Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7aQ-uEKJR2hOVD6Y05HCfD5dLbM.roa
File:                     7aQ-uEKJR2hOVD6Y05HCfD5dLbM.roa (raw, json)
Hash identifier:          cJ5INA2apmMQt22uXVtD/dDbB1DDTKtzO7SFLGBPQw4=
Subject key identifier:   ED:A4:3E:B8:42:89:47:68:4E:54:3E:98:D3:91:C2:7C:3E:5D:2D:B3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018930FFAE632320D6997E2F1D941A07243F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7aQ-uEKJR2hOVD6Y05HCfD5dLbM.roa
Signing time:             Fri 07 Jul 2023 15:36:49 +0000
ROA not before:           Fri 07 Jul 2023 15:36:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147291
IP address blocks:        89.213.5.0/24 maxlen: 24
                          89.213.135.0/24 maxlen: 24
                          89.213.136.0/24 maxlen: 24
                          89.213.133.0/24 maxlen: 24
                          89.213.134.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.139.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24
                          89.213.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 30 Jul 2023 08:59:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:30:ff:ae:63:23:20:d6:99:7e:2f:1d:94:1a:07:24:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jul  7 15:36:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eda43eb8428947684e543e98d391c27c3e5d2db3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ae:5f:39:f7:86:84:66:cc:b9:d7:06:62:40:
                    a5:53:67:20:df:3f:4b:c5:92:70:95:ee:47:49:3c:
                    e1:08:b4:1f:0a:ac:13:ba:56:cf:8f:c3:7e:a7:85:
                    cb:5e:79:25:ff:52:14:e4:df:26:b8:55:e1:42:aa:
                    e0:92:fe:d4:85:66:ff:aa:98:f2:36:25:3a:95:ec:
                    14:0a:86:ef:c7:d2:5e:ea:eb:b4:4b:59:4f:de:4b:
                    bb:30:c7:fe:92:a2:2b:37:d5:06:68:1d:79:6a:4f:
                    f7:f1:35:6d:aa:18:f7:4e:8b:57:8a:b2:8a:58:6c:
                    b4:fc:71:da:72:4c:fd:a0:6b:3a:db:d7:3f:74:95:
                    2f:ce:77:a3:cc:20:4c:4f:f3:13:b3:b5:f3:5a:ff:
                    0b:63:db:fb:12:3c:0d:c1:e6:b0:13:05:ad:b0:d2:
                    7e:ab:79:6e:24:60:10:cd:9a:a3:a4:c1:97:ed:26:
                    44:91:c5:04:e3:ee:7d:5e:ae:64:c2:7e:bb:a3:6e:
                    d3:b9:37:93:7f:ad:82:53:f2:32:b0:1f:65:95:f1:
                    ac:8a:b6:14:f7:37:fa:74:27:ab:8d:a7:ff:49:c1:
                    85:dc:e6:fd:ae:0a:70:06:03:1b:01:90:a2:21:fd:
                    2e:5e:da:10:c7:5d:40:bb:46:7a:02:30:15:55:2c:
                    6c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:A4:3E:B8:42:89:47:68:4E:54:3E:98:D3:91:C2:7C:3E:5D:2D:B3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7aQ-uEKJR2hOVD6Y05HCfD5dLbM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.5.0/24
                  89.213.133.0-89.213.139.255
                  89.213.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:8f:d1:cf:17:72:74:63:84:0d:ec:3d:02:1e:65:1e:7d:f8:
         f1:a3:a2:fe:4a:9c:51:5a:c2:e1:ca:9d:83:9b:f3:3a:8e:c6:
         4b:f1:1f:2e:b9:3e:25:4f:80:5f:14:3a:7c:7c:2c:48:61:b0:
         71:39:40:b0:f2:e9:38:dd:2b:a5:31:dd:bb:b4:49:c2:91:af:
         4c:43:a4:45:43:ef:97:87:ff:cb:bf:a4:9b:18:89:f1:f5:86:
         8f:b8:6e:71:41:9b:fc:f3:ed:c1:31:e2:a1:62:a3:78:05:20:
         fc:16:4a:8b:bc:3b:9a:fe:56:f3:54:ae:3a:c3:65:11:7a:89:
         7e:87:49:26:b4:e3:17:3d:05:87:b4:92:cc:63:82:aa:10:d0:
         e0:9e:7d:53:b3:b8:8b:dc:6f:7c:82:fd:b4:0b:e9:a4:a7:70:
         56:e8:e3:70:eb:64:2a:88:89:77:ba:c6:b7:41:00:6e:2a:b2:
         fe:6f:cc:0c:8a:2b:0f:f8:f5:de:aa:00:24:80:ff:c1:d4:3c:
         f5:a8:df:35:a6:2c:35:99:c1:4a:b7:38:dc:20:7f:77:00:9b:
         e1:f1:86:06:f1:e6:e6:99:ba:5c:97:a1:65:86:fa:7b:3c:90:
         a7:93:d7:ab:aa:39:76:20:65:89:39:fe:4b:17:2d:da:d7:6d:
         fa:8f:97:43
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYkw/65jIyDWmX4vHZQaByQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA3MTUzNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGE0M2ViODQyODk0NzY4NGU1NDNlOThkMzkxYzI3YzNlNWQyZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK5fOfeGhGbMudcGYkClU2cg3z9L
xZJwle5HSTzhCLQfCqwTulbPj8N+p4XLXnkl/1IU5N8muFXhQqrgkv7UhWb/qpjy
NiU6lewUCobvx9Je6uu0S1lP3ku7MMf+kqIrN9UGaB15ak/38TVtqhj3TotXirKK
WGy0/HHackz9oGs629c/dJUvznejzCBMT/MTs7XzWv8LY9v7EjwNweawEwWtsNJ+
q3luJGAQzZqjpMGX7SZEkcUE4+59Xq5kwn67o27TuTeTf62CU/IysB9llfGsirYU
9zf6dCerjaf/ScGF3Ob9rgpwBgMbAZCiIf0uXtoQx11Au0Z6AjAVVSxstQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFO2kPrhCiUdoTlQ+mNORwnw+XS2zMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN2FRLXVFS0pSMmhPVkQ2WTA1SENmRDVkTGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWdUFMAwD
BABZ1YUDBAJZ1YgDBABZ1ZkwDQYJKoZIhvcNAQELBQADggEBAF+P0c8XcnRjhA3s
PQIeZR59+PGjov5KnFFawuHKnYOb8zqOxkvxHy65PiVPgF8UOnx8LEhhsHE5QLDy
6TjdK6Ux3bu0ScKRr0xDpEVD75eH/8u/pJsYifH1ho+4bnFBm/zz7cEx4qFio3gF
IPwWSou8O5r+VvNUrjrDZRF6iX6HSSa04xc9BYe0ksxjgqoQ0OCefVOzuIvcb3yC
/bQL6aSncFbo43DrZCqIiXe6xrdBAG4qsv5vzAyKKw/49d6qACSA/8HUPPWo3zWm
LDWZwUq3ONwgf3cAm+Hxhgbx5uaZulyXoWWG+ns8kKeT16uqOXYgZYk5/ksXLdrX
bfqPl0M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org