SxrcjIe4v8VgZw30lD0RghHY475ok1lRXa8RucG5atqeG2GKWNJcR/73En
hX2eisn3iIWqS4vD1/brKqaCcSKh2OyK0otg/TlZolgj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org